配置ipv6 qos全局入方向过滤的时候,permit ip对ip的动作未生效。
测试结果从地址2409:8087:5011:10::106d访问地址2409:8087:501a:6020::15,无法访问。
配置命令如下:
acl ipv6 advanced 3810
rule 0 permit ipv6 destination 2409:8087:501A:6020::/116
rule 10 permit ipv6 destination 2409:8087:501A:6020::1000/116
acl ipv6 advanced 3821
rule 0 permit ipv6 source 2409:8087:5000::/48 destination 2409:8087:501A:6020::/116
rule 5 permit ipv6 source 2409:8087:5011::/48 destination 2409:8087:501A:6020::/116
rule 10 permit ipv6 source 2409:8087:5000::/48 destination 2409:8087:501A:6020::1000/116
rule 15 permit ipv6 source 2409:8087:5011::/48 destination 2409:8087:501A:6020::1000/116
traffic classifier ott_deny_v6 operator or
if-match acl ipv6 3810
traffic classifier ott_permit_v6 operator or
if-match acl ipv6 3820
if-match acl ipv6 3821
traffic behavior permit
filter permit
traffic behavior deny
filter deny
qos policy ott_security
classifier ott_permit_v6 behavior permit
classifier ott_deny_v6 behavior deny
qos apply policy ott_security global inbound
(0)
是不是三层转发,是的话用这个试试
(0)
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
抄袭了我的内容
×
原文链接或出处
诽谤我
×
对根叔社区有害的内容
×
不规范转载
×
举报说明
暂无评论