3Com Switch 8800 Family Configuration Guide
24
VLAN-ACL CONFIGURATION
VLAN-ACL Overview VLAN-ACL is VLAN-based ACL. You can configure QACL for a VLAN to control
accesses made to all ports in the VLAN.
VLAN-ACL enables you to manage a network in an easier way. After you configure
QACL for a VLAN, the system synchronizes the configuration to all member ports
in the VLAN automatically. Therefore you need not to configure QACL for every
port.
VLAN-ACL
Configuration
Configuration
Prerequisites
The VLAN for which you configure QACL must meet the following requirements:
■ The VLAN has member ports.
■ The VLAN has no MPLS intermixing ports.
■ The default flow template is applied to ports in the VLAN.
Configuring a VLAN-ACL
Tab le 183 Configure a VLAN-ACL
Configuration step Command Description
Enter system view system-view -
Create an ACL and
enter the
corresponding view
acl { number acl-number | name acl-name [
advanced | basic ] } [ match-order { config |
auto } ]
Only basic or advanced
ACL and the rules are
applicable to
VLAN-ACL.
Define a rule rule Required
Quit ACL view quit -
Enter VLAN view vlan vlan-id
VLAN-ACL is prohibited
from being applied to
the VLAN containing
MPLS intermixing ports.
Configure packet
filtering (activating
ACLs)
packet-filter inbound ip-group {
acl-number | acl-name } [ rule rule [
system-index index ] ]
Optional
Configure traffic
policing
traffic-limit inbound ip-group { acl-number
| acl-name } [ rule rule [ system-index index ]
] [ tc-index index ] { traffic-index
traffic-index | cir cbs ebs [ pir ] } { conform {
remark-cos | remark-policed-service } |
exceed { forward | drop } }*
Optional