Users Guide
seq sequence-number {permit | deny} options
3 Write a remark.
CONFIG-EXT-NACL mode or CONFIG-STD-NACL
remark [remark-number] remark-text
The remark number is optional.
Example of Conguring and Viewing Remarks
The following example shows how to write a remark for an ACL rule:
Dell(config-ext-nacl)#ip access-list extended test
Dell(config-ext-nacl)# remark permit any ip
Dell(config-ext-nacl)# seq 10 permit ip any any
Dell(config-ext-nacl)#sh config
!
ip access-list extended test
remark 10 permit any ip
seq 10 permit ip any any
Deleting a Remark
To delete a remark, follow this procedure:
A standard IP ACL uses the source IP address as its match criterion.
• Use the no form of the following command:
CONFIG-EXT-NACL mode or CONFIG-STD-NACL
no remark [remark-number] [remark-text]
The remark number is optional.
Example of Removing a Remark
The following is an example of removing a remark.
Dell(config)#ip access-list extended test
Dell(config-ext-nacl)# remark 10 permit any ip
Dell(config-ext-nacl)# seq 10 permit ip any any
Dell(config-ext-nacl)#sh config
!
ip access-list extended test
remark 10 permit any ip
seq 10 permit ip any any
Dell(config-ext-nacl)#no remark 10
Dell(config-ext-nacl)#show config
!
ip access-list extended test
seq 10 permit ip any any
ACL Resequencing
ACL resequencing allows you to re-number the rules and remarks in an access or prex list.
The placement of rules within the list is critical because packets are matched against rules in sequential order. To order new rules using the
current numbering scheme, use resequencing whenever there is no opportunity.
For example, the following table contains some rules that are numbered in increments of 1. You cannot place new rules between these
packets, so apply resequencing to create numbering space, as shown in the second table. In the same example, apply resequencing if more
than two rules must be placed between rules 7 and 10.
Access Control Lists (ACLs)
137