Zte ZXR10 2910E-PS Configuration Manual page 89

Zxr10 2900e series easy-maintenance secure switch

Hide thumbs Also See for ZXR10 2910E-PS:

Command reference manual (692 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

page of 266

/ 266
Contents
Table of Contents
Bookmarks

Table of Contents

source port number, UDP destination port number, ICMP type, ICMP Code and

DiffServ Code Point (DSCP).

8. L2 egress ACL: Match destination MAC address, source VLAN ID and 802. 1p

priority value, Ethernet network type and DSAP/SSAP.

9. Hybrid egress ACL: Match Source IPv4/IPv6 address, destination IPv4/IPv6

address, IP protocol type, TCP source port number, TCP destination port number,

UDP source port number, UDP destination port number, DiffServ Code Point

(DSCP), source MAC address, destination MAC address, source VLAN ID and

802. 1p priority value.

Each ACL has an access list number to identify. The access list number is a number.

The access list number ranges of different types of ACL are shown below:

1. Basic ingress ACL: 1~99

2. Extended ingress ACL: 100~199

3. L2 ingress ACL: 200~299

4. Hybrid ingress ACL: 300~399, support IPv6

5. Basic egress ACL: 400~499

6. Extended egress ACL: 500~599

7. L2 egress ACL: 600-699

8. Hybrid egress ACL:700~799, supports IPv6

9. Global ACL: 800

Each ACL has at most 500 rules and the range is 1-500.

Configuring ACL

The ACL configuration includes the following commands:

Command

zte(cfg)#set port <portlist> acl mode {port | vlan}

zte(cfg)#set port <portlist> acl <1-799>{enable | disable}

zte(cfg)#set vlan <vlanlist> acl <1-399>{enable | disable}

zte(cfg)#set acl <1-799> rule <1-500> time-range <word>{enable|disable}

zte(cfg)#create acl <1-800> name <name>

zte(cfg)#clear acl-name <1-800>

zte(cfg)#show port <portlist> acl-mode

zte(cfg)#config ingress-acl basic number <1-99>

zte(basic-acl-group)#rule <1-500>{permit | deny}{<source-ipaddr><sip-ma

sk>| any}[fragment]

zte(cfg)#clear ingress-acl basic number <1-99>

zte(cfg)#config ingress-acl extend number <100-199>

SJ-20120409144109-002|2012-07-02(R1.0)

Chapter 4 Service Configuration

Function

Sets port ACL binding mode.

Binds ACL instance to the port.

Binds ACL instance to the VLAN.

Executes an ACL action in a specific

time range.

Creates an ACL name.

Clears an ACL name.

Displays port ACL binding mode.

Creates and configures a basic ingress

ACL instance.

Sets a basic ingress ACL rule.

Clears a basic ingress ACL instance.

Creates and configures an extended

port ACL instance.

4-43

ZTE Proprietary and Confidential

Table of Contents

Show Quick Links

Quick Links:
Configuration Guide
Figure 2-1 Zxr10 2900E Configuration Modes
Command Modes
Port Configuration

Hide quick links:

Chapters

Table of Contents

This manual is also suitable for:

Zxr10 2928e Zxr10 2952e Zxr10 2918e-ps Zxr10 2918e Zxr10 2928e-ps

Zte ZXR10 2910E-PS Configuration Manual page 89

Hide quick links:

Chapters

Related Manuals for Zte ZXR10 2910E-PS

Related Products for Zte ZXR10 2910E-PS

This manual is also suitable for:

Table of Contents