Manualshelf

Owner's Manual

ManualsBrandsNetgear ManualsHubsNetgear XCM8806
331332333334335336337338339340
Chapter 13. ACLs | 331
NETGEAR 8800 User Manual
Table 35 lists the same information for NETGEAR 8800 series modules. Any number of
match conditions in a single row for a particular field may be matched. For example if Field 1
has row 1 (Port-list) selected, Field 2 has row 8 (MACDA, MACSA, Etype, VID) selected, and
Field 3 has row 6 (Packet-type) selected, any combination of Port-list, MACDA, MACSA,
Etype, VID, and Packet-type may be used as match conditions.
If an ACL requires the use of field selectors from two different rows, it must be implemented
on two different slices.
TOS ip-tos or diffserv-codepoint
DestIP destination-address
DestIPv6 destination-address <ipv6>
SrcIP source-address
SrcIPv6 source-address <ipv6>
IpProtocol protocol
L4DstPort destination-port. Support only single L4 ports and not port ranges.
L4SrcPort source-port. Support only single L4 ports and not port ranges.
Tcp Flags tcp-flags
TrafficClass protocol
Ipv6NextHeader protocol
The following ingress conditions are not supported on egress: Fragments, first-fragments, IGMP-msg-type,
ICMP-type, ICMP-code,
Table 35. Field Selectors, NETGEAR 8800 Series
Field 1 Field 2 Field 3
Port-list DIP, SIP, IP-Proto, L4DP, L4SP, DSCP, TCP-Ctrl, IP-Flag Fragments
L4DP, L4SP DIP, SIP, IP-Proto, L4DP, L4-Range, DSCP, TCP-Ctrl, IP-Flag Port
VID+VID-inner DIP, SIP, IP-proto, L4-range, L4SP+DSCP, TCP-Ctrl, IP-Flag DSCP,
TCP-control
Etype, VID DIPv6/128 VID
Fragments, VID SIPv6/128 IP-Proto, TOS
Port, Dst-Port DIPv6/64, SIPv6/64 L4-Range
Etype, IP-Proto DIPv6/64, NextHdr(IPv6-Proto), TrafficClass(DSCPv6), FL, TCP-Ctrl Dst-Port
VRF, VID MACDA, MACSA, Etype, VID
Table 34. Abbreviations Used in Field Selector Tables (Continued)
Abbreviation Condition