Introduction To Ipv4 Acl; Ipv4 Acl Classification - 3Com 4500G Family Configuration Manual

Hide thumbs Also See for 4500G Family:

Table of Contents

Hardware-based application: An ACL is assigned to a piece of hardware. For example, an ACL is

applied to an Ethernet interface or VLAN interface for packet filtering or is referenced by a QoS

policy for traffic classification. Note that when an ACL is referenced to implement QoS, the actions

defined in the ACL rules, deny or permit, do not take effect; actions to be taken on packets

matching the ACL depend on the traffic behavior definition in QoS. For details about traffic behavior,

refer to the QoS part in QoS Volume.

Software-based application: An ACL is referenced by a piece of upper layer software. For example,

an ACL can be referenced to configure login user control behavior, thus controlling Telnet, SNMP

and Web users. Note that when an ACL is reference by the upper layer software, actions to be

taken on packets matching the ACL depend on those defined by the ACL rules. For details about

When an ACL is assigned to a piece of hardware and referenced by a QoS policy for traffic

classification, the switch does not take action according to the traffic behavior definition on a packet

that does not match the ACL.

When an ACL is referenced by a piece of software to control Telnet, SNMP, and Web login users,

the switch denies all packets that do not match the ACL.

For details of ACL application for packet filtering, refer to

Introduction to IPv4 ACL

This section covers these topics:

IPv4 ACL Naming

IPv4 ACL Match Order

IPv4 ACL Step

Effective Period of an IPv4 ACL

IP Fragments Filtering with IPv4 ACL

IPv4 ACL Classification

IPv4 ACLs, identified by ACL numbers, fall into three categories, as shown in

Table 1-1 IPv4 ACL categories

Table of Contents