Address Information; Port Information - Cisco AP775A - Nexus Converged Network Switch 5010 Configuration Manual

Chapter 42 Configuring IPv4 and IPv6 Access Control Lists
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Note

Address Information

The address information is required in each filter. It identifies the following details:
•
•
•
•
Specify the source and source-wildcard or the destination and destination-wildcard in one of two ways:
•
•

Port Information

The port information is optional. To compare the source and destination ports, use the eq (equal) option,
the gt (greater than) option, the lt (less than) option, or the range (range of ports) option. You can specify
the port information in one of two ways:
•
•
OL-17256-03, Cisco MDS NX-OS Release 4.x
When configuring IPv4-ACLs or IPv6-ACLs on Gigabit Ethernet interfaces, only use the TCP
or ICMP options.
Source—The address of the network or host from which the packet is being sent.
Source-wildcard—The wildcard bits applied to the source.
Destination—The number of the network or host to which the packet is being sent.
Destination-wildcard—The wildcard bits applied to the destination.
Using the 32-bit quantity in four-part, dotted decimal format (10.1.1.2/0.0.0.0 is the same as host
10.1.1.2).
– Each wildcard bit set to zero indicates that the corresponding bit position in the packet's IPv4
address must exactly match the bit value in the corresponding bit position in the source.
– Each wildcard bit set to one indicates that both a zero bit and a one bit in the corresponding
position of the packet's IPv4 or IPv6 address will be considered a match to this access list entry.
Place ones in the bit positions you want to ignore. For example, 0.0.255.255 requires an exact
match of only the first 16 bits of the source. Wildcard bits set to one do not need to be contiguous
in the source-wildcard. For example, a source-wildcard of 0.255.0.64 would be valid.
Using the any option as an abbreviation for a source and source-wildcard or destination and
destination-wildcard (0.0.0.0/255.255.255.255)
Specify the number of the port. Port numbers range from 0 to 65535.
numbers recognized by the Cisco NX-OS software for associated TCP and UDP ports.
Specify the name of a TCP or UDP port as follows:
TCP port names can only be used when filtering TCP.
–
– UDP port names can only be used when filtering UDP.
Cisco MDS 9000 Family Fabric Manager Configuration Guide
About Filter Contents
Table 42-1 displays the port
42-3