Configuring Access Control Lists; Acl Overview - Dell Networking N4000 Series Configuration Manual

Configuring Access Control Lists

This chapter describes how to configure Access Control Lists (ACLs),
including IPv4, IPv6, and MAC ACLs. This chapter also describes how to
configure time ranges that can be applied to any of the ACL types.
The topics covered in this chapter include:
•

ACL Overview

• ACL Configuration Details
• Policy Based Routing
• Configuring ACLs (Web)
• Configuring ACLs (CLI)
• ACL Configuration Examples
ACL Overview
Access Control Lists (ACLs) are a collection of rules that provide security by
blocking selected packets from ingressing the switch. ACLs are implemented
in hardware and processed at line rate for the front-panel ports. A reduced
functionality set of ACLs is implemented in firmware for the OOB port.
ACLs can also provide traffic rate limiting and decide which types of traffic
are forwarded or blocked. ACLs can reside in a firewall router, a router
connecting two internal networks, or a Layer 3 switch, such as a Dell
Networking N2000, N3000, and N4000 series switches.
You can also create an ACL that limits access to the management interfaces
based on the connection method (for example, Telnet or HTTP) and/or the
source IP address.
The Dell Networking series switches support ACL configuration in both the
ingress and egress direction. Egress ACLs provide the capability to implement
security rules on the egress flows (traffic leaving a port) rather than the
ingress flows (traffic entering a port). Ingress and egress ACLs can be applied
to any physical port, port-channel (LAG), or VLAN routing port.
Configuring Access Control Lists
20
583