LevelOne ProCon GSW-2692 User Manual Page 267
- Page / 390
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
Rated. / 5. Based on customer reviews
Access Control List Commands
4-89
4
Access Control List Commands
Access Control Lists (ACL) provide packet filtering for IP frames (based on address,
protocol, Layer 4 protocol port number or TCP control code) or any frames (based
on MAC address or Ethernet type). To filter packets, first create an access list, add
the required rules and then bind the list to a specific port.
Access Control Lists
An ACL is a sequential list of permit or deny conditions that apply to IP addresses,
MAC addresses, or other more specific criteria. This switch tests ingress or egress
packets against the conditions in an ACL one by one. A packet will be accepted as
soon as it matches a permit rule, or dropped as soon as it matches a deny rule. If no
rules match for a list of all permit rules, the packet is dropped; and if no rules match
for a list of all deny rules, the packet is accepted.
There are three filtering modes:
• Standard IP ACL mode (STD-ACL) filters packets based on the source IP address.
• Extended IP ACL mode (EXT-ACL) filters packets based on source or destination
IP address, as well as protocol type and protocol port number. If the TCP protocol
is specified, then you can also filter packets based on the TCP control code.
• MAC ACL mode (MAC-ACL) filters packets based on the source or destination
MAC address and the Ethernet frame type (RFC 1060).
The following restrictions apply to ACLs:
• Each ACL can have up to 32 rules.
• The maximum number of ACLs is 88.
• However, due to resource restrictions, the average number of rules bound the
ports should not exceed 20.
• This switch supports ACLs for ingress filtering only. You can only bind one IP ACL
to any port and one MAC ACL globally for ingress filtering. In other words, only two
ACLs can be bound to an interface - Ingress IP ACL and Ingress MAC ACL.
The order in which active ACLs are checked is as follows:
1. User-defined rules in the Ingress MAC ACL for ingress ports.
2. User-defined rules in the Ingress IP ACL for ingress ports.
3. Explicit default rule (permit any any) in the ingress IP ACL for ingress ports.
4. Explicit default rule (permit any any) in the ingress MAC ACL for ingress ports.
5. If no explicit rule is matched, the implicit default is permit all.
- LevelOne 1
- Contents 14
- Chapter 1: Introduction 19
- Introduction 20
- System Defaults 23
- Connecting to the Switch 27
- Required Connections 28
- Stack Operations 29
- Basic Configuration 30
- Setting Passwords 31
- Setting an IP Address 31
- Initial Configuration 32
- Dynamic Configuration 32
- Community Strings 33
- Saving Configuration Settings 34
- Managing System Files 35
- Using the Web Interface 37
- Home Page 38
- Panel Display 39
- Main Menu 40
- Manual Configuration 49
- Using DHCP/BOOTP 50
- Managing Firmware 51
- Console Port Settings 56
- Telnet Settings 58
- Configuring Event Logging 60
- Remote Log Configuration 62
- Displaying Log Messages 63
- Resetting the System 66
- Setting the System Clock 67
- Setting the Time Zone 68
- User Authentication 71
- Configuring HTTPS 76
- Configuring the Secure Shell 78
- Generating the Host Key Pair 80
- Configuring the SSH Server 82
- Configuring Port Security 83
- Displaying 802.1X Statistics 90
- Access Control Lists 93
- Setting the ACL Name and Type 94
- Configuring a Standard IP ACL 95
- Configuring a MAC ACL 98
- Port Configuration 100
- Configuring the Switch 102
- Creating Trunk Groups 104
- Configuring LACP Parameters 109
- Displaying LACP Port Counters 111
- Configuring Port Mirroring 118
- Configuring Rate Limits 119
- Rate Limit Configuration 120
- Rate Limit Granularity 120
- Showing Port Statistics 121
- Address Table Settings 126
- Displaying the Address Table 127
- Changing the Aging Time 129
- Displaying Global Settings 130
- Configuring Global Settings 133
- Displaying Interface Settings 136
- VLAN Configuration 141
- Displaying Current VLANs 145
- Creating VLANs 147
- Private VLANs 153
- Configuring Private VLANs 155
- Associating VLANs 155
- Layer 2 Queue Settings 159
- Priority 161
- 13. CLI shows Queue ID 161
- Selecting the Queue Mode 163
- Layer 3/4 Priority Settings 164
- Mapping IP Precedence 165
- Mapping DSCP Priority 167
- Mapping IP Port Priority 168
- Mapping CoS Values to ACLs 169
- Multicast 171
- Multicast Filtering 173
- Accessing the CLI 179
- Console Connection 179
- Telnet Connection 179
- Command Line Interface 180
- Entering Commands 181
- Showing Commands 182
- Partial Keyword Lookup 183
- Using Command History 183
- Understanding Command Modes 183
- Exec Commands 184
- Configuration Commands 184
- Command Line Processing 186
- Command Groups 187
- Line Commands 188
- General Commands 197
- System Management Commands 202
- User Access Commands 203
- IP Filter Commands 206
- Web Server Commands 208
- Telnet Server Commands 211
- Secure Shell Commands 212
- Event Logging Commands 221
- SMTP Alert Commands 227
- Time Commands 231
- System Status Commands 235
- Frame Size Commands 242
- Flash/File Commands 243
- Authentication Commands 249
- RADIUS Client 251
- TACACS+ Client 254
- Port Security Commands 257
- 802.1X Port Authentication 259
- Access Control List Commands 267
- IP ACLs 268
- MAC ACLs 275
- ACL Information 280
- SNMP Commands 281
- Interface Commands 286
- Mirror Port Commands 297
- Rate Limit Commands 299
- Link Aggregation Commands 301
- Address Table Commands 311
- Spanning Tree Commands 315
- VLAN Commands 327
- Configuring VLAN Interfaces 329
- Displaying VLAN Information 334
- Priority Commands 346
- Multicast Filtering Commands 359
- IP Interface Commands 368
- Software Features 373
- Management Features 374
- Standards 374
- Management Information Bases 375
- Software Specifications 376
- Appendix B: Troubleshooting 377
- Using System Logs 378
- Glossary 379
- GSW-2692 390
- E072006-R01 390
Related products and manuals for Network switches LevelOne ProCon GSW-2692
(265 pages)© 2020, manymanuals.com. All rights reserved. | 1.677 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals