Failure to Create a Traffic Policy with a User-Defined ACL

Publication Date:  2015-03-24 Views:  738 Downloads:  0
Issue Description
Applicable Products and Versions:

S2700&S3700&S5700 V100R005/V100R006/V200R001/V200R002/V200R003
S6700 V100R006/V200R001/V200R002/V200R003

Failure to Create a Traffic Policy with a User-Defined ACL.
Alarm Information
A traffic policy with a user-defined ACL cannot be created.

<HUAWEI> system-view
[HUAWEI] acl number 5000  //Configure a user-defined ACL.
[HUAWEI-acl-user-5000] rule 5 permit l4-head 0x00000868 0x0000ffff 0  //Match a two-byte character string in the Layer 4 packet header. The matched character string is 0x00000868 and 0 indicates the offset.
[HUAWEI-acl-user-5000] rule 10 permit l4-head 0x00060000 0x00ff0000 24  //Match a one-byte character string in the Layer 4 packet header. The matched character string is 0x00000868 and 24 indicates the offset.
[HUAWEI] quit
[HUAWEI] traffic classifier c1 operator or  //Create a traffic classifier, and set the relationship between rules to OR (A packet belongs to the class if it matches one or more of the rules.)
[HUAWEI-classifier-c1] if-match acl 5000  //Create an ACL-based matching rule.
[HUAWEI-classifier-c1] quit
[HUAWEI] traffic behavior b5000  //Create a traffic behavior.
[HUAWEI-behavior-b1] redirect interface gigabitethernet0/0/24  //Redirect packets to GE0/0/24.
[HUAWEI-behavior-b1] quit
[HUAWEI] traffic policy p5000  //Create a traffic policy.
[HUAWEI-trafficpolicy-p5000] classifier c1 behavior b1  //Bind the traffic classifier to the traffic behavior.
Info: This operation maybe take a long time, please wait for a moment.
Error:Add rule failed, slot 0, policy p5000, class c1, behavior b1 acl 5000, rule 10, on interface GigabitEthernet0/0/21.
Handling Process
Check the offsets in the ACL rules applied to the traffic policy. Ensure that the same offset is used.

[HUAWEI] display acl 5000
Root Cause
The traffic policy failed to be created because the user-defined ACL rules contain different offsets.

Suggestions
If user-defined ACL rules are applied to a traffic policy, the offsets in the rules must be the same.

END