ip address 129.39.10.8 255.255.255.0
zone external
#
return
10.6.3 Example for Using a Layer 2 ACL to Configure Traffic
Classification
A Layer 2 ACL is used to configure traffic classification to collect statistics on packets with the
specified source MAC address.
Networking Requirements
As shown in Figure 10-3, the MAC address of PC1 is 0000-0000-0003 and PC1 is connected
to Ethernet0/0/0 of the Router through the switch. The Router is required to collect statistics on
packets with the source MAC address 0000-0000-0003.
Figure 10-3 Using a Layer 2 ACL to configure traffic classification
Switch
PC1
Router
MAC: 0000-0000-0003
VLAN 20
Internet
Ethernet0/0/0
Configuration Roadmap
The configuration roadmap is as follows:
1. Configure a Layer 2 ACL to match packets with the source MAC address 0000-0000-0003.
2. Configure traffic classification based on the Layer 2 ACL.
3. Configure a traffic behavior to collect statistics on the classified packets.
4. Configure a traffic policy and bind the traffic classifier and traffic behavior to the traffic
policy.
Data Preparation
To complete the configuration, you need the following data:
l VLAN that the interface connecting the Router and the switch belong to: VLAN 20
l Layer 2 ACL name: layer2
l Traffic classifier name: c1
l Traffic behavior name: b1
l Traffic policy name: p1
Huawei AR1200-S Series Enterprise Routers
Configuration Guide - Security 10 ACL Configuration
Issue 02 (2012-03-30) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
214
To Next Page
Loading...
