Understanding Acls; Rule(S); Actions; Criteria - Cisco ASR 5500 System Administration Manual

Understanding ACLs

Separate ACLs may be created for IPv4 and IPv6 access routes.
Understanding ACLs
This section discusses the two main aspects to ACLs on the system:
•
•
Important

Rule(s)

A single ACL consists of one or more ACL rules. Each rule is a filter configured to take a specific action
when packets matching specific criteria. Up to 256 rules can be configured per ACL.
Important
Each rule specifies the action to take when a packet matches the specifies criteria. This section discusses the
rule actions and criteria supported by the system.

Actions

ACLs specify that one of the following actions can be taken on a packet that matches the specified criteria:
• Permit: The packet is accepted and processed.
• Deny: The packet is rejected.
• Redirect: The packet is forwarded to the specified next-hop address through a specific system interface

Criteria

Each ACL consists of one or more rules specifying the criteria that packets will be compared against.
The following criteria are supported:
ASR 5500 System Administration Guide, StarOS Release 21.5
184
Rule(s), on page 184
Rule Order, on page 186
Refer to ACL Configuration Mode Commands and the IPv6 ACL Configuration Mode Commands chapter
in the Command Line Interface Reference for the full command syntax.
Configured ACLs consisting of no rules imply a "deny any" rule. The deny action and any criteria are
discussed later in this section. This is the default behavior for an empty ACL.
or to the specified context for processing.
Important Redirect rules are ignored for ACLs applied to specific subscribers or all subscribers
facilitated by a specific context, or APN for UMTS subscribers.
Access Control Lists