Table of Contents
Advertisement
Alteon OS Application Guide
Access Control Groups
An Access Control Group (ACL Group) is a collection of ACLs. For example:
ACL 1:
VLAN = 1
SIP = 10.10.10.1 (255.255.255.0)
Action = permit
ACL 2:
VLAN = 2
SIP = 10.10.10.2 (255.255.255.0)
Action = deny
ACL 3:
Priority = 7
DIP = 10.10.10.3 (255.255.255.0)
Action = permit
In the example above, each ACL defines a filter rule. ACL 3 has a higher precedence than
ACL 1, based on its number.
Use ACL Groups to create a traffic profile by gathering ACLs into an ACL Group, and
assigning the ACL Group to a port. The GbESM supports up to 384 ACL Groups.
ACL Metering and Re-marking
You can define a profile for the aggregate traffic flowing through the GbESM ports, by config-
uring a QoS meter (if desired), and assigning ACL Groups to ports. When you add ACL
Groups to a port, make sure they are ordered correctly in terms of precedence.
For example, consider two ACL Groups, ACL Group 1 and ACL Group 2. Each contains three
levels of precedence. If you add ACL Group 1 to a port, then add ACL Group 2 to the port, the
port's ACL filters contain a total of six precedence levels. ACL Group 1 has precedence over
ACL Group 2.
Each port supports up to seven precedence levels.
Actions taken by an ACL are called In-Profile actions. You can configure additional In-Profile
and Out-of-Profile actions on a port. Data traffic can be metered, and re-marked to ensure that
the traffic flow provides certain levels of service in terms of bandwidth for different types of
network traffic.
130
Chapter 7: Quality of Service
ACL Group 1
42C4911, January 2007
Advertisement
Table of Contents
Troubleshooting
