Manualshelf

R0106-HP MSR Router Series ACL and QoS Command Reference(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router
21222324252627282930
20
Syntax
rule [ rule-id ] { deny | permit } [ cos vlan-pri | counting | dest-mac dest-address dest-mask | { lsap
lsap-type lsap-type-mask | type protocol-type protocol-type-mask } | source-mac source-address
source-mask | time-range time-range-name ] *
undo rule rule-id [ counting | time-range ] *
Default
An Ethernet frame header ACL does not contain any rule.
Views
Ethernet frame header ACL view
Predefined user roles
network-admin
Parameters
rule-id: Specifies a rule ID in the range of 0 to 65534. If you do not specify a rule ID when creating an
ACL rule, the system automatically assigns it a rule ID. This rule ID is the nearest higher multiple of the
numbering step to the current highest rule ID, starting from 0. For example, if the rule numbering step is
5 and the current highest rule ID is 28, the rule is numbered 30.
deny: Denies matching packets.
permit: Allows matching packets to pass.
cos vlan-pri: Matches an 802.1p priority. The vlan-pri argument can be a number in the range of 0 to 7,
or in words, best-effort (0), background (1) , spare (2), excellent-effort (3), controlled-load (4), video (5),
voice (6), or network-management (7).
counting: Counts the number of times the Ethernet frame header ACL rule has been matched. If the
counting keyword is not specified, matches for the rule are not counted.
dest-mac dest-address dest-mask: Matches a destination MAC address range. The dest-address and
dest-mask arguments represent a destination MAC address and mask in the H-H-H format.
lsap lsap-type lsap-type-mask: Matches the DSAP and SSAP fields in LLC encapsulation. The lsap-type
argument is a 16-bit hexadecimal number that represents the encapsulation format. The lsap-type-mask
argument is a 16-bit hexadecimal number that represents the LSAP mask.
type protocol-type protocol-type-mask: Matches one or more protocols in the Ethernet frame header. The
protocol-type argument is a 16-bit hexadecimal number that represents a protocol type in Ethernet_II and
Ethernet_SNAP frames. The protocol-type-mask argument is a 16-bit hexadecimal number that represents
a protocol type mask.
source-mac source-address source-mask: Matches a source MAC address range. The source-address
argument represents a source MAC address, and the sour-mask argument represents a mask in the H-H-H
format.
time-range time-range-name: Specifies a time range for the rule. The time-range-name argument is a
case-insensitive string of 1 to 32 characters. It must start with an English letter. If the time range is not
configured, the system creates the rule. However, the rule using the time range can take effect only after
you configure the timer range. For more information about time range, see ACL and QoS Configuration
Guide.