Effective time period of an ipv6 acl, Ipv6 acl configuration, Configuring a basic ipv6 acl – H3C Technologies H3C S3100 Series Switches User Manual

Page 351

Advertising
background image

5-7

A bigger step means more numbering flexibility. This is helpful when the config rule order is adopted,

with which ACL rules are sorted in ascending order of rule ID.

If no ID is specified for a rule when the rule is created, the system automatically assigns it the smallest

multiple of the step that is bigger than the current biggest rule ID, starting with 0. For example, given the

step of 5, if the present biggest rule ID is 28, the newly defined rule will be numbered 30. If the ACL does

not contain any rule, the first defined rule will be numbered 0.

Effective Time Period of an IPv6 ACL

You can control when a rule can take effect by referencing a time range in the rule.

A referenced time range can be one that has not been created yet. The rule, however, can take effect

only after the time range is defined and becomes active.

IPv6 ACL Configuration

Configuring a Basic IPv6 ACL

Basic IPv6 ACLs match packets based on only source IPv6 address. They are numbered in the range

2000 to 2999.

z

Configuration Prerequisites

If you want to reference a time range in a rule, define it with the time-range command first.

z

Configuration Procedure

Follow these steps to configure an IPv6 ACL:

To do…

Use the command…

Remarks

Enter system view

system-view

––

Create a basic IPv6 ACL view and
enter its view

acl ipv6 number acl6-number
[ name acl6-name ] [ match-order
{ auto | config } ]

Required

The default rule order is config.

If you specify a name for an IPv6
ACL when creating the ACL, you
can use the acl ipv6 name
acl6-name command to enter the
view of the ACL later.

Create or modify a rule

rule [ rule-id ] { deny | permit }
[ counting | fragment | logging |
source { ipv6-address
prefix-length |
ipv6-address/prefix-length | any } |
time-range time-range-name ] *

Required

To create or modify multiple rules,
repeat this step.

Set the rule numbering step

step step-value

Optional

5 by default

Configure a description for the
basic IPv6 ACL

description text

Optional

By default, a basic IPv6 ACL has
no ACL description.

Configure a rule description

rule rule-id comment text

Optional

By default, an IPv6 ACL rule has
no rule description.

Note that:

Advertising
See also other documents in the category H3C Technologies Routers: