CHAPTER 4: MANAGING DEVICE SECURITY
60
mask of FF:FF:FF:FF:FF:FF indicates that no bit is important. A
wildcard of 00.00.00.00.00.00.00 indicates that all bits are
important. For example, if the source MAC address is E0:3B:4A:C2:
CA:E2 and the wildcard mask is 00:00:00:00:00:FF, the first five
bytes of the MAC are used, while the last byte is ignored. For the
source MAC address E0:3B:4A:C2:CA:E2, this wildcard mask
matches all MAC addresses in the range E0:3B:4A:C2:CA:00 to
E0:3B:4A:C2:CA:FF.
Destination MAC Address — Matches the destination MAC
address to which packets are addressed to the ACE.
Destination Mask — Indicates the destination MAC Address
wildcard mask. Wildcards are used to mask all or part of a
destination address by specifying which bits are used and which
are ignored. A wildcard mask of FF:FF:FF:FF:FF indicates that no
bit is important. A wildcard mask of 00.00.00.00.00.00 indicates
that all bits are important.. For example, if the destination MAC
address is E0:3B:4A:C2:CA:E2 and the wildcard mask is
00:00:00:00:00:FF, the first five bytes of the MAC are used, while
the last byte is ignored. For the destination MAC address 0:3B:4A:
C2:CA:E2, this wildcard mask matches all MAC addresses in the
range E0:3B:4A:C2:CA:00 to E0:3B:4A:C2:CA:FF.
VLAN ID — Matches the packet’s VLAN ID to the ACE. The
possible field values are 1 to 4094
CoS — Classifies traffic based on the CoS tag value.
CoS Mask — Defines the CoS mask used to classify network
traffic.
Ethertype — Provides an identifier that differentiates among
various types of protocols.
Action — Indicates the ACL forwarding action. The options are as
follows:
Permit — Forwards packets which meet the ACL criteria.
Deny — Drops packets which meet the ACL criteria.
To Next Page
Loading...
