3Com 8807 Configuration Manual page 216

Hide thumbs Also See for 8807:

Command reference manual (1099 pages)

Installation manual (104 pages)

Product manual (15 pages)

Table of Contents

24: VLAN-ACL C

ONFIGURATION

Table 183 Configure a VLAN-ACL

Configuration step Command

Tag priority for

Configure packet

Configure traffic

Configure traffic

Quit VLAN view

Enter Ethernet port

manually QACL

configuration to

specified ports

View the ports to

which the VLAN-ACL

configuration is

synchronized in the

The VLAN-ACL configuration is subject to the following limitations:

1 Limitations on flow templates:

The system only applies VLAN-ACL to ports with the default flow template

applied. The applied ACL rule field must be specified by the default flow

If no port in a VLAN has ACL rules applied to, the system checks all ports in the

VLAN when applying an ACL rule in VLAN view and prohibits the ACL rule from

being applied if a port in the VLAN has a customized flow template applied to.

If a VLAN-ACL is applied to some of the ports in a VLAN, a port with a

customized flow template applied to can be added to the VLAN. But the

system will fail to apply the VLAN-ACL to the newly added port. That is, you

can apply the VLAN-ACL in VLAN view to all the ports in the VLAN except the

traffic-priority inbound ip-group {

acl-number | acl-name } [ rule rule [

system-index index ] ] { auto |

remark-policed-service { trust-dscp | dscp

dscp-value | untrusted dscp dscp-value cos

cos-value local-precedence local-precedence

drop-priority drop-level } }

traffic-redirect inbound ip-group {

acl-number | acl-name } [ rule rule [

system-index index ] ] { cpu | next-hop

ip-addr1 [ ip-addr2 ] [ invalid { forward |

mirrored-to inbound ip-group {

acl-number | acl-name } [ rule rule [

system-index index ] ] cpu

traffic-statistic inbound ip-group {

acl-number | acl-name } [ rule rule [

system-index index ] ] [ tc-index index ]

interface interface-type interface-number

port can-access vlan-acl vlan vlan-id

display vlan-acl-member-ports vlan

When executed in

VLAN view, the

traffic-redirect

command only redirects

packets to the next hop

and CPU instead of

ports or service

processor cards. In this

case, the nested-vlan

or modified-vlan

keyword are not

The port type can only

be Ethernet.

You can use this

command in any view.

Show Quick Links

Quick Links:
Setting up Configuration Environment through the...

Table of Contents

Troubleshooting

3Com 8807 Configuration Manual page 216

Hide quick links:

Troubleshooting

Related Manuals for 3Com 8807

Related Products for 3Com 8807

This manual is also suitable for:

Table of Contents