PLANET XGS3-24042 User Manual

Page 955

Advertising
background image

47-21

[no] {deny | permit} udp { <sIPv6Prefix/sPrefixlen> | any-source | {host-source

<sIPv6Addr> }} [s-port { <sPort> | range <sPortMin> <sPortMax> }]

{ <dIPv6Prefix/dPrefixlen> | any-destination | {host-destination <dIPv6Addr> }} [d-port

{ <dPort> | range <dPortMin> <dPortMax> }] [dscp <dscp> ] [flow-label <fl> ][time-range

<time-range-name> ]

[no] {deny | permit} <next-header> {<sIPv6Prefix/sPrefixlen> | any-source | {host-source

<sIPv6Addr>}} {<dIPv6Prefix/dPrefixlen> | any-destination | {host-destination <dIPv6Addr>}}

[dscp <dscp>] [flow-label <fl>][time-range <time-range-name>]

[no] {deny | permit} {<sIPv6Prefix/sPrefixlen> | any-source | {host-source <sIPv6Addr>}}

{<dIPv6Prefix/dPrefixlen> | any-destination | {host-destination <dIPv6Addr>}} [dscp <dscp>]

[flow-label <fl>] [time-range<time-range-name>]

Function:

Create an extended nomenclature IPv6 access control rule for specific IPv6 protocol.

Parameter:

<sIPv6Addr> is the source IPv6 address; <sPrefixlen> is the length of the IPv6 address prefix, the

range is 1~128; <dIPv6Addr> is the destination IPv6 address; <dPrefixlen> is the length of the

IPv6 address prefix, the range is 1~128; <igmp-type>, type of the IGMP; <icmp-type>, icmp type;

<icmp-code>, icmp protocol number; <dscp>, IPv6 priority ,the range is 0~63; <flowlabel>, value

of the flow label, the range is 0~1048575; syn,ack,urg,rst,fin,psh,tcp label position; <sPort>,

source port number, the range is 0~65535;

<sPortMin>, the down boundary of source port;

<sPortMax>, the up boundary of source port; <dPort>, destination port number, the range is 0~

65535; <dPortMin>, the down boundary of destination port; <dPortMax>, the up boundary of

destination port. <next-header>, the IPv6 next-header. <time-range-name>, time range name.

Command Mode:

IPv6 nomenclature extended access control list mode

Default:

No access control list configured.

Example:

Create an extended access control list named udpFlow, denying the igmp packets while allowing

udp packets with destination address 2001:1:2:3::1 and destination port 32.

Switch(config)#ipv6 access-list extended udpFlow

Switch(Config-IPv6-Ext-Nacl-udpFlow)#deny igmp any any-destination

Switch(Config-IPv6-Ext-Nacl-udpFlow)#permit udp any-source host-destination 2001:1:2:3::1

dPort 32

Advertising
This manual is related to the following products:

XGS3-24242

Popular Brands
Popular manuals