beautypg.com

Configuring a time range, Configuring the acl operating mode – H3C Technologies H3C S12500 Series Switches User Manual

Page 13

background image

4

Task Remarks

Configuring packet filtering with ACLs

Optional.
Applicable to IPv4 and IPv6.

Configuring a time range

You can implement ACL rules based on the time of day by applying a time range to them. A time-based
ACL rule takes effect only in any time periods specified by the time range.
The following basic types of time range are available:

Periodic time range—Recurs periodically on a day or days of the week.

Absolute time range—Represents only a period of time and does not recur.

You can create a maximum of 256 time ranges, each with a maximum of 32 periodic statements and 12

absolute statements. The active period of a time range is calculated as follows:

1.

Combining all periodic statements

2.

Combining all absolute statements

3.

Taking the intersection of the two statement sets as the active period of the time range

To configure a time range:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Configure a time range.

time-range time-range-name
{ start-time to end-time days [ from

time1 date1 ] [ to time2 date2 ] |

from time1 date1 [ to time2 date2 ]

| to time2 date2 }

By default, no time range exists.
Repeat this command with the

same time range name to create
multiple statements for a time

range.

Configuring the ACL operating mode

On a switch with EB or EC2 cards, you can configure the ACL operating mode to change the ACL rule
length on the EB or EC2 cards.

When the EB or EC2 cards are operating in standard ACL mode, the ACL rule length is 24 bytes
and only Ethernet frame header, IPv4 basic, and IPv4 advanced ACLs are supported on EB or EC2

cards.

When the EB or EC2 cards are operating in enhanced ACL mode, the ACL rule length is 48 bytes
and Ethernet frame header, IPv4 basic, IPv4 advanced, IPv6 basic, IPv6 advanced, and

user-defined ACLs are supported on EB or EC2 cards.

Switching the ACL operating mode changes the ACL rule length and the number of ACL rules supported

on EB or EC2 cards. This might invalidate ACL-related configurations. Use this feature with caution. The

number of ACL rules supported in standard ACL mode is twice the number of ACL rules supported in

advanced ACL mode.
This command is available only on EB and EC2 cards.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: