Deployment Guide
• Applying a Filter to a Prex List (OSPF)
• ACL Resequencing
• Resequencing an ACL or Prex List
• Route Maps
• Important Points to Remember
• Conguration Task List for Route Maps
• Creating a Route Map
• Congure Route Map Filters
• Conguring Match Routes
• Conguring Set Conditions
• Congure a Route Map for Route Redistribution
• Congure a Route Map for Route Tagging
• Continue Clause
• Logging of ACL Processes
• Guidelines for Conguring ACL Logging
• Conguring ACL Logging
• Flow-Based Monitoring Support for ACLs
• Enabling Flow-Based Monitoring
IP Access Control Lists (ACLs)
In Dell Networking switch/routers, you can create two dierent types of IP ACLs: standard or extended.
A standard ACL lters packets based on the source IP packet. An extended ACL lters trac based on the following criteria:
• IP protocol number
• Source IP address
• Destination IP address
• Source TCP port number
• Destination TCP port number
• Source UDP port number
• Destination UDP port number
For more information about ACL options, refer to the Dell Networking OS Command Reference Guide.
For extended ACL, TCP, and UDP lters, you can match criteria on specic or ranges of TCP or UDP ports. For extended ACL TCP lters,
you can also match criteria on established TCP sessions.
When creating an access list, the sequence of the lters is important. You have a choice of assigning sequence numbers to the lters as
you enter them, or the Dell Networking operating system assigns numbers in the order the lters are created. The sequence numbers are
listed in the display output of the show config and show ip accounting access-list commands.
Ingress and egress hot lock ACLs allow you to append or delete new rules into an existing ACL (already written into CAM) without
disrupting trac ow. Existing entries in the CAM are shued to accommodate the new entries. Hot lock ACLs are enabled by default and
support both standard and extended ACLs.
NOTE
: Hot lock ACLs are supported for Ingress ACLs only.
Access Control Lists (ACLs) 111