137
ï‚·
Source MAC mask
ï‚·
Destination MAC address
ï‚·
Destination MAC mask
ï‚·
VLAN ID
ï‚·
Class of Service (CoS) (802.1p)
ï‚·
EtherType
L2 ACLs can apply to one or more
interfaces.
Multiple access lists can be applied to a single interface; sequence
number determines the order of execution. You can assign packets to queues using the assign queue option.
4.3.2. IP ACLs
IP ACLs classify for Layers 3 and 4 on IPv4 or IPv6 traffic.
Each ACL is a set of up to ten rules applied to inbound traffic. Each rule specifies whether the contents of a
given field should be used to permit or deny access to the network, and may apply to one or more of the
following fields within a packet:
ï‚·
Destination IP with wildcard mask
ï‚·
Destination L4 Port
ï‚·
Every Packet
ï‚·
IP DSCP
ï‚·
IP Precedence
ï‚·
IP TOS
ï‚·
Protocol
ï‚·
Source IP with wildcard mask
ï‚·
Source L4 port
ï‚·
IPv4 fragmented packets
ï‚·
tcp flags
ï‚·
igmp type
ï‚·
icmp type
ï‚·
icmp code
ï‚·
icmp message
4.3.3. ACL Redirect Function
The redirect function allows traffic that matches a permit rule to be redirected to a specific physical port or
Port-channel instead of processed on the original port. The redirect function and mirror function are
mutually exclusive. In other words, you cannot configure a given ACL rule with mirror and redirect
attributes.
To Next Page
Loading...
Need help?
General