KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5412R-92G-PoE+/2SFP+ (No PSU) v2 zl2 Switch

Assignment of an ACL to an interface............................................................................114

Assignment of an ACL name to an interface....................................................................114

Creating an ACL using the CLI................................................................................................114

General ACE rules................................................................................................................114

Adding or inserting an ACE in an ACL...............................................................................114

Deleting an ACE..............................................................................................................115

Duplicate ACE sequence numbers.................................................................................115

Configuration Commands......................................................................................................115

Creating an ACL and/or entering the IPv6 ACL (ipv6-acl) context...........................................115

Configuring ACEs in an ACL.............................................................................................116

Configuring TCP and UDP traffic in IPv6 ACLs......................................................................119

Filtering ICMP traffic.........................................................................................................121

Filtering routed IPv6 traffic.................................................................................................122

Filtering routed or switched IPv6 traffic inbound on a VLAN...................................................123

Filtering inbound IPv6 traffic per port and trunk...............................................................124

Deleting an ACL..............................................................................................................125

Inserting an ACE in an existing ACL...................................................................................125

Deleting an ACE from an existing ACL.....................................................................................127

Resequencing the ACEs in an IPv6 ACL...................................................................................128

Attaching a remark to an ACE................................................................................................129

Appending remarks and related ACEs to the end of an ACL.......................................................130

Inserting remarks and related ACEs within an existing list...........................................................130

Inserting a remark for an ACE that already exists in an ACL.......................................................131

Replacing an existing remark.................................................................................................131

Removing a remark from an existing ACE................................................................................131

Operating notes for remarks..............................................................................................131

Viewing ACL configuration data.............................................................................................132

Viewing an ACL summary......................................................................................................133

Viewing the content of all ACLs on the switch...........................................................................134

Viewing the IPv4 and IPv6 VACL assignments for a VLAN..........................................................135

Viewing the IPv4 and IPv6 RACL and VACL assignments for a VLAN...........................................136

Viewing static port (and trunk) ACL assignments........................................................................137

Viewing the content of a specific ACL......................................................................................138

Creating or editing an ACL offline..........................................................................................143

The offline process...........................................................................................................143

Example of using the offline process...................................................................................144

Enabling ACL logging on the switch........................................................................................145

Monitoring static ACL performance.........................................................................................149

ACE counter operation.....................................................................................................150

Resetting ACE hit counters to zero......................................................................................150

Example of ACL performance monitoring............................................................................150

Example of resetting ACE hit counters to zero......................................................................151

Options for applying IPv6 ACLs on the switch...........................................................................152

Static ACLS.....................................................................................................................152

RADIUS-assigned ACLs.....................................................................................................153

Using CIDR notation to enter the IPv6 ACL prefix length.............................................................153

Overview of IPv6 ACLs..........................................................................................................153

Commands to create, enter, and configure an ACL...............................................................154

Example: IPv6 ACL configuration in a routed environment..........................................................154

Editing an existing ACL.........................................................................................................155

General editing rules........................................................................................................155

Sequence numbering in ACLs............................................................................................156

About viewing All ACLs and their assignments in the switch startup-config file and running-config

file.................................................................................................................................156

Testing and troubleshooting ACLs...........................................................................................157

6 Contents