KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch

271

272

273

274

275

276

277

278

279

280

In an extended ACL, this parameter defines the source address (SA) that a packet

must carry in order to have a match with the ACE.

• any

Specifies all inbound IPv4 packets.

• host < SA >

Specifies only inbound IPv4 packets from a single address. Use this option

when you want to match only the IPv4 packets from a single source address.

• SA/mask-length or SA < mask >

Specifies packets received from an SA, where the SA is either a subnet or a

group of IPv4 addresses. The mask can be in either dotted-decimal format or

CIDR format with the number of significant bits. See “How an ACE uses a mask

to screen packets for matches” (page 322).

SA mask application

The mask is applied to the SA in the ACL to define which bits in a packet's

source SA must exactly match the address configured in the ACL and which

bits need not match.

Example

10.10.10.1/24 and 10.10.10.1 0.0.0.255 both define any IPv4 address in

the range of 10.10.10.(1-255).

NOTE: Specifying a group of contiguous IPv4 addresses may require more

than one ACE. For more on how masks operate in ACLs, see “How an ACE

uses a mask to screen packets for matches” (page 322).

Syntax

< any | host < SA> | SA/mask-length | SA < mask> >

This is the second instance of addressing in an extended ACE. It follows the first

(SA) instance, described earlier, and defines the destination address (DA) that a

packet must carry in order to have a match with the ACE. The options are the same

as shown for < SA >.

• any

Allows routed IPv4 packets to any DA.

• host < DA >

Specifies only the packets having DAas the destination address. Use this criterion

when you want to match only the IPv4 packets for a single DA.

• DA/mask-length or DA < mask >

Specifies packets intended for a destination address, where the address is

either a subnet or a group of IPv4 addresses. The mask format can be in either

dotted-decimal format or CIDR format (number of significant bits). See “How

an ACE uses a mask to screen packets for matches” (page 322).

DA Mask application

The mask is applied to the DA in the ACL to define which bits in a packet's

DA must exactly match the DA configured in the ACL and which bits need not

match. See also the above example and note.

Configuring 273