Huawei Quidway S8500 Series - Chapter 4 VLAN-ACL Configuration Commands; VLAN-ACL Configuration Commands; Mirrored-To

To Next Page

To Previous Page

Command Manual – QoS/ACL

Quidway S8500 Series Routing Switches Chapter 4 VLAN-ACL Configuration Commands

Huawei Technologies Proprietary

4-1

Chapter 4 VLAN-ACL Configuration Commands

4.1 VLAN-ACL Configuration Commands

The VLAN-ACL configuration is subject to the following limitations:

1) Limitations on flow templates:

z The system only applies VLAN-ACL to ports with the default flow template applied.

The applied ACL rule field must be specified by the default flow template.

z If no port in a VLAN has ACL rules applied to, the system checks all ports in the

VLAN when applying an ACL rule in VLAN view and prohibits the ACL rule from

being applied if a port in the VLAN has a customized flow template applied to.

z If a VLAN-ACL is applied to some of the ports in a VLAN, a port with a customized

flow template applied to can be added to the VLAN. But the system will fail to apply

the VLAN-ACL to the newly added port. That is, you can apply the VLAN-ACL in

VLAN view to all the ports in the VLAN except the newly added one. However,

when the self-defined flow template is deleted under the port, the system will apply

QACL rules in the VLAN to the new port automatically.

z You will fail to apply the self-defined flow template of a port with a VLAN-ACL

already applied to a customized flow template.

2) If both a VLAN and one of its ports have QACL rules applied, only those applied to

the port work. In this case, the VLAN-ACL takes effect only after the QACL rules

applied to the port are removed and the flow template applied to the port changes

to the default flow template.

3) When the VLAN contains no ports, the system is prohibited from applying

VLAN-ACL (including adding and deleting rules).

4) Two ports differing in VLAN-ACL configuration cannot be aggregated dynamically.

5) A VLAN-ACL is prohibited from being applied to a VLAN bounded to POS ports.

That is, VLAN-ACL is prohibited from being applied to POS ports.

6) A VLAN-ACL is prohibited from being applied to a VLAN containing MPLS

intermixing ports. Similarly, a VLAN with a VLAN-ACL applied to is prohibited from

being used for MPLS intermixing.

mirrored-to

Syntax

mirrored-to inbound ip-group { acl-number | acl-name } [ rule rule [ system-index

index ] ] cpu

undo mirrored-to inbound ip-group { acl-number | acl-name } [ rule rule ]

View

VLAN view

Other manuals for Huawei Quidway S8500 Series