Home » Dell Manuals » Servers » Dell Force10 S25N-S50N » Manual Viewer

Dell Force10 S25N-S50N FTOS Command Line Reference Guide FTOS 8.4.2.7 E-Series - Page 231

ip access-list extended

View all Dell Force10 S25N-S50N manuals

Add to My Manuals
Save this manual to your list of manuals

Page 231 highlights

The C-Series and S-Series cannot count both packets and bytes, so when you enter the count byte options, only bytes are incremented. The monitor option is relevant in the context of flow-based monitoring only. See the Chapter 44, Port Monitoring. Note: When ACL logging and byte counters are configured simultaneously, byte counters may display an incorrect value. Configure packet counters with logging instead. Most ACL rules require one entry in the CAM. However, rules with TCP and UDP port operators (gt, lt, range) may require more than one entry. The range of ports is configured in the CAM based on bit mask boundaries; the space required depends on exactly what ports are included in the range. For example, an ACL rule with TCP port range 4000 - 8000 will use 8 entries in the CAM: Rule# Data Mask From To #Covered 1 0000111110100000 1111111111100000 4000 4031 32 2 0000111111000000 1111111111000000 4032 4095 64 3 0001000000000000 1111100000000000 4096 6143 2048 4 0001100000000000 1111110000000000 6144 7167 1024 5 0001110000000000 1111111000000000 7168 7679 512 6 0001111000000000 1111111100000000 7680 7935 256 7 0001111100000000 1111111111000000 7936 7999 64 8 0001111101000000 1111111111111111 8000 8000 1 Total Ports: 4001 But an ACL rule with TCP port lt 1023 takes only one entry in the CAM: Rule# Data Mask From To #Covered 1 0000000000000000 1111110000000000 0 1023 1024 Total Ports: 1024 Related Commands deny deny tcp Assign a deny filter for IP traffic. Assign a deny filter for TCP traffic. ip access-list extended c e s Name (or select) an extended IP access list (IP ACL) based on IP addresses or protocols. Syntax ip access-list extended access-list-name To delete an access list, use the no ip access-list extended access-list-name command. Parameters access-list-name Enter a string up to 140 characters long as the access list name. Defaults All access lists contain an implicit "deny any"; that is, if no match occurs, the packet is dropped. Command Modes CONFIGURATION Access Control Lists (ACL) | 231

Section	Page
Preface	13
About this Guide	13
Objectives	13
Audience	13
Conventions	13
Information Symbols	14
Related Documents	14
CLI Basics	15
Accessing the Command Line	15
Multiple Configuration Users	16
Navigating the Command Line Interface	16
Obtaining Help	17
Using the Keyword No	19
Filtering show Commands	19
Displaying All Output	20
Filtering Command Output Multiple Times	20
Command Modes	20
EXEC Mode	21
EXEC Privilege Mode	21
CONFIGURATION Mode	21
INTERFACE Mode	21
LINE Mode	22
TRACE-LIST Mode	22
MAC ACCESS LIST Mode	22
IP ACCESS LIST Mode	23
ROUTE-MAP Mode	23
PREFIX-LIST Mode	23
AS-PATH ACL Mode	23
IP COMMUNITY LIST Mode	24
REDIRECT-LIST Mode	24
SPANNING TREE Mode	24
Per-VLAN SPANNING TREE Plus Mode	24
RAPID SPANNING TREE Mode	25
MULTIPLE SPANNING TREE Mode	25
PROTOCOL GVRP Mode	25
ROUTER OSPF Mode	25
ROUTER RIP Mode	26
ROUTER ISIS Mode	26
ROUTER BGP Mode	26
Determining the Chassis Mode	26
File Management	27
Overview	27
Basic File Management Commands	27
Upgrading the C-Series FPGA	56
BOOT_USER Mode	59
Overview	59
Commands	59
Control and Monitoring	73
Overview	73
Commands	73
802.1ag	165
Overview	165
Commands	165
802.3ah	177
Overview	177
Commands	177
802.1X	189
Important Points to Remember	189
Access Control Lists (ACL)	205
Overview	205
Commands Common to all ACL Types	205
Common IP ACL Commands	207
Standard IP ACL Commands	211
Extended IP ACL Commands	218
Common MAC Access List Commands	250
Standard MAC ACL Commands	253
Extended MAC ACL Commands	258
IP Prefix List Commands	263
Route Map Commands	269
AS-Path Commands	286
IP Community List Commands	289
ACL VLAN Group	295
Overview	295
Commands	295
Bidirectional Forwarding Detection (BFD)	301
Overview	301
Commands	301
Border Gateway Protocol IPv4 (BGPv4)	315
Overview	315
BGPv4 Commands	315
MBGP Commands	392
BGP Extended Communities (RFC 4360)	419
Content Addressable Memory (CAM)	429
Overview	429
CAM Profile Commands	429
Important Points to Remember	430
CAM IPv4flow Commands	441
CAM Layer 2 ACL Commands	444
Configuration Rollback	447
Overview	447
Commands	447
Dynamic Host Configuration Protocol (DHCP)	457
Overview	457
Commands to Configure the System to be a DHCP Server	457
Commands to Configure Secure DHCP	465
Equal Cost Multi-Path	473
Overview	473
Commands	473
Far-End Failure Detection (FEFD)	479
Overview	479
Commands	479
FTOS Resilient Ring Protocol (FRRP)	485
Overview	485
Commands	485
Important Points to Remember	485
FTOS Service Agent	493
Overview	493
Commands	493
GARP VLAN Registration (GVRP)	525
Overview	525
Commands	525
Important Points to Remember	526
High Availability (HA)	535
Overview	535
Commands	535
Internet Group Management Protocol (IGMP)	545
Overview	545
IGMP Commands	545
Important Points to Remember	545
IGMP Snooping Commands	555
Important Points to Remember for IGMP Snooping	555
Important Points to Remember for IGMP Querier	556
Interfaces	561
Overview	561
Basic Interface Commands	561
Port Channel Commands	616
Time Domain Reflectometer (TDR)	625
Important Points to Remember	626
UDP Broadcast	627
Important Points to Remember	628
IPv4 Routing	631
Overview	631
Commands	631
IPv6 Access Control Lists (IPv6 ACLs)	683
Overview	683
Important Points to Remember	683
IPv6 ACL Commands	684
IPv6 Route Map Commands	710
IPv6 Basics	715
Overview	715
Commands	715
IPv6 Border Gateway Protocol (IPv6 BGP)	733
Overview	733
IPv6 BGP Commands	733
IPv6 MBGP Commands	795
Intermediate System to Intermediate System (IS-IS)	819
Overview	819
Commands	819
Link Aggregation Control Protocol (LACP)	861
Overview	861
Commands	861
Layer 2	867
Overview	867
MAC Addressing Commands	867
Virtual LAN (VLAN) Commands	887
Link Layer Detection Protocol (LLDP)	897
Overview	897
Commands	897
LLDP-MED Commands	906
Multicast Listener Discovery (MLD)	915
Overview	915
MLD Commands	915
MLD Snooping Commands	922
Multicast Source Discovery Protocol (MSDP)	927
Overview	927
Commands	927
Multiple Spanning Tree Protocol (MSTP)	937
Overview	937
Commands	937
Multicast	953
Overview	953
IPv4 Multicast Commands	953
IPv6 Multicast Commands	970
Neighbor Discovery Protocol (NDP)	977
Overview	977
Commands	977
Object Tracking	985
Overview	985
IPv4 Object Tracking Commands	985
IPv6 Object Tracking Commands	999
Open Shortest Path First (OSPFv2 and OSPFv3)	1005
Overview	1005
OSPFv2 Commands	1005
OSPFv3 Commands	1063
Policy-based Routing (PBR)	1085
Overview	1085
Commands	1085
PIM-Dense Mode (PIM-DM)	1095
Overview	1095
IPv4 PIM-Dense Mode Commands	1095
PIM-Sparse Mode (PIM-SM)	1097
Overview	1097
IPv4 PIM-Sparse Mode Commands	1097
IPv6 PIM-Sparse Mode Commands	1120
PIM-Source Specific Mode (PIM-SSM)	1131
Overview	1131
IPv4 PIM Commands	1131
IPv4 PIM-Source Specific Mode Commands	1131
IPv6 PIM Commands	1133
IPv6 PIM-Source Specific Mode Commands	1133
Power over Ethernet (PoE)	1135
Overview	1135
Commands	1135
Port Monitoring	1141
Overview	1141
Commands	1141
Important Points to Remember	1142
Private VLAN (PVLAN)	1155
Overview	1155
Commands	1155
Private VLAN Concepts	1155
Per-VLAN Spanning Tree plus (PVST+)	1165
Overview	1165
Commands	1165
Quality of Service (QoS)	1179
Overview	1179
Global Configuration Commands	1179
Per-Port QoS Commands	1180
Policy-Based QoS Commands	1188
Important Points to Remember—multicast-bandwidth option	1201
Queue-Level Debugging	1224
Router Information Protocol (RIP)	1235
Overview	1235
Commands	1235
Remote Monitoring (RMON)	1253
Overview	1253
Commands	1253
Rapid Spanning Tree Protocol (RSTP)	1265
Overview	1265
Commands	1265
Security	1277
Overview	1277
Commands	1277
AAA Accounting Commands	1277
Authorization and Privilege Commands	1280
Authentication and Password Commands	1284
RADIUS Commands	1295
TACACS+ Commands	1300
Port Authentication (802.1X) Commands	1303
Important Points to Remember	1303
SSH Server and SCP Commands	1310
Trace List Commands	1322
Secure DHCP Commands	1332
Service Provider Bridging	1337
Overview	1337
Commands	1337
Important Points to Remember	1337
sFlow	1343
Overview	1343
Important Points to Remember	1343
Commands	1344
SNMP and Syslog	1355
Overview	1355
SNMP Commands	1355
Important Points to Remember	1356
Syslog Commands	1371
SONET	1383
Overview	1383
Commands	1383
S-Series Stacking Commands	1401
Overview	1401
Commands	1401
Storm Control	1409
Overview	1409
Commands	1409
Important Points to Remember	1409
Spanning Tree Protocol (STP)	1417
Overview	1417
Commands	1417
Time and Network Time Protocol (NTP)	1429
Overview	1429
Commands	1429
Uplink Failure Detection (UFD)	1445
Overview	1445
Commands	1445
VLAN Stacking	1455
Overview	1455
Commands	1455
Important Points to Remember	1455
Virtual Routing and Forwarding (VRF)	1465
Overview	1465
Commands	1465
Virtual Router Redundancy Protocol (VRRP)	1475
Overview	1475
IPv4 VRRP Commands	1475
IPv6 VRRP Commands	1489
C-Series Diagnostics and Debugging	1495
Overview	1495
Inter-process Communication Commands	1495
RPM Management Port Commands	1501
Data Path Debugging Commands	1503
Interface Troubleshooting Commands	1506
Advanced ASIC Debugging Commands	1510
ACL and System-Flow Debug Commands	1514
Interface Management Debug Commands	1516
Layer 2 Debug Command	1518
Trace Logging Commands	1519
Offline Diagnostic Commands	1525
PoE Hardware Status Commands	1527
Buffer Tuning Commands	1528
E-Series Debugging and Diagnostics	1535
Overview	1535
Diagnostics and Monitoring Commands	1535
Important Points to Remember	1536
Offline Diagnostic Commands	1556
Hardware Commands	1558
S-Series Debugging and Diagnostics	1575
Offline Diagnostic Commands	1575
Important Points to Remember	1575
Buffer Tuning Commands	1577
Hardware Commands	1582
ICMP Message Types	1593
SNMP Traps	1595
Index	1599