Operating notes for remarks, Operating notes for remarks -73 – HP 6200YL User Manual

IPv6 Access Control Lists (ACLs)

Editing an Existing ACL

Using the

no <1-2147483647> command without the remark keyword deletes

both the remark and the ACE to which it is attached.

Operating Notes for Remarks

■

An “orphan” remark is a remark that does not have an ACE counter­
part with the same sequence number. The

resequence command

renumbers an orphan remark as a sequential, standalone entry
without a permit or deny ACE counterpart.

ipv6 access-list "XYZ"

10 remark "Permits HTTP"

10 permit tcp 2001:db8::2:1/120 eq 80 ::/0

12 remark "Denies HTTP from subnet 1."

18 remark "Denies pop3 from 1:157."

18 deny tcp 2001:db8::1:157/128 eq 110 ::/0 log

50 permit ipv6 ::/0 ::/0

exit

ProCurve# ipv6 access-list resequence XYZ 100 10

ProCurve# show access-list XYZ config

ipv6 access-list "XYZ"

100 remark "Permits HTTP"

100 permit tcp 2001:db8::2:1/120 eq 80 ::/0

110 remark "Denies HTTP from subnet 1."

120 remark "Denies pop3 from 1:157."

120 deny tcp 2001:db8::1:157/128 eq 110 ::/0 log

130 permit ipv6 ::/0 ::/0

exit

■

Entering either an unnumbered remark followed by a manually
numbered ACE (using

<1-2147483647>), or the reverse (an unnum­

bered ACE followed by a manually numbered remark) can result in
an “orphan” remark.

■

Configuring two remarks without including either sequence numbers
or an intervening, unnumbered ACE results in the second remark
overwriting the first.

8-73