R0106-HP MSR Router Series ACL and QoS Command Reference(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

Parameters

rule-id: Specifies a rule ID in the range of 0 to 65534. If you do not specify a rule ID when creating an

ACL rule, the system automatically assigns it a rule ID. This rule ID is the nearest higher multiple of the

numbering step to the current highest rule ID, starting from 0. For example, if the rule numbering step is

5 and the current highest rule ID is 28, the rule is numbered 30.

deny: Denies matching packets.

permit: Allows matching packets to pass.

protocol: Specifies one of the following values:

• A protocol number in the range of 0 to 255.

• A protocol by its name: gre (47), icmp (1) , igmp (2), ip, ipinip (4), ospf (89), tcp (6), or udp (17) . The

ip keyword specifies all protocols.

Table 6 de

scribes the parameters that you can specify regardless of the value for the protocol argument.

Table 6 Match criteria and other rule information for IPv4 advanced ACL rules

Parameters Function Descri

tion

source

{ source-address

source-wildcard |

any }

Specifies a source address.

The source-address source-wildcard arguments specify

a source IP address and a wildcard mask in dotted

decimal notation. An all-zero wildcard represents a host

address.

The any keyword specifies any source IP address.

destination

{ dest-address

dest-wildcard |

any }

Specifies a destination

address.

The dest-address dest-wildcard arguments specify a

destination IP address and a wildcard mask in dotted

decimal notation. An all-zero wildcard represents a host

address.

The any keyword represents any destination IP address.

counting

Counts the number of times the

IPv4 advanced ACL rule has

been matched.

The counting keyword enables match counting specific

to rules. If the counting keyword is not specified,

matches for the rule are not counted.

precedence

Specifies an IP precedence

value.

The precedence argument can be a number in the range

of 0 to 7, or in words: routine (0), priority (1),

immediate (2), flash (3), flash-override (4), critical (5),

internet (6), or network (7).

tos tos Specifies a ToS preference.

The tos argument can be a number in the range of 0 to

15, or in words: max-reliability (2), max-throughput

(4), min-delay (8), min-monetary-cost (1), or normal

(0).

dscp dscp Specifies a DSCP priority.

The dscp argument can be a number in the range of 0 to

63, or in words: af11 (10), af12 (12), af13 (14), af21

(18), af22 (20), af23 (22), af31 (26), af32 (28), af33

(30), af41 (34), af42 (36), af43 (38), cs1 (8), cs2 (16),

cs3 (24), cs4 (32), cs5 (40), cs6 (48), cs7 (56), default

(0), or ef (46).

fragment

Applies the rule to only

non-first fragments.

If you do not specify this keyword, the rule applies to all

fragments and non-fragments.

logging Logs matching packets.

This function requires that the module (for example,

packet filtering) that uses the ACL supports logging.