Summary of acl actions, Assigning individual acls to a port, Acl order of precedence – Blade ICE RACKSWITCH G8124-E User Manual

BLADEOS 6.5.2 Application Guide

78 Chapter 5: Access Control Lists

BMD00220, October 2010

Summary of ACL Actions

Once classified using ACLs, the identified packet flows can be processed differently. For each
ACL, an action can be assigned. The action determines how the switch treats packets that match the
classifiers assigned to the ACL. G8124 ACL actions include the following:

Pass or Drop the packet

Re-mark the packet with a new DiffServ Code Point (DSCP)

Re-mark the 802.1p field

Set the COS queue

Note –

ACLs act only upon ingress traffic on a port, not egress traffic.

Assigning Individual ACLs to a Port

Once you configure an ACL, you must assign the ACL to the appropriate ports. Each port can
accept multiple ACLs, and each ACL can be applied for multiple ports. ACLs can be assigned
individually.

To assign an individual ACLs to a port, use the following IP Interface Mode commands:

When multiple ACLs are assigned to a port, higher-priority ACLs are considered first, and their
action takes precedence over lower-priority ACLs. ACL order of precedence is discussed in the
next section.

ACL Order of Precedence

When multiple ACLs are assigned to a port, they are evaluated in numeric sequence, based on the
ACL number. Lower-numbered ACLs take precedence over higher-numbered ACLs. For example,
ACL 1 (if assigned to the port) is evaluated first and has top priority.

If multiple ACLs match the port traffic, only the action of the one with the lowest ACL number is
applied. The others are ignored.

If no assigned ACL matches the port traffic, no ACL action is applied.

RS G8124(config)# interface port

RS G8124(config-ip)# access-control list

RS G8124(config-ip)# access-control list6