Configuring an ipv6 basic acl – H3C Technologies H3C SR8800 User Manual
Page 16
7
Step
Command
Remarks
7.
Enable rule match
counting for the IPv4
basic ACL.
hardware-count enable
Optional.
By default, rule match counting is
disabled.
Configuring an IPv6 basic ACL
To configure an IPv6 basic ACL:
Step
Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Create an IPv6 basic ACL
view and enter its view.
acl ipv6 number acl6-number
[ name acl6-name ] [ match-order
{ auto | config } ]
By default, no ACL exists.
IPv6 basic ACLs are numbered in
the range 2000 to 2999.
You can use the acl ipv6 name
acl6-name command to enter the
view of a named IPv6 ACL.
3.
Configure a description for
the IPv6 basic ACL.
description text
Optional.
By default, an IPv6 basic ACL has
no ACL description.
4.
Set the rule numbering step.
step step-value
Optional.
The default setting is 5.
5.
Create or edit a rule.
rule [ rule-id ] { deny | permit }
[ counting | fragment | logging |
source { ipv6-address prefix-length
| ipv6-address/prefix-length |
any } | time-range
time-range-name | vpn-instance
vpn-instance-name ] *
By default, an IPv6 basic ACL does
not contain any rule.
To create or edit multiple rules,
repeat this step.
The logging keyword takes effect
only when the module (for
example, a packet-filter firewall)
using the ACL supports logging.
6.
Configure or edit a rule
description.
rule rule-id comment text
Optional.
By default, an IPv6 basic ACL rule
has no rule description.
7.
Enable rule match counting
for the IPv6 basic ACL.
hardware-count enable
Optional.
By default, rule match counting is
disabled.
NOTE:
When configuring IPv6 basic ACLs for a QoS policy that is to be applied to an SPC card, you must set the
ACL rule length limit to 80 bytes. For more information about the ACL rule length limit, see
ACL and QoS
Command Reference.