Extreme Networks ExtremeWare XOS Guide Manual page 184
Concepts guide
Hide thumbs
Also See for ExtremeWare XOS Guide:
- Command reference manual (2024 pages) ,
- Manual (698 pages) ,
- Manual (256 pages)
Table of Contents
Advertisement
Policies and ACLs
Rule Evaluation—Aspen 8810 Only
On the Aspen 8810, all matching rule actions in a policy are applied to a given packet. Conflicting
actions (deny vs. permit, etc) are resolved by the relative matching rule order in the policy file. This
means that multiple counters can be incremented for a single packet.
Match Conditions
You can specify multiple, single, or zero match conditions. If no match condition is specified, all packets
match the rule entry. Among the match conditions commonly used are:
IP source address and mask
●
IP destination address and mask
●
TCP or UDP source port range
●
TCP or UDP destination port range
●
Table 24
describes all the possible match conditions.
Actions
The action is either
permit
deny action drops the packet.
Action Modifiers
The action modifiers are
increments the counter named in the condition. The QoS profile action forwards the packet to the
specified QoS profile.
Aspen 8810 Only—For the Aspen 8810, there is an additional action modifier,
action modifier associates this rule entry with an ACL meter. See the section,
<metername>
Metering—Aspen 8810 Only" on page 188
Syntax Details
Table 24
lists the match conditions that can be used with ACLs. The conditions are case-insensitive; for
example, the match condition listed in the table as
Table 24
are five different data types used in matching packets.
on using them.
Table 24: ACL match conditions
Match Conditions
ethernet-type <number>
ethernet-source-address
<mac-address>
ethernet-destination-address
<mac-address>
ExtremeWare XOS 11.1 Concepts Guide
or
or no action is specified. No action specified permits the packet. The
deny
and
count <countername>
for more information.
Description
Ethernet packet type. In place of the numeric value, you can
specify one of the following text synonyms (the field values are
also listed): ETHER-P-IP (0x0800), ETHER-P-8021Q (0x8100),
ETHER-P-IPV6 (0x86DD)
Ethernet source MAC address
Ethernet destination MAC address
qosprofile <qosprofilename>
can also be written as
TCP-flags
Table 25
lists the data types and details
. The count action
. The
meter
meter
"ACL
. Within
tcp-flags
Applicable
IP Protocols
Ethernet
Ethernet
Ethernet
184
Advertisement
Table of Contents
Related Manuals for Extreme Networks ExtremeWare XOS Guide
Related Products for Extreme Networks ExtremeWare XOS Guide
- Extreme Networks ExtremeWare Command
- Extreme Networks ExtremeWare Enterprise Manager
- Extreme Networks EPICenter Guide
- Extreme Networks ExtremeXOS ScreenPlay
- Extreme Networks ExtremeWireless AP460i
- Extreme Networks ExtremeWireless AP460e
- Extreme Networks ExtremeSwitching X440-G2-24p-10GE4
- Extreme Networks ExtremeSwitching X440-G2-24t-10GE4-DC
- Extreme Networks ExtremeSwitching X440-G2-24fx-GE4
- Extreme Networks ExtremeSwitching X450-G2-24p-GE4
- Extreme Networks ExtremeSwitching X450-G2-24p-10GE4
- Extreme Networks ExtremeSwitching X460-G2-24t-10GE4
- Extreme Networks ExtremeSwitching X460-G2-24p-GE4
- Extreme Networks ExtremeSwitching X620-16x
- Extreme Networks ExtremeSwitching X670-G2-48x-4q
- Extreme Networks ExtremeSwitching X620-8t-2x