Table of Contents
Advertisement
IPLink 3210 Series Getting Started Guide
Some types of packets you do not have to tag with ACL. Voice and data packets from of for the IPLink itself
are automatically tagged with predefined traffic-class names: Predefined internal classes for data are:
•
local-default—All other packets that originate from the IPLink itself.
•
default—All traffic that has not otherwise been labeled.
Creating an access control list
The procedure to create an access control list is described in detail in chapter 6,
tion"
on page 57.
At this point a simple example is given, that shows the necessary steps to tag any outbound traffic from a Web
server. The scenario is depicted in
permit statement of the IP filter rule for the access control list.
Web-Server
172.16.1.20/24
Figure 20. Scenario with Web server regarded as a single source host
A new access control list has to be created. In the example above, the traffic-class that represents outbound Web
related traffic is named Web.
Access control list have an implicit "deny all" entry at the very end, so packets that do not match the first crite-
ria of outbound Web related traffic will be dropped. That is why a second access control list entry—one that
allows all other traffic—is necessary.
This procedure describes creating an access control list for tagging web traffic from the single source host at a
certain IP address.
Link scheduler configuration task list
figure
20. The IP address of the Web server is used as source address in the
172.16.1.0
lan
172.16.1.1/24
wan
Node
Node
17.254.0.91/16
7 • Link scheduler configuration
"Access control list configura-
IP Access
Network
79
Advertisement
Table of Contents
