Access Control Lists (Acls); Overview - Dell Force10 S4810P Configuration Manual

Access Control Lists (ACLs)

This chapter describes the
Access Control Lists (ACLs) are supported on platforms:
Ingress IP and MAC ACLs are supported on platforms:
Egress IP and MAC ACLs are supported on platforms:

Overview

At their simplest, Access Control Lists (ACLs), Prefix lists, and Route-maps permit or deny traffic based
on MAC and/or IP addresses. This chapter discusses implementing IP ACLs, IP Prefix lists and
Route-maps. For MAC ACLS, refer to
An ACL is essentially a filter containing some criteria to match (examine IP , TCP, or UDP packets) and an
action to take (permit or deny). ACLs are processed in sequence so that if a packet does not match the
criterion in the first filter, the second filter (if configured) is applied. When a packet matches a filter, the
switch drops or forwards the packet based on the filter's specified action. If the packet does not match any
of the filters in the ACL, the packet is dropped ( implicit deny).
The number of ACLs supported on a system depends on your CAM size. See
Allocation, and CAM Optimization
Memory (CAM)
This chapter covers the following topics:
• IP Access Control Lists (ACLs)
• CAM Profiling, CAM Allocation, and CAM Optimization
• Implementing ACLs on FTOS
• IP Fragment Handling
• Configure a standard IP ACL
• Configure an extended IP ACL
• Configuring Layer 2 and Layer 3 ACLs on an Interface
• Assign an IP ACL to an Interface
• Configuring Ingress ACLs
• Configuring Egress ACLs
Access Control Lists
Layer
in this chapter for more information. Refer to
for complete CAM profiling information.
(ACLs), prefix lists, and route-maps.
e c s z
e c s z
e s z
2.
7
CAM Profiling, CAM
Content Addressable
Access Control Lists (ACLs) | 103