hardware fast-forwarding filter basic acl

In versions earlier than V600R007C20SPC200, all models support this command. For V600R007C20SPC200 and later versions, device batches are distinguished by BomID Version (which can be checked using the display version command). All models except the USG6680E and USG6712E/6716E whose BomID Version is 003 or later or whose device BOM numbers contain "-001" support this command.

By default, no ACL-based basic filtering condition of hardware fast forwarding is configured.

If the command is executed more than once, the latest configuration overrides the previous ones.

Creating an advanced ACL and referencing it in the basic filtering condition of hardware fast forwarding can control hardware fast forwarding for specific traffic. Hardware fast forwarding is implemented for the traffic that matching the ACL rule with the action of permit and is not implemented for the traffic matching the ACL rule with the action of deny. The traffic matching the ACL rule with the action of deny is still sent to the CPU for processing.

After configuring an ACL-based basic filtering condition of hardware fast forwarding, you need to run the hardware fast-forwarding filter basic enable acl command to enable ACL-based hardware fast forwarding. Otherwise, the ACL-based basic filtering condition of hardware fast forwarding does not take effect.

The number of rules in the referenced advanced ACL cannot be greater than 32. Otherwise, the filtering condition cannot be delivered.

The ACL created under the virtual system cannot be referenced. However, the ACL-based filtering conditions for fast forwarding take effect for the traffic of the entire device (including the root system and all virtual systems).