Ipv6 acl configuration example, Network requirements, Network diagram – H3C Technologies H3C S7500E Series Switches User Manual

1-17

# Configure traffic behavior b_ market to deny matching packets.

[Switch] traffic behavior b_market

[Switch-behavior-b_market] filter deny

[Switch-behavior-b_market] quit

# Configure QoS policy p_rd to use traffic behavior b_rd for class c_rd.

[Switch] qos policy p_rd

[Switch-qospolicy-p_rd] classifier c_rd behavior b_rd

[Switch-qospolicy-p_rd] quit

# Configure QoS policy p_market to use traffic behavior b_market for class c_market.

[Switch] qos policy p_market

[Switch-qospolicy-p_market] classifier c_market behavior b_market

[Switch-qospolicy-p_market] quit

# Apply QoS policy p_rd to interface GigabitEthernet 2/0/2.

[Switch] interface GigabitEthernet 2/0/2

[Switch-GigabitEthernet2/0/2] qos apply policy p_rd inbound

[Switch-GigabitEthernet2/0/2] quit

# Apply QoS policy p_market to interface GigabitEthernet 2/0/3.

[Switch] interface GigabitEthernet 2/0/3

[Switch-GigabitEthernet2/0/3] qos apply policy p_market inbound

IPv6 ACL Configuration Example

Network Requirements

As shown in

Figure 1-2

, a company interconnects its departments through the switch.

Configure an ACL to deny access of the R&D department to external networks.

Network Diagram

Figure 1-2 Network diagram for IPv6 ACL configuration

Configuration Procedure

# Create an IPv6 ACL 2000.

<Switch> system-view

[Switch] acl ipv6 number 2000

[Switch-acl6-basic-2000] rule deny source 4050::9000/120

[Switch-acl6-basic-2000] quit

# Configure class c_rd for packets matching IPv6 ACL 2000.

[Switch] traffic classifier c_rd

[Switch-classifier-c_rd] if-match acl ipv6 2000

[Switch-classifier-c_rd] quit

# Configure traffic behavior b_rd to deny matching packets.