Dell Force10 MXL Blade MXL 10/40GbE Switch IO Module FTOS Command Line Referen - Page 109
Command Example, ip access-list extended
View all Dell Force10 MXL Blade manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 109 highlights
For example, an ACL rule with TCP port range 4000 - 8000 will use eight entries in the CAM: Rule# Data Mask From To #Covered 1 0000111110100000 1111111111100000 4000 4031 32 2 0000111111000000 1111111111000000 4032 4095 64 3 0001000000000000 1111100000000000 4096 6143 2048 4 0001100000000000 1111110000000000 6144 7167 1024 5 0001110000000000 1111111000000000 7168 7679 512 6 0001111000000000 1111111100000000 7680 7935 256 7 0001111100000000 1111111111000000 7936 7999 64 8 0001111101000000 1111111111111111 8000 8000 1 Total Ports: 4001 But an ACL rule with TCP port lt 1023 takes only one entry in the CAM: Rule# Data Mask From To #Covered 1 0000000000000000 1111110000000000 0 1023 1024 Total Ports: 1024 Related Commands deny deny tcp Assigns a deny filter for IP traffic. Assigns a deny filter for TCP traffic. ip access-list extended Name (or select) an extended IP access list (IP ACL) based on IP addresses or protocols. Syntax ip access-list extended access-list-name To delete an access list, use the no ip access-list extended access-list-name command. Parameters access-list-name Enter a string up to 140 characters long as the access list name. Defaults All access lists contain an implicit deny any; that is, if no match occurs, the packet is dropped. Command Modes CONFIGURATION Command History Usage Information Version 8.3.16.1 Introduced on MXL 10/40GbE Switch IO Module The number of entries allowed per ACL is hardware-dependent. For detailed specification on entries allowed per ACL, refer to your switch documentation. Example Figure 6-5. ip access-list extended Command Example FTOS(conf)#ip access-list extended TESTListEXTEND FTOS(config-ext-nacl)# Related Commands ip access-list standard resequence access-list Configures a standard IP access list. Displays the current configuration. Access Control Lists (ACL) | 109