Deny ( ipv6 ), Deny, Ipv6 ) – Dell PowerEdge VRTX User Manual

ACL Commands

735

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Dell Plasma-ARC

2+3\new_system_mifs_ARC2_latest\ACL.fm

D E LL CO N F I D E N T IA L – P R E L I M I N A RY 4 / 3 / 14 - F O R PR O O F O N LY

• log-input—Specifies sending an informational SYSLOG message about

the packet that matches the entry. Because forwarding/dropping is done in

hardware and logging is done in software, if a large number of packets

match an ACE containing a log-input keyword, the software might not be

able to match the hardware processing rate, and not all packets will be

logged.

Default Configuration

No IPv6 access list is defined.

Command Mode

Ipv6 Access-list Configuration mode

User Guidelines

If a range of ports is used for the destination port in an ACE, it is not

counted again if it is also used for destination port in another ACE.
The number of TCP/UDP ranges that can be defined in ACLs is limited. If a

range of ports is used for a source port in ACE, it is not counted again if it is

also used for a source port in another ACE. If a range of ports is used for

destination port in ACE it is not counted again if it is also used for

destination port in another ACE.
If a range of ports is used for source port it is counted again if it is also used

for destination port.

Example

This example defines an ACL by the name of server and enters a rule (ACE)

for tcp packets.

console(config)# ipv6 access-list server

console(config-ipv6-al)#

permit tcp 3001::2/64 any any 80

deny ( IPv6 )

Use the deny command in Ipv6 Access-list Configuration mode to set permit

conditions (ACEs) for IPv6 ACLs. Use the no form of the command to

remove the access control entry.