beautypg.com

Using profile acls with the web caching facility – Cabletron Systems SMARTSWITCH ROUTER 9032578-05 User Manual

Page 297

background image

SmartSwitch Router User Reference Manual

271

Chapter 19: Access Control List Configuration Guide

Once you have defined a Profile ACL, you can then use the nat create dynamic command
to bind the range of IP addresses defined in the local profile to a range in network
192.50.20.0/24.

See

“Network Address Translation Configuration Guide” on page 219

for more

information on using dynamic NAT.

Using Profile ACLs with the Port Mirroring Facility

Port mirroring refers to the SSR’s ability to copy traffic on one or more ports to a “mirror”
port, where an external analyzer or probe can be attached. In addition to mirroring traffic
on one or more ports, the SSR can mirror traffic that matches selection criteria defined in a
Profile ACL.

For example, you can mirror all IGMP traffic on the SSR. You use a Profile ACL to define
the selection criteria (in this example, all IGMP traffic). Then you use a port mirroring
command to copy packets that match the selection criteria to a specified mirror port. The
following commands illustrate this example.

This command creates a Profile ACL called prof3 that uses as its selection criteria all IGMP
traffic on the SSR:

The following command causes packets matching Profile ACL prof3’s selection criteria
(that is, all IGMP traffic) to be copied to mirror port et.1.2.

See

“Configuring the SSR for Port Mirroring” on page 311

for more information on using

the port mirroring command.

Using Profile ACLs with the Web Caching Facility

Web caching is the SSR’s ability to direct HTTP requests for frequently accessed Web
objects to local cache servers, rather than to the Internet. Since the HTTP requests are
handled locally, response time is faster than if the Web objects were retrieved from the
Internet.

You can use Profile ACLs with Web caching in two ways:

Specifying which HTTP traffic should always (or never) be redirected to the cache
servers

Specifying characteristics of Web objects that should not be cached

ssr(config)# nat create dynamic local-acl-pool local global-pool 192.50.20.10/24

ssr(config)# acl prof3 permit igmp

ssr(config)# port mirroring monitor-port et.1.2 target-profile prof3

See also other documents in the category Cabletron Systems Hardware: