Extreme Networks ExtremeWare XOS Guide Manual page 267
Concepts guide
Hide thumbs
Also See for ExtremeWare XOS Guide:
- Command reference manual (2024 pages) ,
- Manual (496 pages) ,
- Command reference manual (970 pages)
Table of Contents
Advertisement
Table 34: ACL match conditions (Continued)
Match Conditions
ICMP-code <number>
IP-TOS <number>
(BlackDiamond 10K Only)
DSCP <number>
(BlackDiamond 10K Only)
1. You can not specify an IPv6 address with a 128-bit mask (host entry) for the Summit X450.
NOTE
Directed ARP response packets cannot be blocked with ACLs from reaching the CPU and being learned on the
BlackDiamond 8800 family and Summit X450 switches.
Along with the data types described in
match conditions. For example, the match condition,
source port greater than 190. Be sure to use a space before and after an operator.
ExtremeWare XOS 11.3 Concepts Guide
Description
ICMP code field. This value or keyword provides more specific
information than the icmp-type. Because the value's meaning
depends upon the associated icmp-type, you must specify the
icmp-type along with the icmp-code. In place of the numeric
value, you can specify one of the following text synonyms (the
field values also listed); the keywords are grouped by the ICMP
type with which they are associated:
Parameter-problem:
ip-header-bad(0), required-option-missing(1)
Redirect:
redirect-for-host (1), redirect-for-network (2), redirect-for-tos-
and-host (3), redirect-for-tos-and-net (2)
Time-exceeded:
ttl-eq-zero-during-reassembly(1), ttl-eq-zero-during-transit(0)
Unreachable:
communication-prohibited-by-filtering(13), destination-host-
prohibited(10), destination-host-unknown(7), destination-
network-prohibited(9), destination-network-unknown(6),
fragmentation-needed(4), host-precedence-violation(14), host-
unreachable(1), host-unreachable-for-TOS(12), network-
unreachable(0), network-unreachable-for-TOS(11), port-
unreachable(3), precedence-cutoff-in-effect(15), protocol-
unreachable(2), source-host-isolated(8), source-route-failed(5)
IP TOS field. In place of the numeric value, you can specify one
of the following text synonyms (the field values are also listed):
minimize-delay 16 (0x10), maximize-reliability 4(0x04),
minimize-cost2 (0x02), and normal-service 0(0x00)
Differentiated Service Code Point. The DiffServ protocol uses
the type of service (TOS) byte in the IP header, and the most
significant six bits of this type form the DSCP. In place of the
numeric value, you can specify one of the following text
synonyms (the field values are also listed):
The Expedited Forwarding RFC defines one code point: ef(46)
The Assured Forwarding RFC defines 4 classes, with 3 drop
precedences in each class, for a total of 12 code points:
af11(10), af12(12), af13(14), af21(18), af22(20), af23(22),
af31(26), af32(28),af33(30), af41(34), af42(36), af43(38)
Table
35, you can use the operators
source-port > 190
Applicable
IP Protocols/
Direction
ICMP/Ingress
and Egress
All IP/
Ingress and
Egress
All IP/
Ingress only
,
,
, and
to specify
<
<=
>
>=
, will match packets with a
ACLs
267
Advertisement
Chapters
Table of Contents
Troubleshooting
Related Manuals for Extreme Networks ExtremeWare XOS Guide
Related Products for Extreme Networks ExtremeWare XOS Guide
- Extreme Networks ExtremeWare Command
- Extreme Networks ExtremeWare Enterprise Manager
- Extreme Networks EPICenter Guide
- Extreme Networks ExtremeXOS ScreenPlay
- Extreme Networks ExtremeWireless AP460i
- Extreme Networks ExtremeWireless AP460e
- Extreme Networks ExtremeSwitching X440-G2-24p-10GE4
- Extreme Networks ExtremeSwitching X440-G2-24t-10GE4-DC
- Extreme Networks ExtremeSwitching X440-G2-24fx-GE4
- Extreme Networks ExtremeSwitching X450-G2-24p-GE4
- Extreme Networks ExtremeSwitching X450-G2-24p-10GE4
- Extreme Networks ExtremeSwitching X460-G2-24t-10GE4
- Extreme Networks ExtremeSwitching X460-G2-24p-GE4
- Extreme Networks ExtremeSwitching X620-16x
- Extreme Networks ExtremeSwitching X670-G2-48x-4q
- Extreme Networks ExtremeSwitching X620-8t-2x