HP 6200YL User Manual

IPv6 Access Control Lists (ACLs)

Displaying ACL Configuration Data

Table 8-5.

Descriptions of Data Types Included in Show Access-List < acl-id > Output

Field

Description

Name

The ACL identifier. For IPv6 ACLs, is an alphanumeric name. For IPv4 ACLs, can be a number from 1 to 199,
or an alphanumeric name.

Type

IPv6, Standard, or Extended. IPv6 ACLs use a source and a destination address, plus IPv6 protocol
specifiers. Standard ACLs are IPv4 only, and use only a source IP address. Extended ACLs are available in
IPv4 only, and use both source and destination IP addressing, as well as other IP protocol specifiers.

Applied

“Yes” means the ACL has been applied to an interface. “No” means the ACL exists in the switch
configuration, but has not been applied to any interface, and is therefore not in use.

SEQ

The sequential number of the Access Control Entry (ACE) in the specified ACL.

Entry

Lists the content of the ACEs in the selected ACL.

Action

Permit (forward) or deny (drop) a packet when it is compared to the criteria in the applicable ACE and found
to match. Includes the optional log option, if used, in deny actions.

Remark

Displays any optional remark text configured for the selected ACE.

IP

Used for IPv4 Standard ACEs: The source IPv4 address to which the configured mask is applied to determine
whether there is a match with a packet.

Src IP

Used for IPv6 ACEs and IPv4 Extended ACEs: The source IPv6 or IPv4 address to which the configured mask
is applied to determine whether there is a match with a packet.

Dst IP

Used for IPv6 ACEs and IPv4 Extended ACEs: The source and destination IP addresses to which the
corresponding configured masks are applied to determine whether there is a match with a packet.

Mask

Used in IPv4 ACEs, the mask is configured in an ACE and applied to the corresponding IP address in the
ACE to determine whether a packet matches the filtering criteria.

Prefix Len

Used in IPv6 ACEs to specify the number of consecutive high-order (leftmost) bits of the source and

(source and destination addresses configured in an ACE to be used to determine a match with a packet being filtered
destination) by the ACE.

Proto

Used in IPv6 ACEs and IPv4 extended ACEs to specify the packet protocol type to filter.

Port(s)

Used in IPv4 extended ACEs to show any TCP or UDP operator and port number(s) included in the ACE.

Src Port(s)

Used in IPv6 ACEs to show TCP or UDP source and destination operator and port number(s) included in the

Dst Port(s)

ACE.

DSCP

Used in IPv6 ACEs to show the DSCP precedence or codepoint setting, if any.

TOS

Used in IPv4 extended ACEs to indicate Type-of-Service setting, if any.

Precedence Used in IPv4 extended ACEs to indicate the IP precedence setting, if any.

Display All ACLs and Their Assignments in the
Switch Startup-Config File and Running-Config File

The

show config and show running commands include in their listings any

configured ACLs and any ACL assignments to VLANs. Refer to figure 8-36
(page 8-88) for an example. Remember that

show config lists the startup-config

file and

show running lists the running-config file.

8-83