Homepage FAQ Switch

How to configure packet filtering on S series switches

125

For details about packet filtering configuration examples on S series switches (except the S1700), see "Example for Configuring a Traffic Policy to Limit Access Between Network Segments" in Typical QoS Configuration. Configurations on different models are the same, and configurations on the S series fixed switches, S7700 and S9700 are used as examples.
Note: This configuration example does not apply to the S2700SI.

Other related questions:

Configure the traffic-filter command to filter packets

On Eth2/0/0, you can configure packet filtering based on an ACL that permits packets with source IP address 192.168.0.2/32 as follows: system-view [Huawei] acl 3000 [Huawei-acl-adv-3000] rule 5 permit ip source 192.168.0.2 0 [Huawei-acl-adv-3000] quit [Huawei] interface ethernet 2/0/0 [Huawei-Ethernet2/0/0] traffic-filter inbound acl 3000

Configuring interzone packet filtering on the USG6000 series

Conditions and actions for configuring packet filtering

Can ACLs on S series switches filter BPDU packets

For S series switches (except S1700 switches): Information about STP and RSTP is transmitted in BPDUs. A BPDU packet is encapsulated into an Ethernet frame and its destination MAC address is a multicast MAC address 0180-C200-0000. A Layer 2 ACL (with the number ranging from 4000 to 4999) with the destination MAC address configured as 0180-C200-0000 can filter BPDU packets. [HUAWEI] acl 4001 [HUAWEI-acl-L2-4001] rule 5 permit destination-mac 0180-c200-0000

If you have more questions, you can seek help from following ways:

To WeiKnow To Live Chat

Enterprise

Consumer

Corporate

Carriers

How to configure packet filtering on S series switches

Other related questions:

If you have more questions, you can seek help from following ways: