beautypg.com

Hardware and software acl types, Numbered acls (for hardware and software acls), Hardware acls – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 828

background image

Access Control Lists Introduction

Software Reference for x310 Series Switches

33.4

AlliedWare Plus

TM

Operating System - Version 5.4.4C

C613-50046-01 REV A

Hardware and Software ACL Types

Access Control Lists (ACLs) used in AlliedWare Plus

TM

are separated into two different

types, Software ACLs and Hardware ACLs. You can define both types as either named or
numbered.

Numbered ACLs (for Hardware and Software ACLs)

Numbered ACLs are assigned an ACL number within the range 1 to 4699. ACL numbers are
grouped into ranges, where each range denotes a specific functionality. The following
table shows the number ranges and functionality that your switch supports.

Table 33-1: ACL Numeric Ranges and Functionality

1.

Software ACLs that use either the ranges 1-99, 100-199, 1300-1999, 2000-2699, or are
named ACLs (that use the standard or extended keyword followed by a text string), are
used in features such as SNMP.

Hardware ACLs

These ACL types are applied directly to an interface, or are used for QoS classifications.
They use the following ranges:

3000-3699 for Hardware IP ACLs

4000-4699 for Hardware MAC ACLs

named hardware IPv4 ACLs

named hardware IPv6 ACLs

See

Chapter 34, IPv4 Hardware Access Control List (ACL) Commands

and

Chapter 36,

IPv6 Hardware Access Control List (ACL) Commands

for detailed command information

and command examples about IPv4 and IPv6 hardware ACLs that are applied directly to
interfaces.

Note

The filtering principles applied to software ACLs (those in the range 1 to 2699)
are different to those applied to hardware ACLs (those in the range 3000 to
4699).
Software ACLs will deny access unless explicitly permitted by an ACL action.
Hardware ACLs will permit access unless explicitly denied by an ACL action.

ACL Number Range

Function

1 to 99

IP standard ACL

1

100 to 199

IP extended ACL

1

1300 to 1999

IP standard expanded ACL

1

2000 to 2699

IP extended expanded ACL

1

3000 to 3699

Hardware IP ACL

4000 to 4699

Hardware MAC ACL

See also other documents in the category Allied Telesis Computer hardware: