System information

SIGNAMAX a.s.

Seat: Palackeho trida 38, 612 00 Brno, CZ l Office: Vlarska 22, P. O. Box 214, 658 14 Brno, CZ

T:+420 533 338 854 l F:+420 533 338 883 l www.signamax.eu

104

3-8. ACL

The 065-7851 switch access control list (ACL) is probably the most commonly used

object in the IOS. It is used for packet filtering but also for selecting types of traffic to be

analyzed, forwarded, or influenced in some way.

The ACLs are divided into EtherTypes. IPv4, ARP protocol, MAC and VLAN

parameters etc. Here we will just go over the standard and extended access lists for TCP/IP.

As you create ACEs for ingress classification, you can assign a policy for each port, the

policy number is 1-8, however, each policy can be applied to any port. This makes it very

easy to determine what type of ACL policy you will be working with.

3-8-1.Ports

Function name:

ACL Port Configuration

Function description:

The switch ACL function support up to 128 Access Control Entries (ACEs), using the

shared 128 ACEs for ingress classification. You can create an ACE and assign this ACE

for each port with <Any> or assign this ACE for a policy or assign this ACE for a port.

There are 8 policies, each port can select one of policy, then decides which of the

following actions would take according to the packet’s IPv4, EtherType, ARP Protocol,

MAC Parameters and VLAN parameters:

- Packet Deny or Permit

Rate Limiter (Unit: pps)

- Port Copy (1 – 24)

Fig. 3-64

Parameter description: