Acfp configuration task list, Enabling the acfp server – H3C Technologies H3C S12500 Series Switches User Manual

Page 17

Advertising
background image

10

ACFP does not support policy-based routing services or NetStream services.

The handling of the packets redirected by ACFP is mutually exclusive with ordinary ACL rules. No
QoS processing is performed on the packets returned after they are redirected to the ACFP client.

With ACFP, a stream cannot be mirrored or redirected to multiple ACFP clients.

When the ACFP server is enabled, the internal interface cannot act as the source port for port
mirroring.

When the ACFP server is enabled on an LST1IPS1A1, LST1IPS2A1, or LST1ACG1A1 line card, the
connection mode for the internal interface must be set to extend, the internal interface must be

configured as a trunk port, and the PVID of the internal interface cannot be the VLAN ID of the

management VLAN.

The LST1IPS2A1 has two internal interfaces. The connection mode can be set to extend only for the
first internal interface, and flow can be directed only to the first internal interface.

To add the two interfaces on the LST1IPS2A1 and LST1FW3A1 to an aggregation group for
dynamic backup, use the link-aggregation selected-port minimum command to set the maximum
number of Selected ports allowed in the aggregation group to 2. For more information about the

command, see Layer 2—LAN Switching Command Reference.

When the connection mode of the internal interface on an LST1IPS1A1, LST1IPS2A1, or
LST1ACG1A1 line card is set to extend, you cannot specify a VLAN as both the user service VLAN

and the management VLAN.

When the switch operates in IRF mode, the LST1IPS1A1 and LST1ACG1A1 line cards do not
support ACFP dynamic flow redirection.

ACFP configuration task list

Task Remarks

Enabling the ACFP server

Required.

Configuring the connection mode for an internal interface on an OAP card

Required.

Enabling the ACFP trap function

Optional.

Enabling the ACFP server

Step Command

Remarks

1.

Enter system view.

system-view N/A

2.

Enable the ACFP server.

acfp server enable Disabled

by

default.

Configuring the connection mode for an internal

interface on an OAP card

An OAP card integrates a front card and a rear card. The front card provides value-added security

services, such as firewall, intrusion prevention, and application control. The rear card is responsible for

the data exchange between the front card and the switch.

Advertising
This manual is related to the following products:

H3C S9500E Series Switches

Popular Brands
Popular manuals