EasyManuals Logo

Huawei Quidway S3500 Series User Manual

Huawei Quidway S3500 Series
671 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #335 background imageLoading...
Page #335 background image
Operation Manual - QoS/ACL
Quidway S3500 Series Ethernet Switches Chapter 1 ACL Configuration
Huawei Technologies Proprietary
1-9
S3526 has some restrictions on ACL configuration in implementing QOS function using
traffic classification. The restriction details are listed in the following table.
Table 1-9 ACL configuration restriction for QoS function on S3526
QoS
function
Implementation Restrictions on ACL configuration
Packet
filter
packet-filter
{ ip-group
{ acl-number |
acl-name } [ rule
rule ] | link-group
{ acl-number |
acl-name } [ rule
rule ] }
Packet filter only supports using the ACL of deny
operation.
The Layer-2 ACL supports using the rules of
MAC-MAC, MAC-PORT, PORT-PORT,
MAC-ANY, ANY-MAC, PORT-ANY and
ANY-PORT.
The Layer-3 ACL supports using the rules of
IP-IP, IP-NET, NET-NET, IP-ANY, ANY-IP,
NET-ANY and ANY-NET.
Note:
z The Layer-3 ACL includes the advanced ACL.
z In the description of the rules: MAC----MAC address, PORT----the switch port,
IP----the host IP address, ANY----any MAC address in Layer-2 ACL and any IP
address in Layer-3 ACL, NET----the segment IP address. The MAC, IP, ANY, NET
and PORT before the character “-” represent the source addresses or receive port;
the ones behind are the destination addresses or transmit port.
z MAC-MAC stands for a Layer-2 ACL rule from source MAC address to destination
MAC address, such as “rule 0 permit ingress 00e0-fc01-0101 1 egress
00e0-fc01-0102 1 time-range huawei ”.
z PORT-PORT stands for a Layer-2 ACL rule from received ethernet port to sent
ethernet port, such as “rule 0 permit ingress interface ethernet0/1 egress interface
ethernet 0/2 time-range huawei ”.
z MAC-PORT stands for a Layer-2 ACL rule from source MAC address to sent
ethernet port, such as “rule 0 permit ingress 00e0-fc01-0101 1 egress interface
ethernet 0/1 time-range huawei ”.
z IP-IP stands for lay-3 ACL rules from source host IP address to destination host IP
address (the wildcard parameter can only be 0) , such as “rule 0 permit ip source
1.1.1.1 0 destination 2.2.2.2 0 time-range huawei”.
z NET-NET stands for lay-3 ACL rules from source segment IP address to destination
segment IP address (the wildcard parameter can not be 0), such as “rule 0 permit ip
source 1.1.1.1 0.0.255.255 destination 2.2.2.2 0.0.255.255 time-range huawei”.
z MAC-any stands for lay-2 ACL rule from source MAC address to any destination
MAC address, such as “rule 0 permit ingress 00e0-fc01-0101 1 egress any
time-range huawei”, and so do any-MAC, IP-any, any-IP, NET-any and any-NET
rules.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Huawei Quidway S3500 Series and is the answer not in the manual?

Huawei Quidway S3500 Series Specifications

General IconGeneral
BrandHuawei
ModelQuidway S3500 Series
CategoryNetwork Router
LanguageEnglish

Related product manuals