Layer 2 Acl Configuration Example - H3C S7500 Series Operation Manual
Hide thumbs
Also See for S7500 Series:
- Installation manual (79 pages) ,
- Operation manual (47 pages) ,
- Command manual (39 pages)
Table of Contents
Advertisement
Operation Manual – ACL
H3C S7500 Series Ethernet Switches
1.11.3 Layer 2 ACL Configuration Example
I. Network requirements
Through Layer 2 ACL configuration, packets with the source MAC address of
0011-0011-0101 and destination MAC address of 0011-0011-0303 are to be filtered
within the time range from 8:00 to 18:00 everyday. Apply this ACL on Ethernet 2/0/1.
II. Network diagram
PC1
0011-0011-0011
PC2
Figure 1-3 Network diagram for Layer 2 ACL configuration
III. Configuration procedure
Note:
Only the commands related to the ACL configuration are listed below.
1)
Define the time range
# Define the periodic time range from 8:00 to 18:00 everyday.
<H3C> system-view
[H3C] time-range test 8:00 to 18:00 daily
2)
Define an ACL rule for packets with the source MAC address of 0011-0011-0101
and destination MAC address of 0011-0011-0303.
# Create ACL 4000 and enter ACL 4000 view.
[H3C] acl number 4000
# Define an ACL rule to deny packets with the source MAC address of 0011-0011-0101
and destination MAC address of 0011-0011-0303, specifying the time range named
test for the ACL rule.
[H3C-acl-link-4000] rule 1 deny ingress 0011-0011-0101 ffff-ffff-ffff egress
0011-0011-0303 ffff-ffff-ffff time-range test
[H3C-acl-link-4000] quit
3)
Apply the ACL on a port.
Eth2/0/1
Switch
1-25
Chapter 1 ACL Configuration
To the router
Advertisement
Chapters
Table of Contents
Troubleshooting
