ACL Matching in Huawei Routers:
Access Control Lists (ACLs) are used to filter packets based on specific criteria, such as source/destination IP, ports, or protocols.
When a packet arrives, the Huawei router processes it against the configured ACL rules to decide whether to permit or deny the packet.
[Reference: HCIP-Datacom-Core Technology Training Material (ACL Principles and Configuration)., Sequential Matching Order:, By default, Huawei routers match packets against ACL rules sequentially. This means:, The router checks the packet against rules in the order they are listed, starting from the top of the ACL., The first rule that matches the packet's attributes is applied, and no further rules are checked. This is known as the first-match principle., If no rules match, the packet is denied by default (implicit deny)., Reference: HCIP-Datacom Advanced Routing & Switching Technology (ACL Matching Mechanism)., Example of Sequential Matching:, Consider the following ACL rules:, , Rule 10: Permit IP 192.168.1.0/24, Rule 20: Deny IP 192.168.1.1, If a packet with source IP 192.168.1.1 arrives:, The router matches it against Rule 10 (Permit 192.168.1.0/24) and allows the packet., Rule 20 is not evaluated because the first match (Rule 10) already applies., Alternative Matching Orders:, Some routers or configurations allow batch matching (evaluating all rules) for specific scenarios, but this is not the default behavior in Huawei routers., Conclusion:, The default ACL matching order on Huawei routers is sequential, and the first matching rule determines the action applied to the packet., , ]
Submit