Switch 7700 Configuration Guide, v2
188 CHAPTER 7: QOS/ACL OPERATION
This type of filtering includes: ACL cited by route policy function, ACL used for
controlling user logons, and so on.
Note: The depth-first principle puts the statement specifying the smallest range of
packets on the top of the list. This can be implement, the fewer hosts it can
specify. For example, 129.102.1.1 0.0.0.0 specifies a host, while 129.102.1.1
0.0.255.255 specifies a network segment, 129.102.0.1 through
129.102.255.255. Obviously, the former range is listed ahead in the access control
list. The specific standard is:
■ For basic ACL statements, source address wildcards are compared directly. If
the wildcards are the same, the configuration sequence is used.
■ For the ACL based on the interface filter, the rule that is configured with any is
listed at the end, while others follow the configuration sequence.
■ For the advanced ACL, source address wildcards are compared first. If they are
the same, then destination address wildcards are compared. For the same
destination address wildcards, ranges of port numbers are compared and the
smaller range is listed first. If the port numbers are in the same range, the
configuration sequence is used.
ACL Supported by
Ethernet Switch
For the Switch 7700, ACLs are divided into the following categories:
■ Numbered basic ACL
■ Named basic ACL
■ Numbered advanced ACL
■ Named advanced ACL
■ Numbered interface ACL
■ Named interface ACL.
■ Numbered Layer-2 ACL
■ Named Layer-2 ACL
The Table 1 lists the limits to the numbers of different ACL on a switch
.
.
Tab le 1 Quantitative Limitation to the ACL
Item Value range Maximum
Numbered basic ACL 1 to 99 99
Numbered advanced ACL 100 to 199 100
Numbered Layer-2 ACL 200 to 299 100
Numbered interface ACL 1000 to 1999 1000
Named basic ACL - 1000
Named advanced ACL - 1000
Named interface ACL. - 1000
Named Layer-2 ACL. - 1000
The sub items of an ACL 0 to 127 128
Maximum sub items for all
ACL ( for Salience I )
- 1536
Maximum sub items for all
ACL ( for iSalience I )
- 768