3com 8807 참조 가이드

The VLAN-ACL configuration is subject to the following limitations:

1 Limitations on flow templates:

■

The system only applies VLAN-ACL to ports with the default flow template 
applied. The applied ACL rule field must be specified by the default flow 
template.

■

If no port in a VLAN has ACL rules applied to, the system checks all ports in 
the VLAN when applying an ACL rule in VLAN view and prohibits the ACL 
rule from being applied if a port in the VLAN has a customized flow 
template applied to.

■

If a VLAN-ACL is applied to some of the ports in a VLAN, a port with a 
customized flow template applied to can be added to the VLAN. But the 
system will fail to apply the VLAN-ACL to the newly added port. That is, you 
can apply the VLAN-ACL in VLAN view to all the ports in the VLAN except 
the newly added one. However, when the self-defined flow template is 
deleted under the port, the system will apply QACL rules in the VLAN to the 
new port automatically.

■

You will fail to apply the self-defined flow template of a port with a 
VLAN-ACL already applied to a customized flow template.

2 If both a VLAN and one of its ports have QACL rules applied, only those applied to 

the port work. In this case, the VLAN-ACL takes effect only after the QACL rules 
applied to the port are removed and the flow template applied to the port 
changes to the default flow template.

3 When the VLAN contains no ports, the system is prohibited from applying 

VLAN-ACL (including adding and deleting rules).

4 Two ports differing in VLAN-ACL configuration cannot be aggregated dynamically.

5 A VLAN-ACL is prohibited from being applied to a VLAN containing MPLS 

intermixing ports. Similarly, a VLAN with a VLAN-ACL applied to is prohibited from 
being used for MPLS intermixing.

mirrored-to inbound ip-group { acl-number | acl-name } [ rule rule [ 
system-index index ] ] cpu

undo mirrored-to inbound ip-group { acl-number | acl-name } [ rule rule ]