137
Source MAC mask
Destination MAC address
Destination MAC mask
VLAN ID
Class of Service (CoS) (802.1p)
EtherType
L2 ACLs can apply to one or more
interfaces.
Multiple access lists can be applied to a single interface; sequence
number determines the order of execution. You can assign packets to queues using the assign queue option.
4.3.2. IP ACLs
IP ACLs classify for Layers 3 and 4 on IPv4 or IPv6 traffic.
Each ACL is a set of up to ten rules applied to inbound traffic. Each rule specifies whether the contents of a
given field should be used to permit or deny access to the network, and may apply to one or more of the
following fields within a packet:
Destination IP with wildcard mask
Destination L4 Port
Every Packet
IP DSCP
IP Precedence
IP TOS
Protocol
Source IP with wildcard mask
Source L4 port
IPv4 fragmented packets
tcp flags
igmp type
icmp type
icmp code
icmp message
4.3.3. ACL Redirect Function
The redirect function allows traffic that matches a permit rule to be redirected to a specific physical port or
Port-channel instead of processed on the original port. The redirect function and mirror function are
mutually exclusive. In other words, you cannot configure a given ACL rule with mirror and redirect
attributes.
To Next Page
Loading...