Huawei Quidway S3900 Series - Acl Configuration Example; Advanced Acl Configuration Example

To Next Page

To Previous Page

Operation Manual – ACL

Quidway S3900 Series Ethernet Switches-Release 1510 Chapter 1 ACL Configuration

Huawei Technologies Proprietary

1-17

The display acl command displays matched information processed by the software of

the switch. To view the statistics of data forwarded by the hardware of the switch, use

the display qos-interface traffic-statistic command.

1.9 ACL Configuration Example

1.9.1 Advanced ACL Configuration Example

I. Network requirements

Different departments of an enterprise are interconnected on the intranet through the

ports of a switch. The IP address of the wage query server is 192.168.1.2. Devices of

the R&D department are connected to the GigabitEthernet1/1/1 port of the switch.

Apply an ACL to deny requests sourced from the R&D department and destined for the

wage server during the working hours (8:00 to 18:00).

II. Network diagram

R&D Dept

Wage query server

192.168.1.2

Switch

To router

Figure 1-1 Network diagram for advanced ACL configuration

III. Configuration procedure

 Note:

Only the commands related to the ACL configuration are listed below.

1) Define the time range

# Define a time range that contain a periodic time section from 8:00 to 18:00.

<Quidway> system-view

[Quidway] time-range test 8:00 to 18:00 working-day

2) Define an ACL for filtering requests destined for the wage server.

# Create ACL 3000.

[Quidway] acl number 3000

Other manuals for Huawei Quidway S3900 Series