No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Feature Description - IP Services 01

NE05E and NE08E V300R003C10SPC500

This is NE05E and NE08E V300R003C10SPC500 Feature Description - IP Services
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Basic ACL Concepts

Basic ACL Concepts

ACL type

ACL can be classified as ACL4 or ACL6 based on the support for IPv4 or IPv6.

The following table outlines ACL4 classification based on functions.
Table 3-1 ACL types

ACL Type

Function

ACL Number

Interface-based ACL

Defines rules based on packets' inbound interfaces.

1000 to 1999

Basic ACL

Defines rules based on packets' source addresses.

2000 to 2999

Advanced ACL

Rules in an advanced ACL are defined based on packets' source or destination addresses, source or destination port numbers, and protocol types.

3000 to 3999

Layer 2 ACL

Defines rules based on the Layer 2 information, such as the source MAC address, destination MAC address, or protocol type of Ethernet frames.

4000 to 4999

The following table outlines ACL6 classification based on functions.
Table 3-2 ACL6 types

ACL6 Type

Function

ACL6 Number

Interface-based ACL6

Defines rules based on packets' inbound interfaces.

1000 to 1999

Basic ACL6

Defines rules based on packets' source addresses.

2000 to 2999

Advanced ACL6

Defines rules based on packets' source or destination addresses, source or destination port numbers, and protocol types.

3000 to 3999

For easy memorization, use names instead of numbers to define ACLs. Just like using domain names to replace IP addresses. ACLs of this type are called named ACLs. The ACL stated above called numbered ACLs.

The only difference between named and numbered ACLs is that the former ones are more recognizable owing to descriptive names.

When naming an ACL, you can specify a number for it. If no number is specified, the system will allocate one automatically.

NOTE:

One name is only for one ACL. Multiple ACLs cannot have the same name, even if they are of different types.

ACL step

An ACL step is the difference between two adjacent ACL rule numbers that are automatically allocated. For example, if the step is set to 5, the rule numbers are multiples of 5, such as 5, 10, 15, and 20.
  • If an ACL step is changed, rules in the ACL are automatically renumbered. For example, if the ACL step is changed from 5 to 2, the original rule numbers 5, 10, 15, and 20 will be renumbered as 2, 4, and 6.
  • If the default step 5 is restored for an ACL, the system immediately renumbers the rules in the ACL based on the default step. For example, if the step of ACL 3001 is 2, rules in ACL 3001 are numbered 0, 2, 4, and 6. If the default step 5 is restored, the rules will be renumbered as 5, 10, 15, and 20.

An ACL step can be used to maintain ACL rules and makes it convenient to add new ACL rules. If a user has created four rules numbered 0, 5, 10, and 15 in an ACL, the user can add a rule (for example, rule number 1) between rules 0 and 5.

ACL validity period

To control a type of traffic in a specified period of time, users can configure the validity period of an ACL rule to determine the time during which that traffic type is allowed to pass through. For example, to ensure reliable transmission of video services in prime time in the evening, restrict the traffic volume of common online users. The validity period can be an absolute or cyclic time range.
  • An absolute time range start from yyyy-mm-dd to yyyy-mm-dd. This time range is effective once and does not repeat.
  • A cyclic time range is cyclic, with a one week cycle. For example, an ACL rule takes effect from 8:00 to 12:00 every Sunday.
Translation
Download
Updated: 2019-01-14

Document ID: EDOC1100058931

Views: 10031

Downloads: 17

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next