Reference Guide
CONFIGURATION mode
interface loopback 0
2. Apply rules to the new ACL.
CONFIGURATION mode
ip access-list [standard | extended] name
3. Apply an ACL to traffic entering loopback. The keyword in configures the ACL to filter incoming
traffic.
INTERFACE mode
ip access-group name in
NOTE: You can only apply ACLs for Loopback to incoming traffic.
To apply ACLs on Loopback, use the ip access-group command in INTERFACE mode. This example
shows the interface configuration status, adding rules to the access group, and displaying the list of rules
in the ACL.
Example of Applying ACL Rules to a Loopback and Viewing ACL Configuration
Dell(conf)#interface loopback 0
Dell(conf-if-lo-0)#ip access-group abcd in
Dell(conf-if-lo-0)#show config
!
interface Loopback 0
no ip address
ip access-group abcd in
no shutdown
Dell(conf-if-lo-0)#end
Dell#configure terminal
Dell(conf)#ip access-list extended abcd
Dell(config-ext-nacl)#permit tcp any any
Dell(config-ext-nacl)#deny icmp any any
Dell(config-ext-nacl)#permit 1.1.1.2
Dell(config-ext-nacl)#end
Dell#show ip accounting access-list
!
Extended Ingress IP access list abcd on Loopback 0
seq 5 permit tcp any any
seq 10 deny icmp any any
seq 10 deny icmp any any
For more information, refer to the VTY Line Local Authentication and Authorization section in the
Securitychapter.
IP Prefix Lists
IP prefix lists control routing policy.
An IP prefix list is a series of sequential filters that contain a matching criterion (examine IP route prefix)
and an action (permit or deny) to process routes. The filters are processed in sequence so that if a route
prefix does not match the criterion in the first filter, the second filter (if configured) is applied. When the
route prefix matches a filter, Dell Networking OS drops or forwards the packet based on the filter’s
designated action. If the route prefix does not match any of the filters in the prefix list, the route is
dropped (that is, implicit deny).
Access Control Lists (ACLs)
139