Inserting a new ACE in an existing ACL (examples)
From the global configuration context, insert a new ACE with a sequence number of 45 between the ACEs numbered 40 and 50 in Appending an ACE to an existing list.
Inserting an ACE in an existing ACL
Switch(Config)# ipv6 access-list My–list 1 Switch(config–ipv6–acl)# 45 permit icmp host 2001:db8:0:5ad::33 ::/0 2 Switch(config–ipv6–acl)# show run . . . ipv6 access-list "My–list" 10 permit ipv6 2001:db8:0:5ad::25/128 ::/0 20 permit ipv6 2001:db8:0:5ad::111/128 ::/0 30 permit icmp 2001:db8:0:5ad::115/128 ::/0 40 permit icmp 2001:db8:0:5ad::/64 ::/0 45 permit icmp 2001:db8:0:5ad::33 ::/0 50 permit icmp 2001:db8:0:5ad::19/128 ::/0 60 permit ipv6 ::/0 2001:db8:0:5ad::1/128 70 deny ipv6 2001:db8:0:5ad::/64 ::/0 80 permit ipv6 ::/0 ::/0 exit
1 Enters the Named-ACL context for "My-list"
2 Inserts a new ACE assigned to line 45
From within the context of an IPv6 ACL named “List-01”, insert a new ACE between two existing ACEs. In this example, the first command creates a new ACL and enters the ACL context. The next two ACEs entered become lines 10 and 20 in the list. The third ACE entered is inserted between lines 10 and 20 by using the sequence command with a sequence number of 11.
Inserting an ACE into an existing sequence
Switch(config)# Port_1_5400(config)# ipv6 access-list List–01 1 Switch(config–ipv6–acl)# permit ipv6 host fe80::100 host fe80::200 2 Switch(config–ipv6–acl)# permit ipv6 host fe80::103 any Switch(config–ipv6–acl)# 11 permit ipv6 host fe80::110 host fe80:: 3 Switch(config–ipv6–acl)# show run Running configuration: . . . ipv6 access-list "List–01" 10 permit ipv6 fe80::100/128 fe80::200/128 11 permit ipv6 fe80::110/128 fe80::210/128 20 permit ipv6 fe80::103/128 ::/0 exit
1 Becomes Line 10
2 Becomes Line 20
3 Lines 10 and 20 were automatically numbered according to their order of entry in the list. Line 11 was explicitly numbered by the
11 permit
command and was inserted in its proper place in the list.