1. Manuals
  2. Brands
  3. Alcatel Manuals
  4. Network Router
  5. Router
  6. User manual

Configure Policy Ip_Access_List - Alcatel Router User Manual

Hide thumbs
Table of Contents

Advertisement

Chapter : Policy Commands

configure policy ip_access_list

This command configures the IP access list for routes.
Ip access lists are used for matching any type of route prefix. An IP access list is said to succeed if
any "permit" line in the list matches, or fails, if any "deny" line matches. Matching proceeds
sequentially and stops at the first match. A line in an IP access list is said to match according to the
rules listed below.
network netmask
Matches addresses as follows: The bits in the address part of the route being masked that are not
covered by "one" bits in net mask must be equal to the corresponding bits in networkt. The "one"
bits in net mask are sometimes referred to as "don't care" bits, because the policy engine does not
care what their values are.
network netmask mask maskmask
Matches addresses as follows: The first pair of parameters (network, maskmask) match the
address part of the route just as in the previous (network netmask) form. The second pair of
parameters (mask, jaskmask) are used to match against the mask part of the route being matched
in a similar fashion. That is, the route is matched if the address part matches and the bits in the
mask that are not covered by "one" bits in net mask are equal to the corresponding bits in mask.
If neither permit nor deny is specified, the default is permit. All kinds of access_list entries may be
mixed freely within a list, and there are no restrictions on what the access_list number may be. Any
number of IP access list lines may be declared. They are evaluated in the order declared.
parameter
definition
access_list
Access list number
The range is 1 - 99
number
Sequence to insert to or delete from an existing access list entry.
The range is 0 - 65535.
action
deny
Route map deny set operation.
permit
Route map permit set operation.
network
Network route (IP address in dotted notation)
netmask
Network mask as wildcard bits (IP address in dotted notation)
mask
Network route's mask (IP address in dotted notation)
maskmask
Wildcard mask for network route's mask ( in dotted notation)
syntax:
[ no ] policy ip_access_list access_list < n > number < n > action < deny | permit > [ network < IP
address > ] [ netmask < IP address > ] [ mask < IP address > ] [ maskmask < IP address > ]
example:
-
/configure> policy ip_access_list 1 1 permit network 10.0.0.0 netmask 0.255.255.255
Alcatel
host
This example permits prefixes 10.0.0.0/8, 10.0.0.0/9 and so on.
21
Router User Guide
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Alcatel Router

Related Content for Alcatel Router

Table of Contents