Owners manual

ManualsBrandsD-Link ManualsNetworkingDGS-1510-28P

DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide

parameter-option, parameter-problem, port-unreachable, reassembly-

timeout, redirect, renum-command, renum-result, renum-seq-number,

router-advertisement, router-renumbering, router-solicitation, time-

exceeded, unreachable.

TCP-FLAG

(Optional) Specifies the TCP flag fields and the specified TCP header

bits called ack (acknowledge), fin (finish), psh (push), rst (reset), syn

(synchronize), or urg (urgent).

flow-label FLOW-LABEL

(Optional) Specifies the flow label value, within the range of 0 to

1048575.

fragments

(Optional) Specifiese the packet fragment’s filtering.

time-range PROFILE-NAME

(Optional) Specifies the name of time period profile associated with the

access list delineating its activation period.

Default

None.

Command Mode

IPv6 Access-list Configuration Mode.

Command Default Level

Level: 12.

Usage Guideline

If a rule entry is created without a sequence number, a sequence number will be automatically assigned.

If it is the first entry, the sequence number 10 is assigned. A subsequent rule entry will be assigned a

sequence number that is 10 greater than the largest sequence number in that access list and is placed at

the end of the list.

The user can use the command access-list sequence to change the start sequence number and

increment number for the specified access list. After the command is applied, the new rule without

specified sequence number will be assigned sequence based new sequence setting of the specified

access list.

When you manually assign the sequence number, it is better to have a reserved interval for future lower

sequence number entries. Otherwise, it will create extra effort to insert an entry with a lower sequence

number.

The sequence number must be unique in the domain of an access-list. If you enter a sequence number

that is already present, an error message will be shown.

Example

This example shows how to create four entries for an IPv6 extended access list named “ipv6-control”.

These entries are: permit TCP packets destined to network ff02::0:2/16, permit TCP packets destined to

host ff02::1:2, permit all TCP packets go to port 80 and permit all ICMP packets.

Switch# configure terminal

Switch(config)# ipv6 access-list extended ipv6-control

Switch(config-ipv6-ext-acl)# permit tcp any ff02::0:2/16

Switch(config-ipv6-ext-acl)# permit tcp any host ff02::1:2

Switch(config-ipv6-ext-acl)# permit tcp any any eq 80

Switch(config-ipv6-ext-acl)# permit icmp any any

Switch(config-ipv6-ext-acl)#

This example shows how to create two entries for an IPv6 standard access-list named “ipv6-std-control”.

These entries are: permit IP packets destined to network ff02::0:2/16, and permit IP packets destined to

host ff02::1:2.