Table of Contents
Advertisement
ACE is an acronym for Access Control Entry. It describes access permission associated with a particular ACE ID.
There are three ACE frame types (Ethernet Type, ARP, and IPv4) and two ACE actions (permit and deny). The ACE also contains
many detailed, different parameter options that are available for individual application.
Access Control List Status
This page shows the ACL status by different ACL users. Each row describes the ACE that is defined. It is a conflict if a specific ACE
is not applied to the hardware due to hardware limitations. The Voice VLAN OUI Table screen is shown
The page includes the following fields:
Object
• User
• Ingress Port
• Frame Type
• Action
• Rate Limiter
• Port Copy
• CPU
• CPU Once
• Counter
• Conflict
Buttons
:
Select the ACL status from this drop down list.
Auto-refresh
: Check this box to refresh the page automatically. Automatic refresh occurs at regular intervals.
: Click to refresh the page; any changes made locally will be undone.
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual
Figure 4-10-1 ACL Status page screenshot
Description
Indicates the ACL user.
Indicates the ingress port of the ACE. Possible values are:
Any: The ACE will match any ingress port.
Policy: The ACE will match ingress ports with a specific policy.
Port: The ACE will match a specific ingress port.
Indicates the frame type of the ACE. Possible values are:
Any: The ACE will match any frame type.
EType: The ACE will match Ethernet Type frames. Note that an Ethernet Type
based ACE will not get matched by IP and ARP frames.
ARP: The ACE will match ARP/RARP frames.
IPv4: The ACE will match all IPv4 frames.
IPv4/ICMP: The ACE will match IPv4 frames with ICMP protocol.
IPv4/UDP: The ACE will match IPv4 frames with UDP protocol.
IPv4/TCP: The ACE will match IPv4 frames with TCP protocol.
IPv4/Other: The ACE will match IPv4 frames, which are not ICMP/UDP/TCP.
Indicates the forwarding action of the ACE.
Permit: Frames matching the ACE may be forwarded and learned.
Deny: Frames matching the ACE are dropped.
Indicates the rate limiter number of the ACE. The allowed range is 1 to 15. When
Disabled is displayed, the rate limiter operation is disabled.
Indicates the port copy operation of the ACE. Frames matching the ACE are
copied to the port number. The allowed values are Disabled or a specific port
number. When Disabled is displayed, the port copy operation is disabled.
Forward packet that matched the specific ACE to CPU.
Forward first packet that matched the specific ACE to CPU.
The counter indicates the number of times the ACE was hit by a frame.
Indicates the hardware status of the specific ACE. The specific ACE is not
applied to the hardware due to hardware limitations.
162
Figure
4-9-15.
- Quick Links:
- Switch Front Panel
- Factory Default
Hide quick links:
Advertisement
Table of Contents
