Manualsbrain.com
  1. Инструкции и руководства
  2. Бренды
  3. 3com
  4. S7906E
  5. Инструкции По Установке

Инструкции По Установке для 3com S7906E

Скачать
Страница из 2621
 
1-6 
 
The name of an IPv6 ACL must be unique among IPv6 ACLs. However, an IPv6 ACL and an IPv4 ACL 
can share the same name. 
 
IPv6 ACL Match Order  
Similar to IPv4 ACLs, IPv6 ACLs are sequential collections of rules defined with different matching 
parameters. The order in which a packet is matched against the rules in an IPv6 ACL may affect how the 
packet is handled.  
Like in IPv4 ACLs, the following two match orders are available in IPv6 ACLs: 
config: where rules are compared against in the order in which they are configured.  
auto: where depth-first match is performed.  
Depth-first match for a basic IPv6 ACL 
The following shows how your switch performs depth-first match in a basic IPv6 ACL:  
1)  Sort rules by source IPv6 address prefix first and compare packets against the rule configured with 
a longer prefix for the source IPv6 address. 
2)  In case of a tie, compare packets against the rule configured first. 
Depth-first match for an advanced IPv6 ACL 
The following shows how your switch performs depth-first match in an advanced IPv6 ACL:  
1)  Look at the protocol type field in the rules first. A rule with no limit to the protocol type (that is, 
configured with the ipv6 keyword) has the lowest precedence. Rules each of which has a single 
specified protocol type are of the same precedence level. Compare packets against the rule with 
the highest precedence. 
2)  In case of a tie, look at the source IPv6 address prefixes. Then, compare packets against the rule 
configured with a longer prefix for the source IPv6 address. 
3)  If the prefix lengths for the source IPv6 addresses are the same, look at the destination IPv6 
address prefixes. Then, compare packets against the rule configured with a longer prefix for the 
destination IPv6 address.  
4)  If the prefix lengths for the destination IPv6 addresses are the same, look at the Layer 4 port 
number ranges, namely the TCP/UDP port number ranges. Then compare packets against the rule 
configured with the smaller port number range. 
5)  If the port number ranges are the same, compare packets against the rule configured first.  
The comparison of a packet against an ACL stops once a match is found. The packet is then processed 
as per the rule.  
IPv6 ACL Step 
Refer to 
Effective Period of an IPv6 ACL 
Refer to