Configuring an acl rule length limit mode, Displaying and maintaining acls – H3C Technologies H3C SR8800 User Manual

Page 22

Advertising
background image

13

NOTE:

The user-defined flow template you are applying to an interface must already exist.

You can apply only one user-defined flow template on an interface.

The default flow template defines five fields: the source IP address, destination IP address, source port
number, destination port number, and protocol type.

When the length limit for the match criteria in an ACL rule is 18 bytes for an SPE card, available
parameters of the default flow template are sip, dip, ip-protocol, sport, and dport.

When the length limit for the match criteria in an ACL rule is 36 bytes for an SPE card, available
parameters of the default flow template are sip, dip, ip-protocol, sport, dport, icmp-code, icmp-type,
tos, dscp, ip-precedence, mpls-exp, tcp-flag, and fragment.

Configuring an ACL rule length limit mode

The ACL rule length limit mode defines the length of the fields available for an ACL flow template. When

a large number of ACL rules are required on the router, you may need to change this mode.
To configure an ACL rule length limit mode:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Set the ACL rule
length limit mode.

acl mode { 1 | 2 | 3 | 4 }

The default setting is 2.

NOTE:

The limit mode setting is saved automatically, but it takes effect only after you restart your router.

The limit mode setting does not take effect on an SPE card with an ATM subcard.

The limit mode setting does not take effect for IPv6 ACLs on an SPE card.

When configuring IPv6 ACLs for a QoS policy that is to be applied to an SPC card, you must set the ACL
rule length limit to 80 bytes. For more information about the ACL rule length limit, see

ACL and QoS

Command Reference.

Displaying and maintaining ACLs

Task Command

Remarks

Display configuration and match
statistics for one or all IPv4 ACLs.

display acl { acl-number | all | name
acl-name } [ | { begin | exclude | include }

regular-expression ]

Available in any view

Display configuration and match
statistics for one or all IPv6 ACLs.

display acl ipv6 { acl6-number | all | name
acl6-name } [ | { begin | exclude | include }
regular-expression ]

Available in any view

Display the ACL rule length limit
mode.

display acl mode [ | { begin | exclude |
include } regular-expression ]

Available in any view

Advertising
This manual is related to the following products:

H3C SR6600-X, H3C SR6600, H3C SecPath F5020, H3C SecPath F5040, H3C VMSG VFW1000

Popular Brands
Popular manuals