15-2To do… Use the command… RemarksConfigure a descriptionfor the basic IPv6 ACL description textOptionalBy default, a basic IPv6 ACL has no ACLdescription.Configure a ruledescription rule rule-id comment textOptionalBy default, an IPv6 ACL rule has no ruledescription.Note that:z You can only modify the existing rules of an ACL that uses the match order of config. Whenmodifying a rule of such an ACL, you may choose to change just some of the settings, in whichcase the other settings remain the same.z You cannot create a rule with, or modify a rule to have, the same permit/deny statement as anexisting rule in the ACL.z When the ACL match order is auto, a newly created rule will be inserted among the existing rulesin the depth-first match order. Note that the IDs of the rules still remain the same.z You can modify the match order of an IPv6 ACL with the acl ipv6 number acl6-number [ nameacl6-name ] match-order { auto | config } command, but only when the ACL does not contain anyrules.z The rule specified in the rule comment command must already exist.Configuration Example# Configure IPv6 ACL 2000 to permit IPv6 packets with the source address of 2030:5060::9050/64 anddeny IPv6 packets with the source address of fe80:5060::8050/96. system-view[Sysname] acl ipv6 number 2000[Sysname-acl6-basic-2000] rule permit source 2030:5060::9050/64[Sysname-acl6-basic-2000] rule deny source fe80:5060::8050/96# Verify the configuration.[Sysname-acl6-basic-2000] display acl ipv6 2000Basic IPv6 ACL 2000, named -none-, 2 rules,ACL's step is 5rule 0 permit source 2030:5060::9050/64 (4 times matched)rule 5 deny source FE80:5060::8050/96 (5 times matched)Configuring an Advanced IPv6 ACLAdvanced IPv6 ACLs match packets based on the source IPv6 address, destination IPv6 address,protocol carried over IPv6, and other protocol header fields such as the TCP/UDP source port number,TCP/UDP destination port number, ICMP message type, and ICMP message code.