EasyManua.ls Logo

Zte ZXR10 2928 - Acl

Zte ZXR10 2928
341 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
ZXR10 2920/2928/2952
(V1.0) Access Switch User Manual Volume I
124 Confidential and Proprietary Information of ZTE CORPORATION
The following ports are active!
PortId : 2 MSTI : 00
Priority : 128 Cost : 200000
Status : Forward Role : Designated
EdgePort : Disabled GuardType : None
LinkType : P2P PacketType : IEEE
PortId : 2 MSTI : 01
Priority : 112 Cost : 200000
Status : Forward Role : Designated
EdgePort : Disabled GuardType : None
LinkType : P2P PacketType : IEEE
ACL
Packet filtering can help limit network traffic and restrict network
use by certain users or devices. ACL’s can filter traffic as it
passes through a router and permit or deny packets at specified
interfaces.
An ACL is a sequential collection of permit and deny conditions
that apply to packets. When a packet is received on an
interface, the switch compares the fields in the packet against
any applied ACL’s to verify that the packet has the required
permissions to be forwarded, based on the criteria specified in
the access lists. It tests packets against the conditions in an
access list one by one. The first match determines whether the
switch accepts or rejects the packets because the switch stops
testing conditions after the first match. The order of conditions
in the list is critical. If no conditions match, the switch rejects
the packets. If there are no restrictions, the switch forwards
the packet; otherwise, the switch drops the packet.
Packet matching rules defined by the ACL are also used in other
conditions where distinguishing traffic is needed. For instance,
the matching rules can define the traffic classification rule in the
QoS.
ZXR10 2920/2928/2952 provides ACL functions as follows:
ZXR10 2920/2928/2952 provides three binding types
including physical port, Trunk Groups and Vlan interface.
When a physical port is added into a Trunk Group and has
been bounded as ACL, current bound is to be released, a
false message will return. When ACL is applied to Trunk
Group, physical port will be bound with ACL automatically.
Vlan interface also supports an ACL binding.
Note: When a port/trunk itself belongs to a Vlan, choose
mode to make sure that the received packets will be applied
to a port/trunk bound ACL or a Vlan bound ACL.
Introduction
Description
ACL Function

Table of Contents

Related product manuals