EasyManua.ls Logo

HPE FlexNetwork 5510 HI Series - Configuring an Ethernet Frame Header ACL

HPE FlexNetwork 5510 HI Series
114 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
7
Step Command Remarks
syn-value |
urg
urg-value } * |
established
} |
counting
|
destination
{ dest-address
dest-prefix |
dest-address/dest-prefix |
any
} |
destination-port
operator port1 [ port2 ] |
dscp
dscp |
flow-label
flow-label-value |
fragment
|
icmp6-type
{ icmp6-type
icmp6-code |
icmp6-message } |
logging
|
routing
[
type
routing-type ] |
hop-by-hop
[
type
hop-type ]
|
source
{ source-address
source-prefix |
source-address/source-prefix
| any
} |
source-port
operator
port1 [ port2 ] |
time-range
time-range-name |
vpn-instance
vpn-instance-name ] *
module (for example, packet filtering) that uses the
ACL supports logging.
If an ACL is for QoS traffic classification or packet
filtering:
Do not specify the fragment keyword.
Do not specify neq for the operator argument.
Do not specify the vpn-instance, routing,
hop-by-hop, or flow-label keyword if the ACL
is for outbound application.
Do not specify ipv6-ah for the protocol
argument, nor set its value to 0, 43, 44, 51, or
60, if the ACL is for outbound application.
6. (Optional.) Add
or edit a rule
comment.
rule
rule-id
comment
text By default, no rule comments are configured.
NOTE:
If an ACL is to match information in the IPv6 packet payload, it can only match packets with one
extension header. It cannot match packets with two or more extension headers or with the
Encapsulating Security Payload Header.
Configuring an Ethernet frame header ACL
Ethernet frame header ACLs, also called "Layer 2 ACLs," match packets based on Layer 2 protocol
header fields, such as:
Source MAC address.
Destination MAC address.
802.1p priority (VLAN priority).
Link layer protocol type.
To configure an Ethernet frame header ACL:
Step Command Remarks
1. Enter system view.
system-view N/A
2. Create an Ethernet frame
header ACL and enter its
view.
acl number
acl-number [
name
acl-name ] [
match-order
{
auto
|
config
} ]
By default, no ACL exists.
Ethernet frame header ACLs are
numbered in the range of 4000 to
4999.
You can use the
acl
name
acl-name command to enter the
view of a named ACL.
3. (Optional.) Configure a
description for the Ethernet
description
text
By default, an Ethernet frame
header ACL has no ACL

Table of Contents

Other manuals for HPE FlexNetwork 5510 HI Series

Preview: Configuration Guide
Configuration Guide572 pages
Preview: Fundamentals Configuration Guide
Fundamentals Configuration Guide209 pages
Preview: Network Management And Monitoring Configuration Guide
Network Management And Monitoring Configuration Guide331 pages
Preview: Security Configuration Guide
Security Configuration Guide551 pages
Preview: Layer 3 - Ip Routing Configuration Guide
Layer 3 - Ip Routing Configuration Guide486 pages
Preview: Macsec Configuration Guide
Macsec Configuration Guide27 pages
Preview: Mpls Configuration Guide
Mpls Configuration Guide505 pages
Preview: Openflow Configuration Guide
Openflow Configuration Guide39 pages

Related product manuals