beautypg.com

Brocade BigIron RX Series Configuration Guide User Manual

Page 686

background image

608

BigIron RX Series Configuration Guide

53-1002484-04

Configuring numbered and named ACLs

22

Parameter to filter packets with AHP or ESP protocols

If you entered AHP (IP Authentication Header Protocol) or ESP (Encapsulating Security Payload) for
<ip-protocol>, then you can use the following parameter:

Using ACL QoS options to filter packets

You can filter packets based on their QoS values by entering values for the following parameters:

<

icmp-type>

Enter one of the following values, depending on the software version the device is
running:

any-icmp-type

echo

echo-reply

information-request

log

mask-reply

mask-request

parameter-problem

redirect

source-quench

time-exceeded

timestamp-reply

timestamp-request

unreachable

<

num>

NOTE: If the ACL is for the inbound traffic direction on a virtual routing interface,

you also can specify a subset of ports within the VLAN containing that
interface when assigning an ACL to the interface. Refer to

“Configuring

numbered and named ACLs”

on page 600.

precedence

<

name> |

<

num>

The precedence option for an IP packet is set in a three-bit field following the four-bit
header-length field of the packet’s header. You can specify one of the following
name or number:

critical or 5 – The ACL matches packets that have the critical precedence. If
you specify the option number instead of the name, specify number 5.

flash or 3 – The ACL matches packets that have the flash precedence. If you
specify the option number instead of the name, specify number 3.

flash-override or 4 – The ACL matches packets that have the flash override
precedence. If you specify the option number instead of the name, specify
number 4.

immediate or 2 – The ACL matches packets that have the immediate
precedence. If you specify the option number instead of the name, specify
number 2.

internet or 6 – The ACL matches packets that have the internetwork control
precedence. If you specify the option number instead of the name, specify
number 6.

network or 7 – The ACL matches packets that have the network control
precedence. If you specify the option number instead of the name, specify
number 7.

priority or 1 – The ACL matches packets that have the priority precedence. If
you specify the option number instead of the name, specify number 1.

routine or 0 – The ACL matches packets that have the routine precedence. If
you specify the option number instead of the name, specify number 0.

<

sip>

Enables packet matching based on specific IP source addresses.

See also other documents in the category Brocade Computer Accessories: