For udp – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 210

192

Multi-Service IronWare Security Configuration Guide

53-1003035-02

Configuring an IPv6 ACL

NOTE

Refer to

“Configuration considerations for IPv6 ACL and multicast traffic for 2X100GE modules

installed on NetIron MLX and NetIron XMR devices”

regarding 2x100 GE IPv6 ACL rule exceptions

for multicast traffic.

For UDP

Syntax: [no] ipv6 access-list acl name

Syntax: [no] permit | deny udp

ipv6-source-prefix/prefix-length | any | host source-ipv6_address [tcp-udp-operator
[source port number]]
ipv6-destination-prefix/prefix-length | any | host ipv6-destination-address
[tcp-udp-operator [destination port number]]
[ipv6-operator [value]]
[copy-sflow] | [drop-precedence dp-value] | [drop-precedence-force dp-value] |[dscp
dscp-value] | [dscp-marking dscp-value] | [eq | gt | lt | neq | range port-number] |
[mirror] | [priority-forcenumber] | [sequence num]

Syntax: [no] [sequence num] permit | deny udp

Syntax: regenerate-seq-num [num]

The udp protocol indicates the you are filtering UDP packets.

NOTE

Refer to

“Configuration considerations for IPv6 ACL and multicast traffic for 2X100GE modules

installed on NetIron MLX and NetIron XMR devices”

regarding 2x100 GE IPv6 ACL rule exceptions

for multicast traffic.

dscp-marking dscp-value Use

the

dscp-marking dscp-value parameter to specify a new QoS

value to the packet. If a packet matches the filters in the ACL
statement, this parameter assigns the DSCP value that you specify
to the packet. Enter 0 – 63.

mirror

Allows you to mirror packets matching the ACL permit clause.

priority-force value

Allows you to force packets outgoing priority. You can specify a value
from 0 through 7.

IPv6 ACL arguments

Description