349
Configuring ACL and QoS
NOTE:
Unless otherwise stated, ACLs refer to both IPv4 and IPv6 ACLs throughout this document.
Overview
Introduction to ACL
An access control list (ACL) is a set of rules (or permit or deny statements) for identifying traffic based on
criteria such as source IP address, destination IP address, and port number.
ACLs are essentially used for packet filtering. A packet filter drops packets that match a deny rule and
permits packets that match a permit rule. ACLs are also widely used by many modules, for example, QoS
and IP routing, for traffic identification.
ACLs fall into the following categories.
Cate
or
ACL number IP version
Match criteria
Basic ACLs 2000 to 2999
IPv4 Source IPv4 address
IPv6 Source IPv6 address
Advanced ACLs 3000 to 3999
IPv4
Source IPv4 address, destination IPv4 address,
protocols over IPv4, and other Layer 3 and Layer
4 header fields
IPv6
Source IPv6 address, destination IPv6 address,
protocols over IPv6, and other Layer 3 and Layer
4 header fields
Ethernet frame
header ACLs
4000 to 4999 IPv4 and IPv6
Layer 2 header fields, such as source and
destination MAC addresses, 802.1p priority,
and link layer protocol type
NOTE:
For more information about ACL, see
ACL and QoS Configuration Guide
.
Introduction to QoS
Quality of Service (QoS) is a concept concerning service demand and supply. It reflects the ability to
meet customer needs. Generally, QoS does not focus on grading services precisely, but on improving
services under certain conditions.
In the internet, QoS refers to the ability of the network to forward packets. The evaluation on QoS of a
network can be based on different aspects because the network may provide various services. Generally,
To Next Page
Loading...
