Configuring an IPv6 basic ACL
IPv6 basic ACLs match packets based only on source IP addresses.
To configure an IPv6 basic ACL:
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Create an IPv6 basic ACL view and enter its view. | acl ipv6 number acl6-number [ name acl6-name ] [ match-order { auto | config } ] | By default, no ACL exists. IPv6 basic ACLs are numbered in the range of 2000 to 2999. You can use the acl ipv6 name acl6-name command to enter the view of a named ACL. |
3. Configure a description for the IPv6 basic ACL. | description text | Optional. By default, an IPv6 basic ACL has no ACL description. |
4. Set the rule numbering step. | step step-value | Optional. The default setting is 5. |
5. Create or edit a rule. | rule [ rule-id ] { deny | permit } [ counting | fragment | logging | routing [ type routing-type ] | source { ipv6-address prefix-length | ipv6-address/prefix-length | any } | time-range time-range-name | vpn-instance vpn-instance-name ] * | By default, an IPv6 basic ACL does not include any rule. The logging keyword takes effect only when the module using the ACL supports logging. |
6. Add or edit a rule comment. | rule rule-id comment text | Optional. By default, no rule comments are configured. |
7. Add or edit a rule range remark. | rule [ rule-id ] remark text | Optional. By default, no rule range remarks are configured. |