Configuring Acls; Information About Acls; Ip Acl Types And Applications - Cisco AJ732A - MDS 9134 Fabric Switch Configuration Manual

S e n d f e e d b a c k t o n x 5 0 0 0 - d o c f e e d b a c k @ c i s c o . c o m

Configuring ACLs

This chapter describes how to configure access control lists (ACLs).
This chapter includes the following sections:
•
•
•
•
•
•

Information About ACLs

An ACL is an ordered set of rules that you can use to filter traffic. Each rule specifies a set of conditions
that a packet must satisfy to match the rule. When the switch determines that an ACL applies to a packet,
it tests the packet against the conditions of all rules. The first match determines whether the packet is
permitted or denied. If there is no match, the switch applies the applicable default rule. The switch
continues processing packets that are permitted and drops packets that are denied. For more information,
see the
You can use ACLs to protect networks and specific hosts from unnecessary or unwanted traffic. For
example, you could use ACLs to disallow HTTP traffic from a high-security network to the Internet. You
could also use ACLs to allow HTTP traffic but only to specific sites, using the IP address of the site to
identify it in an IP ACL.
This sections includes the following topics:
•
•

IP ACL Types and Applications

The Cisco Nexus 5000 Series switch supports IPv4, IPv6 and MAC ACLs for security traffic filtering.
The switch allows you to use IP ACLs as port ACLs and VLAN ACLs, as shown in
OL-16597-01
Information About ACLs, page 20-1
Configuring IP ACLs, page 20-4
Configuring MAC ACLs, page 20-9
Information About VLAN ACLs, page 20-14
Configuring VACLs, page 20-15
Default Settings, page 20-18
"Implicit Rules" section on page
IP ACL Types and Applications, page 20-1
Rules, page 20-2
C H A P T E R
20-3.
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
20
Table 20-1.
20-1