User Manual
Table Of Contents
- M6100 Web Management User Guide
- Contents
- 1. Getting Started
- 2. Configuring System Information
- 3. Configuring Switching Information
- 4. Routing
- 5. Configuring Quality of Service
- 6. Managing Device Security
- 7. Monitoring the System
- 8. Maintenance
- 9. Help
- A. Default Settings
- B. Configuration Examples
- C. Notification of Compliance
Managing Device Security
487
M6100 Web Management User Guide
packet-too-big, port-unreachable, source-quench, router-solicitation,
router-advertisement, time-exceeded, ttl-exceeded, and unreachable.
25. Service Type - Select a Service Type match condition for the extended IP ACL rule from
the menu. The possible values are IP DSCP, IP precedence, and IP TOS, which are
alternative ways of specifying a match criterion for the same Service Type field in the IP
header, however each uses a different user notation. After a selection is made the
appropriate value can be specified.
• IP DSCP - Specify the IP DiffServ Code Point (DSCP) field. The DSCP is defined as
the high-order six bits of the Service Type octet in the IP header. This is an optional
configuration. Enter an integer from 0 to 63. The IP DSCP is selected by possibly
selection one of the DSCP keyword from a drop-down box. If a value is to be selected
by specifying its numeric value, then select the 'Other' option in the drop-down box
and a text box will appear where the numeric value of the DSCP can be entered.
• IP Precedence - The IP Precedence field in a packet is defined as the high-order
three bits of the Service Type octet in the IP header. This is an optional configuration.
Enter an integer from 0 to 7.
• IP TOS - The IP TOS field in a packet is defined as all eight bits of the Service Type
octet in the IP header. The TOS Bits value is a hexadecimal number from 00 to FF.
The TOS Mask value is a hexadecimal number from 00 to FF. The TOS Mask
denotes the bit positions in the TOS Bits value that are used for comparison against
the IP TOS field in a packet. For example, to check for an IP TOS value having bits 7
and 5 set and bit 1 clear, where bit 7 is most significant, use a TOS Bits value of 0xA0
and a TOS Mask of 0xFF. This is an optional configuration.
26. Rate Limit Conform Data Rate - Value of Rate Limit Conform Data Rate specifies the
conforming data rate of IP ACL Rule. Valid values are (1 to 4294967295) in Kbps.
27. Rate Limit Burst Size - Value of Rate Limit Burst Size specifies burst size of IP ACL Rule.
Valid values are (1 to 128) in Kbytes.
28. Time Range - Name of time range associated with the IP Extended ACL Rule.
29. Rule Status - Displays if the ACL rule is active or inactive. Blank means that no timer
schedules are assigned to the rule.
30. To modify an existing IP Extended ACL rule, click the Rule ID. The number is a hyperlink to
the Extended ACL Rule Configuration (100-199) screen, which is used for configuration ACL
Rules. Click the Add button on the IP Extended Rules screen.
31. For standard ACL Rule Configuration (1-99), click the Add button on the IP Rules screen.
32. To delete an IP ACL rule, select the check box associated with the rule, and then click
Delete.
33. Click Cancel to cancel the configuration on the screen and reset the data on the screen to
the latest value of the switch.
IPv6 ACL
An IP or IPv6 ACL consists of a set of rules which are matched sequentially against a packet.
When a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is
taken, and the additional rules are not checked for a match. On this menu the interfaces to
which an IP ACL applies must be specified, as well as whether it applies to inbound or