Defining ACLs 73
2 Define the fields.
3 Click . The Port Statistics are displayed, and the device is updated.
Defining ACLs Access Control Lists (ACL) allow network managers to define
classification actions and rules for specific ingress ports. Packets entering
an ingress port, with an active ACL, are either admitted or denied entry
and the ingress port is disabled. If they are denied entry, the user can
disable the port.
For example, an ACL rule is defined that states, port number 20 can
receive TCP packets, however, if a UDP packet is received, the packet is
dropped. ACLs are composed of access control entries (ACEs) that are
made of the filters that determine traffic classifications.
The following fiters can be defined as ACEs:
■ Source Port IP Address and Wildcard Mask — Filters the packets
by the Source port IP address and wildcard mask.
■ Destination Port IP Address and Wildcard Mask — Filters the
packets by the Source port IP address and wildcard mask.
■ ACE Priority — Filters the packets by the ACE priority.
■ Protocol — Filters the packets by the IP protocol.
■ DSCP — Filters the packets by the DiffServ Code Point (DSCP) value.
■ IP Precendence — Filters the packets by the IP Precedence.
■ Action — Indicates the action assigned to the packet matching the
ACL. Packets are forwarded or dropped. In addition, the port can be
shut down, a trap can be sent to the network administrator, or packet
is assigned rate limiting restrictions for forwarding.
To Next Page
Loading...
