Commands to create, enter, and configure an acl – HP 6200YL User Manual
Page 221
IPv6 Access Control Lists (ACLs)
Configuration Commands
■
TCP flag (control bit) options
■
filtering for TCP traffic based on whether the subject traffic is initi
ating a connection (“established” option)
■
optional DSCP (IP precedence and ToS) criteria
The switch allows up to 2048 ACLs each for IPv4 and IPv6 (with RADIUS-
based ACL resources drawn from the IPv4 allocation). The total is determined
from the number of unique identifiers in the configuration. For example,
configuring two IPv6 ACLs results in an ACL total of two, even if neither is
assigned to an interface. If you then assign a nonexistent IPv6 ACL to an
interface, the new total is three, because the switch now has three unique IPv6
ACL names in its configuration.
■
For information on determining the current resource availability and
usage, refer to the appendix titled “Monitoring Resources” in the
Management and Configuration Guide
for your switch.
■
For ACL resource limits, refer to the appendix covering scalability in
the latest Management and Configuration Guide for your switch.
Commands To Create, Enter, and Configure an ACL
For a match to occur with an ACE, a packet must have the source and
destination IPv6 address criteria specified by the ACE, as well as any IPv6
protocol-specific criteria included in the command.
Use the following general steps to create or add to an ACL:
1. Create and/or enter the context of a given ACL.
2. Enter the first ACE in a new ACL or append an ACE to the end of an ACL.
This section describes the commands for performing these steps. For other
ACL topics, refer to the following:
Topic
Page
applying or removing an ACL on an interface
deleting an ACL
editing an ACL (inserting or removing ACEs from an existing ACL)
sequence numbering in ACLs
including remarks in an ACL
displaying ACL configuration data
8-45