To Next Page

To Previous Page

Step Command Remarks

syn-value |

urg

urg-value } * |

established

} |

counting

destination

{ dest-address

dest-prefix |

dest-address/dest-prefix |

any

} |

destination-port

operator port1 [ port2 ] |

dscp

dscp |

flow-label

flow-label-value |

fragment

icmp6-type

{ icmp6-type

icmp6-code |

icmp6-message } |

logging

routing

[

type

routing-type ] |

hop-by-hop

[

type

hop-type ]

source

{ source-address

source-prefix |

source-address/source-prefix

| any

} |

source-port

operator

port1 [ port2 ] |

time-range

time-range-name |

vpn-instance

vpn-instance-name ] *

module (for example, packet filtering) that uses the

ACL supports logging.

If an ACL is for QoS traffic classification or packet

filtering:

• Do not specify the fragment keyword.

• Do not specify neq for the operator argument.

•

Do not specify the vpn-instance, routing,

hop-by-hop, or flow-label keyword if the ACL

is for outbound application.

• Do not specify ipv6-ah for the protocol

argument, nor set its value to 0, 43, 44, 51, or

60, if the ACL is for outbound application.

6. (Optional.) Add

or edit a rule

comment.

rule

rule-id

comment

text By default, no rule comments are configured.

NOTE:

If an ACL is to match information in the IPv6 packet payload, it can only match packets with one

extension header. It cannot match packets with two or more extension headers or with the

Encapsulating Security Payload Header.

Configuring an Ethernet frame header ACL

Ethernet frame header ACLs, also called "Layer 2 ACLs," match packets based on Layer 2 protocol

header fields, such as:

• Source MAC address.

• Destination MAC address.

• 802.1p priority (VLAN priority).

• Link layer protocol type.

To configure an Ethernet frame header ACL:

Step Command Remarks

1. Enter system view.

system-view N/A

2. Create an Ethernet frame

header ACL and enter its

view.

acl number

acl-number [

name

acl-name ] [

match-order

{

auto

config

} ]

By default, no ACL exists.

Ethernet frame header ACLs are

numbered in the range of 4000 to

4999.

You can use the

acl

name

acl-name command to enter the

view of a named ACL.

3. (Optional.) Configure a

description for the Ethernet

description

text

By default, an Ethernet frame

header ACL has no ACL

Brand	HPE
Model	FlexNetwork 5510 HI Series
Category	Switch
Language	English

HPE FlexNetwork 5510 HI Series Acl And Qos Configuration Guide

Table of Contents

Other manuals for HPE FlexNetwork 5510 HI Series

Questions and Answers:

HPE FlexNetwork 5510 HI Series Specifications

Related product manuals