Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
Interface ACL

Interface ACL

Created: Apr 20, 2020 08:50:53Latest reply: Apr 22, 2020 03:53:01 524 4 0 0 0
  Rewarded HiCoins: 0 (problem resolved)
View the author 1#

I have the following configuration in router NE40:

#
acl number 1000
rule 5 deny interface Eth-Trunk1.600
#

commit


The traffic flow through over the Eth.trunk.600, what's happening?

Like (0) Dislike (0) Favorite(0) Share Report
Previous: Time Problem on Switch Huawei S9306E
Next: Explan the detail about link status
Featured Answers

Best answer

(0) (0)
jason_hu
Admin Created Apr 22, 2020 03:40:17

Hello,

The traffic policy and traffic filter can be configured to suppress traffic.  

The configuration can be applied in the port mode or global mode.

You can refer to the link information:https://support.huawei.com/hedex/hdx.do?docid=EDOC1100069307&id=dc_cfg_qos_0305&lang=en

View more
  • x
  • convention:
All Answers
(0) (0)
2#
jason_hu
jason_hu Admin Created Apr 20, 2020 08:57:07


Hello,
Did you apply the rules? or whether the policy is configured.

View more
  • x
  • convention:
(0) (0)
3#
masanchez
masanchez Created Apr 20, 2020 09:48:38

Is it necessary apply a "traffic classifier", "traffic behavior" and "traffic policy" to the interface?
View more
  • x
  • convention:
(0) (0)
4#
jason_hu
jason_hu Admin Created Apr 22, 2020 03:40:17

Hello,

The traffic policy and traffic filter can be configured to suppress traffic.  

The configuration can be applied in the port mode or global mode.

You can refer to the link information:https://support.huawei.com/hedex/hdx.do?docid=EDOC1100069307&id=dc_cfg_qos_0305&lang=en

View more
  • x
  • convention:
(0) (0)
5#
Unicef
Unicef MVE Created Apr 22, 2020 03:53:01


In this thread, I'll tell you the application of ACL and ACL configuration method.

1 ACL Application Scope
ACL cannot independently control network access behaviors or restrict network traffic. It must be applied to a service module.

2 Working Mechanism of the ACL Module
Different service modules handle the packets matching and not matching the ACL in different ways.

For example, an ACL is applied to a traffic policy. If the ACL contains rules but packets do not match these rules, the packets are forwarded. However, if the ACL is applied to the Telnet service, these packets are discarded.

If an ACL is applied to a blacklist, the packets matching the rules are discarded no matter whether the ACL rules are permit or deny.

Therefore, you must exercise when applying an ACL to a service module.

The following table provides the ACL handling mechanism of each module.
3 ACL Configuration
The ACL configuration varies according to the service modules. The following table lists the ACL configuration on each module.
4 ACL Configuration Cases
Case 1: Use ACL to restrict Telnet access permission.

To ensure the security of remotely maintained devices, only the administrator (10.1.1.1/32) can log in to the switch through Telnet.

https://forum.huawei.com/enterprise/en/acl-application-all-about-switches-19/thread/232535-861
View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.