1.1.5 Access list
To perform flow detection for the filter, set access lists in the configuration. The access list you need to set depends on the flow detection condition. The type of detectable frames also depends on the flow detection condition. The following table describes the relationship between the access lists for flow detection conditions and detectable frame types.
|
Configurable Flow detection conditions |
Access lists |
Flow detection mode |
Detectable Frame type |
||
|---|---|---|---|---|---|
|
Non-IP |
IPv4 |
IPv6 |
|||
|
MAC conditions |
mac access-list |
layer2-1 layer2-1-mirror |
OK |
OK |
OK |
|
IPv4 conditions |
access-list ip access-list |
layer2-2 layer2-2-mirror |
- |
OK |
- |
|
IPv6 conditions |
ipv6 access-list |
layer2-3 |
- |
- |
OK |
(Legend) OK: Can be detected-: Cannot be detected
The order in which filter entries are applied is determined by the sequence number specified as a parameter of an access list.
- <Structure of this section>
(1) Operation When Multiple Flow Detection Conditions are Set Simultaneously
If filtering is performed for outgoing and incoming frames of the interface when multiple flow detection conditions are set, frames are detected in the order shown in the below table. Multiple filter entries are not matched.
|
Flow detection order |
interface |
|---|---|
|
1 |
Ethernet |
|
2 |
VLAN |