Reference Guide
198 | Access Control Lists (ACL)
www.dell.com | support.dell.com
ip access-list extended
c e s z
Name (or select) an extended IP access list (IP ACL) based on IP addresses or protocols.
Syntax
ip access-list extended access-list-name [cpu-qos]
To delete an access list, use the no ip access-list extended access-list-name command.
Parameters
Defaults
All access lists contain an implicit “deny any”; that is, if no match occurs, the packet is dropped.
Command Modes
CONFIGURATION
Command
History
Usage
Information
The number of entries allowed per ACL is hardware-dependent. Refer to your line card documentation
for detailed specification on entries allowed per ACL.
Prior to 7.8.1.0, names are up to 16 characters long.
Example
Figure 6-5. Command Example: ip access-list extended
Related
Commands
permit
c e s z
Configure a filter to pass IP packets meeting the filter criteria.
Syntax
permit {ip | ip-protocol-number} {source mask | any | host ip-address} {destination mask |
any | host ip-address} [count [byte] | log] [dscp value] [order] [monitor] [fragments]
To remove this filter, you have two choices:
• Use the no seq sequence-number command syntax if you know the filter’s sequence number or
• Use the no deny {ip | ip-protocol-number} {source mask | any | host ip-address}
{destination mask | any | host ip-address} command.
access-list-name
Enter a string up to 140 characters long as the access list name.
cpu-qos Enter the cpu-qos keyword to assign this ACL to control plane traffic only
(CoPP).
Version 8.3.11.1 Introduced on the Z9000.
Version 8.1.1.0 Introduced on E-Series ExaScale
Version 7.8.1.0 Increased name string to accept up to 140 characters. Prior to 7.8.1.0, names are up to
16 characters long.
Version 7.6.1.0 Support added for S-Series
Version 7.5.1.0 Support added for C-Series
pre-Version 6.2.1.1 Introduced on E-Series
FTOS(conf)#ip access-list extended TESTListEXTEND
FTOS(config-ext-nacl)#
ip access-list standard Configure a standard IP access list.
show config Display the current configuration.