proto |
Configures the ACL for additional protocols Additional protocols (other than IP, ICMP, TCP, and UDP) must
be configured using this parameter.
|
<PROTOCOL-NUMBER> |
Filters protocols using their IANA protocol number
- <PROTOCOL-NUMBER> – Specify the protocol
number.
|
<PROTOCOL-NAME> |
Filters protocols using their IANA protocol name
- <PROTOCOL-NAME> – Specify the protocol name.
|
eigrp |
Identifies the EIGRP protocol (number 88) EIGRP enables routers to maintain copies of neighbors‘ routing
tables. Routers use this information to determine the fastest route to a
destination. When a router fails to find a route in its stored route tables, it
sends a query to neighbors who in turn query their neighbors till a route is
found. EIGRP also enables routers to inform neighbors of changes in their routing
tables.
|
gre |
Identifies the GRE protocol (number 47) GRE is a tunneling protocol that enables transportation of
protocols (IP, IPX, DEC net, etc.) over an IP network. GRE encapsulates the packet
at the source and removes the encapsulation at the destination.
|
igp |
Identifies any private internal gateway (primarily used
by CISCO for their IGRP) (number 9) IGP enables exchange of
information between hosts and routers within a managed network. The most commonly
used IGP protocols are: RIP and OSPF.
|
ospf |
Identifies the OSPF protocol (number 89) OSPF is a link-state IGP. OSPF routes IP packets within a
single routing domain (autonomous system), like an enterprise LAN. OSPF gathers
link state information from neighbor routers and constructs a network topology.
The topology determines the routing table presented to the Internet Layer which
makes routing decisions based solely on the destination IP address found in IP
packets.
|
vrrp |
Identifies the VRRP protocol (number 112) VRRP allows a pool of routers to be advertized as a single
virtual router. This virtual router is configured by hosts as their default
gateway. VRRP elects a master router, from this pool, and assigns it a virtual IP
address. The master router routes and forwards packets to hosts on the same
subnet. When the master router fails, one of the backup routers is elected as the
master and its IP address is mapped to the virtual IP address.
|
<SOURCE-IPv6/MASK> |
Specifies a range of IPv6 source address (network) to
match. Packets (EIGRP, GRE, IGMP, IGP, OSPF, or VRRP) received from any source in
the specified network are forwarded. |
any |
Specifies the source as any IPv6 address. Packets
(EIGRP, GRE, IGMP, IGP, OSPF, or VRRP) received from any source are
forwarded. |
host <SOURCE-HOST-IPv6> |
Identifies a specific host (as the source to match) by
its IPv6 address. Packets (EIGRP, GRE, IGMP, IGP, OSPF, or VRRP) received from the
specified host are forwarded.
- <SOURCE-HOST-IP> – Specify the source host‘s exact
IPv6 address.
|
<DEST-IPv6/MASK> |
Specifies a range of IPv6 destination address (network)
to match. Packets (EIGRP, GRE, IGMP, IGP, OSPF, or VRRP) addressed to any
destination within the specified network are forwarded. |
any |
Specifies the destination as any IPv6 address. Packets
(EIGRP, GRE, IGMP, IGP, OSPF, or VRRP) addressed to any destination are
forwarded. |
host <DEST-HOST-IPv6> |
Identifies a specific host (as the destination to match)
by its IPv6 address. Packets (EIGRP, GRE, IGMP, IGP, OSPF, or VRRP) addressed to the
specified host are forwarded.
- <DEST-HOST-IPv6> – Specify the destination host‘s
exact IPv6 address.
|
log |
Logs all permit events matching this entry |
rule-precedence <1-5000> |
Assigns a precedence for this permit rule
- <1-5000> – Specify a value from 1 - 5000.
Note: Lower the precedence higher is the priority. A rule
with precedence 3 gets priority over a rule with precedence 10.
|
rule-description <LINE> |
Optional. Configures a description for this permit rule.
Provide a description that uniquely identifies the purpose of this rule (should not
exceed 128 characters in length). |