ZXR10 2900 Series User Manual
150
Confidential and Proprietary Information of ZTE CORPORATION
abbreviation for the destination 0.0.0.0 and the wildcard
255.255.255.255.
dscp: the parameter is optional. The packet can be classi-
�
fied by the DSCP value and the range is 0~63.
fragment: it is only available in fragment packet.
�
Creating an extended ACL instance means entering the config-
uration mode of this instance, that is , extended ACL configu-
ration mode.
8. To configure a L2 ACL rule, use the following command.
Command
rule <rule-id>{permit |
zte(cfg)#
deny}{arp | ip | other | any}[cos<0
-7>][<source-vlanid>]{<source-mac
wildcard>| any |<destination-mac
wildcard>| any}
rule-id: designate the sub-item of the access control list
�
and the range is 1~500.
arp, ip, other, any: protocol type of the Ethernet frame,
�
other represents any Ethernet protocol type except ip and
arp, any represents any Ethernet type.
cos: 802.1p priority, the range is 0~7.
�
source-vlanid: the source VLAN of the packet.
�
source-mac: the source MAC address of the packet, any
�
represents any MAC address.
source-mac wildcard: wildcard of source MAC address of
�
packet.
destination-mac: the destination MAC of the packet.
�
destination-mac wildcard: the destination MAC address of
�
the packet. Any represents any source MAC address.
Creating a L2 ACL instance means entering the configuration
mode of this instance, that is , L2 ACL configuration mode.
9. To configure a Hybrid ACL rule, use the following command.
Command
rule <rule-id>{permit |
zte(cfg)#
deny}{<ip-protocol>| ip | tcp | udp
| arp | any || all}{<source-ipaddr
wildcard>|any}{<destination-ipaddr
wildcard>| any}[dscp<0-63>][fragmen
t][cos<0-7>][<source-vlanId>][<source
-mac wildcard>| any][<destination-mac
wildcard>| any]
rule-id: designate the sub-item of the access control list
�
and the range is 1~500.
ip-protocol, ip, tcp, udp, arp, any, all: the matching proto-
�
col. It can be one of the above keyword ip, tcp, udp and
arp or an integer representing IP protocol number from 0
Function
This configures a L2
ACL rule.
Function
This configures a
Hybrid ACL rule.