undo rule (MPLS ACL view)

Function

The undo rule command deletes an ACL rule in the MPLS-based ACL view.

By default, no MPLS-based ACL rule is created.

Format

undo rule rule-id [ to to-rule-id ]

Parameters

Parameter Description Value
rule-id

Specifies the ID of an ACL rule.

The value is an integer ranging from 0 to 4294967294.
to to-rule-id

Specifies an end rule ID for MPLS ACL rules to be deleted in batches.

to-rule-id must be no less than rule-id.

The value is an integer ranging from 0 to 4294967294.

Views

MPLS ACL view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
acl write

Usage Guidelines

Usage Scenario

To delete an ACL rule in the MPLS-based ACL view, run the undo rule command.

Prerequisites

An MPLS-based ACL has been created using the acl command in the system view.

Configuration Impact

When specifying an ACL rule ID, note the following:

  • If a rule with a specified rule ID already exists, and the new rule conflicts with the existing one, the conflicting part in the new rule overwrites that in the existing rule.
  • If no rule with the specified rule ID exists, a rule with the specified rule ID is created.

    When an ACL rule ID is not specified and a rule is added, the system automatically allocates an ID to this rule. ACL rules are arranged in ascending order of rule IDs, with the difference between two adjacent rules as an ACL increment.

    The rule IDs automatically generated by the system start from the ACL increment. For example, if the ACL increment is 5, the rule ID starts from 5; if the ACL increment is 2, the rule ID starts from 2. This allows you to add rules before the first rule.

Precautions

& 1-4 in the command indicates that MPLS packets can be matched based on one to four labels. For example, in the rule 10 permit exp 4 5 6 7 command, 4 is the EXP value in the outer MPLS header closest to the Layer 2 frame header, and 7 is the EXP value in the inner MPLS header closest to the IP header. If the packet has only two MPLS labels, use the rule 10 permit exp 6 5 command or the rule 10 permit exp 6 5 any any command. If the packet has only two labels and you want to filter the packet based on the inner label, use the rule 10 permit exp any 5 command or the rule 10 permit exp any 5 any any command. NOTE: The system can match MPLS packets based on the TTL values in a maximum of three outer MPLS headers.

If rule-id is not specified when you run the rule command to create an ACL, the system automatically assigns an ID to the ACL rule. You can run the display acl command to check the rule ID automatically assigned to an ACL.

If name rule-name is not specified when you run the rule command to create an ACL, the system automatically generates a name for the ACL in the format of "rule"+"_"+rule ID. Rule ID is the ID of an ACL rule that can be specified using the rule-id parameter or automatically assigned by the system. You can check the automatically generated name of an ACL rule through the NMS.

You must specify the rule ID when deleting a rule. To check rule IDs, run the display acl command.

Before deleting an ACL rule, run the display acl command to check whether the ACL rule has been applied to other services. Delete the rule only when it is not applied to other services.

Example

# Create an MPLS-based ACL numbered 10999 and add a rule to ACL 10999 to match packets with the EXP value 5 in the inner MPLS header, delete an ACL rule in the MPLS-based ACL view.
<HUAWEI> system-view
[~HUAWEI] acl number 10999
[*HUAWEI-acl-mpls-10999] rule 10 permit exp any 5
[*HUAWEI-acl-mpls-10999] commit
[~HUAWEI-acl-mpls-10999] undo rule 10
Parent Topic: ACL Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >