Switch 7700 Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch Gigabit-LX Module

151

152

153

154

155

156

157

158

159

160

146 CHAPTER 7: QOS/ACL OPERATION

Perform the following configuration in the designated view.

Layer-2 ACL can be identified with numbers ranging from 200 to 299.

Activating ACL Perform the following configuration in Ethernet Port view.

Displaying and

Debugging ACL

After you configure ACL, execute the display command in all views to display the

running of the ACL configuration, and to verify the effect of the configuration.

Execute the reset command in user view to clear the statistics of the ACL module.

The matched information of the display acl config command specifies the rules

treated by the switch’s CPU. The matched information of the transmitted data by

the switch can be displayed with the display qos-info traffic-statistic command.

For a description of the syntax of these commands, see the “3Com Router

Command Reference Guide”.

Example: ACL

Configuration

The interconnection between different departments on a company network is

implemented through the 100M ports of the Switch 7700. The payment query

Tab le 7 Define Layer-2 ACL

Operation Command

Enter Layer-2 ACL view(from

system view)

acl { number acl-number | name acl-name link } [

match-order { config | auto } ]

Add a sub-item to the ACL(from

Layer-2 ACL view)

rule [ rule-id ] { permit | deny } [ protocol-type ] [

format-type ] ingress { [ source-vlan-id ] [ source-mac-addr

] | any } egress { [ dest-mac-addr ] [ destination-vlan-id ] |

any } [ time-range name ]

Delete a sub-item from the

ACL(from Layer-2 ACL view)

undo rule rule-id

Delete one ACL or all the ACL(from

system view)

undo acl { number acl-number | name acl-name | all }

Tab le 8 Activate ACL

Operation Command

Activate an ACL packet-filter inbound { [ ip-group { acl-number |

acl-name } [ rule rule ] ] | [ link-group { acl-number |

acl-name } [ rule rule ] ] }

Deactivate an ACL undo packet-filter inbound { [ ip-group { acl-number |

acl-name } [ rule rule ] ] | [ link-group { acl-number |

acl-name } [ rule rule ] ] }

Tab le 9 Display and Debug ACL

Operation Command

Display the status of the time range display time-range [ name ]

Display the detail information

about the ACL

display acl config { all | acl-number | acl-name }

Display the ACL mode chosen by

the switch

display acl mode

Display the information about the

ACL running state

display acl runtime { all | interface { interface-name |

interface-type interface-num } }

Clear ACL counters reset acl counter { all | acl-number | acl-name }