Operation Manual - QoS/ACL
Quidway S3000-EI Series Ethernet Switches Chapter 1
ACL Configuration
Huawei Technologies Proprietary
1-6
th r
1
III.
The rules of Layer-2 ACL are defined on the basis of the Layer-2 information such as
ource MAC address, source VLAN ID, Layer-2 protocol type, Layer-2 ports receiving
ckets.
e mnemonic symbols as sho
79 used by BGP.
rtcut. For example, “bgp” can represent the TCP numbe
Defining the Layer-2 ACL
s
and forwarding the packet and destination MAC address to process the data pa
You can use the following command to define the numbered Layer-2 ACL.
Perform the following configuration in corresponding view.
Table 1-6 Defining the Layer-2 ACL
Operation Command
Enter Layer-2 ACL view(fr
system view)
om acl { number acl-number | name acl-name
link } [ match-order { config | auto } ]
Add a sub-item to the ACL(from
rule [ rule-id ] { permit | deny } [ protocol ]
[ cos vlan-pri ] [ ingress { { { source-vlan-id |
source-mac-addr source-mac-wildcard } |
interface { interface-name | interface-type
Layer-2 ACL view)
interface-num } }* | any } ] [
{ { dest-mac-addr dest-mac-wild
egress
card |
e | interface-type
y } ] [ time-range name ]
interface { interface-nam
interface-num } }* | an
Delete a sub-item from the
ACL(from Layer-2 ACL view)
undo rule rule-id
Delete on all the undo acl { nu umber | name e ACL or
ACL(from system view)
mber acl-n
acl-name | all }
Layer-2 ACL can be identified with nu
T
E ch.
IV. Defining the user-defined ACL
T es in the first 80 bytes of the Layer-2 data frame
w by th cesses them accordingly. To
c
fr
SNAP+tag format with the 802.3 standard. (Every letter represents a hexadecimal
umber and every two letters are one byte.)
mbers ranging from 4000 to 4999.
d specifies the Layer-2 interface, such as the
he interface in the above comman
thernet port of a swit
he user-defined ACL matches any byt
ith the character string defined
e user and then pro
orrectly use the user-defined ACL, y
ame structure. The figure below sho
ou are required to understand the Layer-2 data
ws the first 64 bytes of the Layer-2 data frame of
n
To Next Page
Loading...
Need help?
General