Dell 9.8(0.0) Network Router User Manual


  Open as PDF
of 1910
 
The access-group option supports only the equal to (eq) operator in TCP ACL
rules. Port operators not equal to (neq), greater than (gt), less than (lt), or range
are not supported in access-group option (refer to the following example). ARP
packets (arp) and Ether-type (ether-type) are also not supported in the access-
group option. The entire rule is skipped to compose the filter.
The access-group option pertains to:
IP protocol number: from 0 to 255
Internet control message protocol (icmp) but not the ICMP message type (from
0 to 255)
Any internet protocol (ip)
Transmission Control Protocol (tcp) but not on the rst, syn, or urg bits
User Datagram Protocol (udp)
In the case of ambiguous access control list rules, the debug ip packet
access-control
command is disabled. A message appears identifying the error
(refer to the Example below).
Example (Error
Messages)
Dell#debug ip packet access-group test
%Error: port operator GT not supported in access-list debug
%Error: port operator LT not supported in access-list debug
%Error: port operator RANGE not supported in access-list debug
%Error: port operator NEQ not supported in access-list debug
Dell#00:10:45: %RPM0-P:CP
%IPMGR-3-DEBUG_IP_PACKET_ACL_AMBIGUOUS_EXP: Ambiguous rules not
supported in access-list debug, access-list debugging is
turned off
Dell#
ip address
Assign a primary and secondary IP address to the interface.
S4820T
Syntax
ip address ip-address mask [secondary]
To delete an IP address from an interface, use the no ip address [ip-
address] command.
Parameters
ip-address Enter an IP address in dotted decimal format.
mask Enter the mask of the IP address in slash prefix format (for
example, /24).
secondary (OPTIONAL) Enter the keyword secondary to designate the
IP address as the secondary address.
IPv4 Routing
909