H3C Technologies H3C S3100V2 Series Switches User Manual

Page 99

Advertising
background image

91

[SwitchA] interface vlan-interface 104

[SwitchA-Vlan-interface104] pim ipv6 dm

[SwitchA-Vlan-interface104] mld enable

[SwitchA-Vlan-interface104] quit

# Create a multicast source control policy, policy1, so that multicast flows from Source 2 to FF1E::101 will

be blocked.

[SwitchA] acl ipv6 number 3001

[SwitchA-acl6-adv-3001] rule permit udp source 2::1 128 destination ff1e::101 128

[SwitchA-acl6-adv-3001] quit

CAUTION:

When you configure an IPv6 multicast source control policy, you must apply an advanced IPv6 ACL to
match both the multicast source address and destination address. Otherwise, multicast packets that should

be filtered out will still be delivered to the CPU for subsequent processing.

[SwitchA] traffic classifier classifier1

[SwitchA-classifier-classifier1] if-match acl ipv6 3001

[SwitchA-classifier-classifier1] quit

CAUTION:

Do not reference any IPv4 ACL after an IPv6 ACL is referenced in classifier view. Otherwise, match errors
will occur.

[SwitchA] traffic behavior behavior1

[SwitchA-behavior-behavior1] filter deny

[SwitchA-behavior-behavior1] quit

[SwitchA] qos policy policy1

[SwitchA-qospolicy-policy1] classifier classifier1 behavior behavior1

[SwitchA-qospolicy-policy1] quit

# Create a user profile, apply policy1 to the inbound direction of Eth 1/2 in user profile view, and enable
the user profile.

[SwitchA] user-profile profile1

[SwitchA-user-profile-profile1] qos apply policy policy1 inbound

[SwitchA-user-profile-profile1] quit

[SwitchA] user-profile profile1 enable

# Create RADIUS scheme scheme1; set the service type for the RADIUS server to extended; specify the
IP addresses of the primary authentication/authorization server and accounting server as 3::1; set the

shared keys to 123321; specify that no domain name is carried in a username sent to the RADIUS server.

[SwitchA] radius scheme scheme1

[SwitchA-radius-scheme1] server-type extended

[SwitchA-radius-scheme1] primary authentication 3::1

[SwitchA-radius-scheme1] key authentication 123321

[SwitchA-radius-scheme1] primary accounting 3::1

[SwitchA-radius-scheme1] key accounting 123321

[SwitchA-radius-scheme1] user-name-format without-domain

[SwitchA-radius-scheme1] quit

# Create an ISP domain domain1; reference scheme1 for the authentication, authorization, and
accounting for LAN users; specify domain1 as the default ISP domain.

Advertising
This manual is related to the following products:

H3C WX3000E Series Wireless Switches, H3C S10500 Series Switches, H3C S6800 Series Switches, H3C S6300 Series Switches, H3C S5800 Series Switches, H3C S5820X Series Switches, H3C S5820V2 Series Switches, H3C S5830 Series Switches, H3C S5830V2 Series Switches, H3C S3600V2 Series Switches

Popular Brands
Popular manuals