8-1.ports – KTI Networks KGS-2416 User Manual

108

3-8. ACL

The SW24GF switch access control list (ACL) is probably the most

commonly used object in the IOS. It is used for packet filtering but also for selecting
types of traffic to be analyzed, forwarded, or influenced in some way.

The ACLs are divided into Ether Types. IPv4, ARP protocol, MAC and

VLAN parameters etc. Here we will just go over the standard and extended access
lists for TCP/IP. As you create ACEs for ingress classification, you can assign a
policy for each port, the policy number is 1-8, however, each policy can be applied
to any port. This makes it very easy to determine what type of ACL policy you will
be working with.

3-8-1.Ports

Function name:

ACL Port Configuration

Function description:

The switch ACL function support up to 128 Access Control Entries (ACEs),
using the shared 128 ACEs for ingress classification. You can create an ACE
and assign this ACE for each port with or assign this ACE for a policy
or assign this ACE for a port. There are 8 policies, each port can select one of
policy, then decides which of the following actions would take according to the
packet’s IPv4, Ether Type, ARP Protocol, MAC Parameters and VLAN
parameters:

-

Packet Deny or Permit

-

Rate Limiter (Unit: pps)

-

Port Copy (1 – 24)

Fig. 3-64

Parameter description: