Reset Search
 

 

Article

How to calculate the mask value for a VLAN-ID range for using in ACL

« Go Back

Information

 
TitleHow to calculate the mask value for a VLAN-ID range for using in ACL
Objective
To calculate the mask value to be used in ACL when using the VLAN-ID range as the match condition.
Environment
Summit and Blackdiamond series
Exos all
Procedure
1. Convert the decimal value to the binary value.

For example, if you want to specify a range between 2016 and 2047, calculate their binary values.

 
2016 ----> 11111100000
2047 ----->11111111111
2. Identify the number of common digits in the binary value.

In the above example, total number of bits is 11 and the first 6 digits are 1 which is common.

3. So, set the common number of bits to 1 and rest to 0 and convert the binary value to hexadecimal for using in the ACL.

The mask value would be 11111100000. If we convert it to hexadecimal, value would be 0x7E0 .

 
Additional notes
Sample ACL with mask value:
 
entry test-rule {
if match all {
vlan-id 2016 mask 0x7E0 ;
}
then {
count incoming;
mirror-cpu ;
log ;
}
}

 

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255