R2511-HP MSR Router Series ACL and QoS Configuration Guide(V5)
10
Ste
p
Command Remarks
2. Create an Ethernet
frame header ACL and
enter its view.
acl number acl-number [ name
acl-name ] [ match-order { auto |
config } ]
By default, no ACL exists.
Ethernet frame header ACLs are
numbered in the range of 4000 to 4999.
You can use the acl name acl-name
command to enter the view of a named
Ethernet frame header ACL.
3. Configure a
description for the
Ethernet frame header
ACL.
description text
Optional.
By default, an Ethernet frame header
ACL has no ACL description.
4. Set the rule numbering
step.
step step-value
Optional.
The default setting is 5.
5. Create or edit a rule.
rule [ rule-id ] { deny | permit } [ cos
vlan-pri | counting | dest-mac
dest-addr dest-mask | logging |
{ lsap lsap-type lsap-type-mask |
type protocol-type
protocol-type-mask } | source-mac
sour-addr source-mask | time-range
time-range-name ] *
By default
,
an Ethernet frame header
ACL does not include any rule.
To use the logging keyword, make sure
that module that uses the ACL supports
logging.
6. Add or edit a rule
comment.
rule rule-id comment text
Optional.
By default, no rule comments are
configured.
Configuring a user-defined ACL
User-defined ACLs allow you to customize rules based on information in protocol headers. You can
define a user-defined ACL to match packets in which a specific number of bytes after the specified offset
(relative to the specified header), matches the specified match pattern after being ANDed with a match
pattern mask.
To configure a user-defined ACL:
Ste
p
Command Remarks
1. Enter system view.
system-view N/A
2. Create a
user-defined ACL
and enter its view.
acl number acl-number [ name
acl-name ]
By default, no ACL exists.
User-defined ACLs are numbered in the
range of 5000 to 5999.
You can use the acl name acl-name
command to enter the view of a
user-defined ACL.
3. Configure a
description for the
user-defined ACL.
description text
Optional.
By default, a user-defined ACL has no
ACL description.