Access-group – Allied Telesis AT-DC2552XS User Manual
Page 445
AT-DC2552SX Switch Command Line Interface User’s Guide
Section V: Security and Traffic Control
445
ACCESS-GROUP
Syntax
access-group
acl_name
Parameter
acl_name
Specifies the name of a hardware access control list to assign to
the switch port.
Mode
Port Interface mode
Description
Use this command to assign a hardware Access Control List (ACL) to
switch ports.
When a switch port receives packets, the switch evaluates them against
each statement in the hardware ACLs assigned to the port. When a packet
matches a statement, the switch takes an action listed in the statement
and skips the rest of the statements. If a packet does not match any
statements, the switch forwards the packet.
Here are guidelines for applying hardware ACLs:
You can assign up to 256 hardware ACLs to a switch port; however,
the number of ACLs the switch process depends on the available
memory of the switching chip allocated to the ACL function.
When IGMP Snooping is enabled on a switch port, the switch does not
evaluate hardware access control lists assigned to the switch port.
IGMP Snooping is enabled by default.
When a switch port is assigned policy maps and Denial of Service
(DoS) statements as well as ACLs, the switch evaluates received
packets on the switchport against DoS statements, ACL, and policy
maps in this order.
When assigning hardware ACLs to a trunk group (saX and poX),
assign them to ports. Assigning hardware ACLs to a trunk group is not
permitted.
Confirmation Command