Manualshelf

User Manual

ManualsBrandsHP ManualsComputer Accessories6200YL
11121314151617181920
Planning an ACL Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-27
How an ACE Uses a Prefix To Screen Packets for
Prefix Usage Differences Between ACLs and
A Configured ACL Has No Effect Until You Apply It
You Can Assign an ACL Name to an Interface
IPv6 Traffic Management and Improved Network Performance . . . 8-27
Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-28
Guidelines for Planning the Structure of an ACL . . . . . . . . . . . . . . . . 8-29
ACL Configuration and Operating Rules . . . . . . . . . . . . . . . . . . . . . . . 8-30
SA and DA Matches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-32
Other IPv6 Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-33
Configuring and Assigning an IPv6 ACL . . . . . . . . . . . . . . . . . . . . . . . 8-34
General Steps for Implementing IPv6 ACLs . . . . . . . . . . . . . . . . . . . . 8-34
Permit/Deny Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-34
ACL Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-35
ACL Configuration Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-36
ACL Configuration Factors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-38
The Sequence of Entries in an ACL Is Significant . . . . . . . . . . . . 8-38
Allowing for the Implied Deny Function . . . . . . . . . . . . . . . . . . . . 8-39
to an Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-40
Even if the ACL Has Not Been Configured . . . . . . . . . . . . . . . . . . 8-40
Using the CLI To Create an ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-40
General ACE Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-41
Using CIDR Notation To Enter the IPv6 ACL Prefix Length . . . 8-41
Configuration Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-43
Command Summary for Configuring ACLs . . . . . . . . . . . . . . . . . . . . . 8-43
Command Summary for Enabling, Disabling, and Displaying ACLs 8-44
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-44
Commands To Create, Enter, and Configure an ACL . . . . . . . . . . . . . 8-45
Adding or Removing an ACL Assignment On an Interface . . . . . . . 8-59
Filtering Switched IPv6 Traffic Inbound on a VLAN . . . . . . . . . . . . . 8-59
Filtering Inbound IPv6 Traffic Per Port and Trunk . . . . . . . . . . . . . . 8-60
Deleting an ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-62
Editing an Existing ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-63
General Editing Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-63
x