HP 6200YL User Manual

IPv6 Access Control Lists (ACLs)

Configuration Commands

Syntax: < deny | permit > < ipv6 | ipv6-protocol | ipv6-protocol-nbr >
(ipv6 acl < any | host < SA > | SA/ prefix-length >
context) < any | host < DA > | DA/ prefix-length >

[ dscp < tos-bits | precedence ] [ log ]

Appends an ACE to the end of the list of ACEs in the current
ACL. In the default configuration, ACEs are automatically
assigned consecutive sequence numbers in increments of 10
and can be renumbered using

resequence (page 8-68).

Note: To insert a new ACE between two existing ACEs in an
ACL, precede

deny or permit with an appropriate sequence

number. (Refer to “Inserting an ACE in an Existing ACL” on
page 8-65.)

For a match to occur, a packet must have the source and
destination IPv6 addressing criteria specified in the ACE, as
well as:

• the protocol-specific criteria configured in the ACE,

including any optional elements (described later in this
section)

• any (optional) DSCP settings configured in the ACE

< deny | permit >

These keywords are used in the IPv6 (

ipv6-acl) context to

specify whether the ACE denies or permits a packet matching
the criteria in the ACE, as described below.

8-47