Configuring an ethernet frame header acl, Copying an acl – H3C Technologies H3C S6300 Series Switches User Manual

Page 18

Advertising
background image

8

Configuring an Ethernet frame header ACL

Ethernet frame header ACLs, also called "Layer 2 ACLs," match packets based on Layer 2 protocol
header fields, such as source MAC address, destination MAC address, 802.1p priority (VLAN priority),

and link layer protocol type.
To configure an Ethernet frame header ACL:

Step

Command

Remarks

1.

Enter system view.

system-view N/A

2.

Create an Ethernet frame
header ACL and enter its

view.

acl number acl-number [ name
acl-name ] [ match-order { auto |

config } ]

By default, no ACL exists.
Ethernet frame header ACLs are

numbered in the range of 4000 to
4999.
You can use the acl name acl-name
command to enter the view of a

named ACL.

3.

(Optional.) Configure a

description for the Ethernet
frame header ACL.

description text

By default, an Ethernet frame
header ACL has no ACL

description.

4.

(Optional.) Set the rule
numbering step.

step step-value

The default setting is 5.

5.

Create or edit a rule.

rule [ rule-id ] { deny | permit } [ cos
vlan-pri | counting | dest-mac

dest-address dest-mask | { lsap

lsap-type lsap-type-mask | type
protocol-type protocol-type-mask }

| source-mac source-address

source-mask | time-range
time-range-name ] *

By default

,

an Ethernet frame

header ACL does not contain any

rule.
If an Ethernet frame header ACL is
used for packet filtering or QoS

traffic classification and the lsap

keyword is used, the lsap-type

argument value must be AAAA,
and the lsap-type-mask argument

value must be FFFF. Otherwise, the

ACL does not take effect.

6.

(Optional.) Add or edit a rule
comment.

rule rule-id comment text

By default, no rule comments are
configured.

Copying an ACL

You can create an ACL by copying an existing ACL (source ACL). The new ACL (destination ACL) has the

same properties and content as the source ACL, but not the same ACL number and name.
To successfully copy an ACL, make sure:

The destination ACL number is from the same category as the source ACL number.

The source ACL already exists, but the destination ACL does not.

To copy an ACL:

Advertising
This manual is related to the following products:

H3C S5820V2 Series Switches, H3C S5830 Series Switches, H3C S5830V2 Series Switches, H3C S3600V2 Series Switches, H3C S6800 Series Switches, H3C S3100V2 Series Switches, H3C S12500-X Series Switches, H3C S5560 Series Switches, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C WX3000 Series Unified Switches, H3C LSWM1WCM10 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module, H3C S9800 Series Switches, H3C S5130 Series Switches, H3C S5120 Series Switches

Popular Brands
Popular manuals