Allied Telesis AT-DC2552XS User Manual

Page 451

AT-DC2552SX Switch Command Line Interface User’s Guide

451

Confirmation Command

Description

Use this command to add a new copy-to-mirror statement to the hardware
ACL or modify an existing copy-to-mirror statement. When a packet
matches a copy-to-mirror statement, the switch forwards the packet,
copies the packet, and sends it to the mirror port. You can add up to 256
statements to one hardware ACL. To specify the mirror port, see
“MIRROR INTERFACE” command.

The hardware access list is a sequential collection of permit, deny, or
copy-to-mirror statements. The switch evaluates a packet against the
statement one by one from the smallest sequence number to the largest.
When a packet matches the statement, the switch permits, denies, or
mirrors the packet and skips the rest of the statements. If a packet does
not match any statements, the switch forwards the packet.

To add or modify a permit or deny statement, see “PERMIT” on page 469
or “DENY” on page 453.

Examples

This example creates a new hardware access list named “acl_1” and adds
a statement to forward packets and copy them to the mirror port when the
prefix of a source MAC address in the packets is “ec:cd:6d”:

awplus> enable
awplus# configure terminal
awplus(config)# access-list hardware acl_1
awplus(config-ip-hw-acl)# copy-to-mirror mac
ec:cd:6d:00:00:00 00:00:00:ff:ff:ff any

This example selects an existing hardware access list named “acl_2” and
adds a statement at the end of the acl_2 to forward packets and copy them
to the mirror port when packets have destination IP addresses of
192.168.1.0./24 and belong to VLAN 10:

awplus> enable
awplus# configure terminal
awplus(config)# access-list hardware acl_2
awplus(config-ip-hw-acl)# copy-to-mirror ip any 192.168.1.0/
24 vlan 10