Configuring Access Control Lists 541
What Are IP ACLs?
IP ACLs classify for Layers 3 and 4 on IPv4 or IPv6 traffic.
Each ACL is a set of up to ten rules applied to inbound traffic. Each rule
specifies whether the contents of a given field should be used to permit or
deny access to the network, and may apply to one or more of the following
fields within a packet:
• Destination IP with wildcard mask
•Destination L4 Port
•Every Packet
•IP DSCP
• IP Precedence
•IP TOS
•Protocol
•Source IP with wildcard mask
• Source L4 port
• Destination Layer 4 port
What Is the ACL Redirect Function?
The redirect function allows traffic that matches a permit rule to be
redirected to a specific physical port or LAG instead of processed on the
original port. The redirect function and mirror function are mutually
exclusive. In other words, you cannot configure a given ACL rule with mirror
and redirect attributes.
What Is the ACL Mirror Function?
ACL mirroring provides the ability to mirror traffic that matches a permit
rule to a specific physical port or LAG. Mirroring is similar to the redirect
function, except that in flow-based mirroring a copy of the permitted traffic is
delivered to the mirror interface while the packet itself is forwarded normally
through the device. You cannot configure a given ACL rule with both mirror
and redirect attributes.
To Next Page
Loading...
