Brocade Communications Systems ServerIron ADX 12.4.00 Service Manual Page 83
- Page / 149
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
ServerIron ADX NAT64 Configuration Guide 71
53-1002444-02
Configuring rule-based ACLs
5
DRAFT: BROCADE CONFIDENTIAL
The <tcp/udp-port> parameter specifies the TCP or UDP port number or well-known name. You can
specify a well-known name for any application port whose number is less than 1024. For other
application ports, you must enter the number. Enter “?” instead of a port to list the well-known
names recognized by the CLI.
The in | out parameter specifies whether the ACL applies to incoming traffic or outgoing traffic on
the interface to which you apply the ACL. You can apply the ACL to an Ethernet port.
NOTE
The out option is not supported in the rule-based ACL mode.
The precedence <name> | <num> parameter of the ip access-list command specifies the IP
precedence. The precedence option for of an IP packet is set in a three-bit field following the
four-bit header-length field of the packet’s header. You can specify one of the following:
• critical or 5: The ACL matches packets that have the critical precedence. If you specify the
option number instead of the name, specify number 5.
• flash or 3: The ACL matches packets that have the flash precedence. If you specify the option
number instead of the name, specify number 3.
• flash-override or 4: The ACL matches packets that have the flash override precedence. If you
specify the option number instead of the name, specify number 4.
• immediate or 2: The ACL matches packets that have the immediate precedence. If you specify
the option number instead of the name, specify number 2.
• internet or 6: The ACL matches packets that have the internetwork control precedence. If you
specify the option number instead of the name, specify number 6.
• network or 7: The ACL matches packets that have the network control precedence. If you
specify the option number instead of the name, specify number 7.
• priority or 1: The ACL matches packets that have the priority precedence. If you specify the
option number instead of the name, specify number 1.
• routine or 0: The ACL matches packets that have the routine precedence. If you specify the
option number instead of the name, specify number 0.
The tos <name> | <num> parameter of the ip access-list command specifies the IP ToS. You can
specify one of the following:
• max-reliability or 2: The ACL matches packets that have the maximum reliability ToS. The
decimal value for this option is 2.
• max-throughput or 4: The ACL matches packets that have the maximum throughput ToS. The
decimal value for this option is 4.
• min-delay or 8: The ACL matches packets that have the minimum delay ToS. The decimal value
for this option is 8.
• min-monetary-cost or 1: The ACL matches packets that have the minimum monetary cost ToS.
The decimal value for this option is 1.
NOTE
This value is not supported on 10 Gigabit Ethernet modules.
• normal or 0: The ACL matches packets that have the normal ToS. The decimal value for this
option is 0.
- ServerIron ADX 1
- Document History 2
- Contents 3
- About This Document 9
- Command syntax conventions 10
- Notice to the reader 11
- Related publications 11
- Getting technical help 11
- NAT64 and NAT46 Overview 13
- Stateless NAT46 translation 14
- Protocol support 15
- NAT64 fragmentation support 17
- References 18
- Stateful NAT64 Configuration 19
- Operation of stateful NAT64 20
- 53-1002444-02 23
- Enabling connection logging 28
- Displaying NAT64 information 31
- Displaying NAT64 translations 32
- Displaying NAT64 statistics 33
- Displaying NAT64 resources 37
- Stateless NAT64 Configuration 39
- Operation of stateless NAT64 40
- High availability for NAT64 52
- Clearing NAT64 information 53
- Stateless NAT46 Configuration 55
- Operation of stateless NAT46 56
- High availability for NAT46 67
- Displaying NAT46 information 68
- Clearing NAT46 information 69
- Access Control Lists 71
- Rule-based ACLs 72
- Default ACL action 74
- ACL IDs and entries 74
- Configuring rule-based ACLs 77
- Modifying rule-based ACLs 85
- Reordering ACLs 86
- Applying ACLs to interfaces 87
- Adding comments to named ACLs 89
- ACL logging 94
- Displaying ACL log entries 95
- Clearing the ACL statistics 97
- Throttling the fragment rate 98
- DRAFT: BROCADE CONFIDENTIAL 100
- Enabling strict TCP mode 101
- Enabling strict UDP mode 102
- ACLs and ICMP 103
- Numbered ACLs 104
- Named ACLs 105
- • Enable the strict TCP mode 107
- IPv6 Access Control Lists 109
- Configuration notes 110
- Processing of IPv6 ACLs 110
- Configuring IPv6 ACLs 111
- IPv6 ACL syntax 114
- Syntax Description 116
- Displaying IPv6 ACLs 118
- Logging IPv6 ACLs 119
- Network Address Translation 121
- Configuring NAT 122
- Configuring static NAT 123
- Configuring dynamic NAT 123
- Enabling IP NAT 124
- NAT configuration examples 125
- IP NAT with VIP overlap 129
- Translation timeouts 130
- Stateless static IP NAT 132
- IP NAT redundancy 133
- Displaying NAT information 144
- Displaying NAT translation 147
- Displaying VRRPE information 148
Related products and manuals for Network switches Brocade Communications Systems ServerIron ADX 12.4.00
(16 pages)
(82 pages)© 2020, manymanuals.com. All rights reserved. | 2.072 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals