Service Manual

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048-ON

151

152

153

154

155

156

157

158

159

160

ip access-list extended test

remark 4 XYZ

remark 5 this remark corresponds to permit any host 1.1.1.1

seq 5 permit ip any host 1.1.1.1

remark 9 ABC

remark 10 this remark corresponds to permit ip any host 1.1.1.2

seq 10 permit ip any host 1.1.1.2

seq 15 permit ip any host 1.1.1.3

seq 20 permit ip any host 1.1.1.4

Dell# end

Dell# resequence access-list ipv4 test 2 2

Dell# show running-config acl

ip access-list extended test

remark 2 XYZ

remark 4 this remark corresponds to permit any host 1.1.1.1

seq 4 permit ip any host 1.1.1.1

remark 6 this remark has no corresponding rule

remark 8 this remark corresponds to permit ip any host 1.1.1.2

seq 8 permit ip any host 1.1.1.2

seq 10 permit ip any host 1.1.1.3

seq 12 permit ip any host 1.1.1.4

Route Maps

Similar to ACLs and prefix lists, route maps are composed of a series of commands that contain a

matching criterion and an action; however, route maps can change the packets meeting the criterion.

ACLs and prefix lists can only drop or forward the packet or traffic. Route maps process routes for route

redistribution. For example, a route map can be called to filter only specific routes and to add a metric.

Route maps also have an “implicit deny.” Unlike ACLs and prefix lists; however, where the packet or traffic

is dropped, in route maps, if a route does not match any of the route map conditions, the route is not

redistributed.

Implementation Information

The Dell Networking OS implementation of route maps allows route maps with the no match or no set

commands. When there is no match command, all traffic matches the route map and the set command

applies.

Logging of ACL Processes

This functionality is supported on the platform.

To assist in the administration and management of traffic that traverses the device after being validated

by the configured ACLs, you can enable the generation of logs for access control list (ACL) processes.

Although you can configure ACLs with the required permit or deny filters to provide access to the

incoming packet or disallow access to a particular user, it is also necessary to monitor and examine the

traffic that passes through the device. To evaluate network traffic that is subjected to ACLs, configure the

logs to be triggered for ACL operations. This functionality is primarily needed for network supervision and

maintenance activities of the handled subscriber traffic.

When ACL logging is configured, and a frame reaches an ACL-enabled interface and matches the ACL, a

log is generated to indicate that the ACL entry matched the packet.

152

Access Control Lists (ACLs)