Dell Force10 S60-44T FTOS Command Line Reference Guide for the S60 System FTOS - Page 195
ip access-list extended
View all Dell Force10 S60-44T manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 195 highlights
For example, an ACL rule with TCP port range 4000 - 8000 will use 8 entries in the CAM: Rule# Data Mask From To #Covered 1 0000111110100000 1111111111100000 4000 4031 32 2 0000111111000000 1111111111000000 4032 4095 64 3 0001000000000000 1111100000000000 4096 6143 2048 4 0001100000000000 1111110000000000 6144 7167 1024 5 0001110000000000 1111111000000000 7168 7679 512 6 0001111000000000 1111111100000000 7680 7935 256 7 0001111100000000 1111111111000000 7936 7999 64 8 0001111101000000 1111111111111111 8000 8000 1 Total Ports: 4001 But an ACL rule with TCP port lt 1023 takes only one entry in the CAM: Rule# Data Mask From To #Covered 1 0000000000000000 1111110000000000 0 1023 1024 Total Ports: 1024 Related Commands deny deny tcp Assign a deny filter for IP traffic. Assign a deny filter for TCP traffic. ip access-list extended c e s Name (or select) an extended IP access list (IP ACL) based on IP addresses or protocols. Syntax ip access-list extended access-list-name To delete an access list, use the no ip access-list extended access-list-name command. Parameters access-list-name Enter a string up to 140 characters long as the access list name. Defaults All access lists contain an implicit "deny any"; that is, if no match occurs, the packet is dropped. Command Modes CONFIGURATION Command History Version 8.3.3.1 Version 8.1.1.0 Version 7.8.1.0 Version 7.6.1.0 Version 7.5.1.0 pre-Version 6.2.1.1 Introduced on the S60. Introduced on E-Series ExaScale Increased name string to accept up to 140 characters. Prior to 7.8.1.0, names are up to 16 characters long. Support added for S-Series Support added for C-Series Introduced on E-Series Usage The number of entries allowed per ACL is hardware-dependent. Refer to your line card documentation Information for detailed specification on entries allowed per ACL. Prior to 7.8.1.0, names are up to 16 characters long. Access Control Lists (ACL) | 195