beautypg.com

40 acl overview, Introduction to acl, Introduction – H3C Technologies H3C WX6000 Series Access Controllers User Manual

Page 403: Application of acls on the switch, 1 application of acls on the switch, Acl overview

background image

40-1

40

ACL Overview

In order to filter traffic, network devices use sets of rules, called access control lists (ACLs), to identify
and handle packets.

When configuring ACLs, go to these chapters for information you are interested in:

z

ACL Overview

z

IPv4 ACL Configuration

z

IPv6 ACL Configuration

Unless otherwise specified, in this document:

z

ACLs refer to both IPv4 ACLs and IPv6 ACLs.

z

The term switch refers to a switch in a generic sense or an access controller configured with the
switching function.

Introduction to ACL

Introduction

As network scale and network traffic are increasingly growing, network security and bandwidth
allocation become more and more critical to network management. Packet filtering can be used to
efficiently prevent illegal users from accessing networks and to control network traffic and save network
resources. Access control lists (ACL) are often used to filter packets with configured matching rules.

ACLs are sets of rules (or sets of permit or deny statements) that decide what packets can pass and
what should be rejected based on matching criteria such as source MAC address, destination MAC
address, source IP address, destination IP address, and port number.

Application of ACLs on the Switch

The switch supports two ACL application modes:

z

Hardware-based application: An ACL is assigned to a piece of hardware. For example, an ACL can
be referenced by QoS for traffic classification. Note that when an ACL is referenced to implement
QoS, the actions defined in the ACL rules, deny or permit, do not take effect; actions to be taken on
packets matching the ACL depend on the traffic behavior definition in QoS. For details about traffic
behavior, refer to the QoS in H3C WX6103 Access Controller Switch Interface Board Configuration

Guide

.