Manualshelf

User`s guide

ManualsBrandsAMD ManualsComputer equipmentLE-363 User's
231232233234235236237238239240
213
CHAPTER
12
Access Control Lists
Access control lists (ACLs) classify packets. The classification result can be applied
to quality-of-service application flows (mark, police) or to network-access control
(deny, allow).
There are many use cases for ACLs. Consider the following examples:
Prioritizing outbound traffic by marking fields in the IP header, thereby enabling
upstream routers to handle this marked (set) traffic in a specific way. For example,
any RTP VoIP traffic within a certain port range could have its IP TOS bit set to a
value of 5. Any packet that satisfies these conditions will have its IP header field
set by the I/O card.
Intentionally dropping packets when a denial-of-service (DoS) attack is detected.
All traffic must be blocked from specific IP or MAC addresses.
ACLs, like most objects in the Oracle Fabric Interconnect, have “Naming
Conventions” on page 8.
This chapter explains how to configure ACLs for application to your network traffic.
It contains the following sections:
“Setting Actions” on page 214
“Setting Conditions” on page 216
“Displaying ACLs and Rules” on page 218
“Removing ACLs” on page 219
“Example: Denying Egress Traffic” on page 220