Cee Acls - HP Brocade 8/24c Developer's Manual

Brocade network advisor smi agent developer's guide v11.1.0 (53-1002169-01, may 2011)
Hide thumbs Also See for Brocade 8/24c:
Table of Contents

Advertisement

Registration
There is no conformance to any profile, and thus no registration.
Limitations
The following are the limitations of VLAN profile:

CEE ACLs

Access Control List (ACL) is used to filter Ethernet traffic of the Ethernet switch. It permits or denies
incoming packets from passing through interfaces that has the ACL policies applied to them. The
primary function is to control the movement of packets through or to the system and also to track
the packet movement.
ACLs are not effective until they are applied to an interface. One can apply ACLs on VLANs and on
the Ethernet switch 10-Gigabit Ethernet Layer 2 interfaces (Physical interfaces, Logical interfaces,
and LAGs). Each ACL is a unique collection of permit and deny statements (rules) that apply to the
packets. When a packet is received on an interface, the switch compares the fields in the packet
against any ACLs applied to the interface to verify that the packet has the required permissions to
be forwarded. The switch compares the packet sequentially against each rule in the ACL and either
forwards the packet or drops the packet.
The Brocade Network Advisor SMI Agent supports the discovery of these ACLs, both standard and
extended. In addition, support is provided to create, delete, and modify existing ACLs.
Resequencing of an ACL is not supported. Displaying and clearing of the ACL statistics counter is
not supported. However, users can enable or disable the tracking of traffic by specifying the count
parameter within the rule of an ACL policy.
There are two types of Layer 2 Media Access Control (MAC) address ACLs, standard and extended.
Brocade Network Advisor SMI Agent Developer's Guide
53-1002169-01
The properties are provided through the capabilities on the endpoint.
There is no support for Generic VLAN Registration Protocol (GVRP) and so the
Brocade_VLANEndPointCapabilities.Dot1QTagging is false. Therefore,
Brocade_VLANEndPoint.GVRPStatus is not applicable.
Brocade_VLANEndPointCapabilities.Dot1QAcceptableVLANFramesTypes is same as
Brocade_VLANEndPoint.FrameType.
Valid values for Brocade_VLANEndPointCapabilities.Dot1QAcceptableVLANFramesTypes is
populated on Enumerate Instance Names and Enumerate Instances only. The value is
Unknown on GetInstance due to performance issue.
Ingress and egress filtering is always enabled.
Layer 2 standard ACLs-permit and deny traffic according to the source MAC address in the
incoming frame. Use standard MAC ACLs if you only need to filter traffic based on source MAC
addresses.
Layer 2 extended ACLs-permit and deny traffic according to the source and destination MAC
addresses in the incoming frame, as well as other information in the MAC header, such as
EtherType.
The ACL name must be unique across both the standard and extended types.
The ACL name can be a maximum of 64 characters.
Special characters can be used in an ACL name.
CEE switch support
3
69

Advertisement

Table of Contents
loading

Table of Contents