HP 6200YL User Manual

Planning an ACL Application

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-27

How an ACE Uses a Prefix To Screen Packets for

Prefix Usage Differences Between ACLs and

A Configured ACL Has No Effect Until You Apply It

You Can Assign an ACL Name to an Interface

IPv6 Traffic Management and Improved Network Performance . . . 8-27

Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-28

Guidelines for Planning the Structure of an ACL . . . . . . . . . . . . . . . . 8-29

ACL Configuration and Operating Rules . . . . . . . . . . . . . . . . . . . . . . . 8-30

SA and DA Matches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-32

Other IPv6 Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-33

Configuring and Assigning an IPv6 ACL

. . . . . . . . . . . . . . . . . . . . . . . 8-34

General Steps for Implementing IPv6 ACLs . . . . . . . . . . . . . . . . . . . . 8-34

Permit/Deny Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-34

ACL Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-35

ACL Configuration Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-36

ACL Configuration Factors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-38

The Sequence of Entries in an ACL Is Significant . . . . . . . . . . . . 8-38

Allowing for the Implied Deny Function . . . . . . . . . . . . . . . . . . . . 8-39

to an Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-40

Even if the ACL Has Not Been Configured . . . . . . . . . . . . . . . . . . 8-40

Using the CLI To Create an ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-40

General ACE Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-41

Using CIDR Notation To Enter the IPv6 ACL Prefix Length . . . 8-41

Configuration Commands

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-43

Command Summary for Configuring ACLs . . . . . . . . . . . . . . . . . . . . . 8-43

Command Summary for Enabling, Disabling, and Displaying ACLs 8-44

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-44

Commands To Create, Enter, and Configure an ACL . . . . . . . . . . . . . 8-45

Adding or Removing an ACL Assignment On an Interface

. . . . . . . 8-59

Filtering Switched IPv6 Traffic Inbound on a VLAN . . . . . . . . . . . . . 8-59

Filtering Inbound IPv6 Traffic Per Port and Trunk . . . . . . . . . . . . . . 8-60

Deleting an ACL

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-62

Editing an Existing ACL

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-63

General Editing Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-63

x