Defining rules
Issue 5 June 2008
647
●
Layer 4 rules in an access control list with a
Deny
operation are not applied to non-initial
fragments, and the device continues checking the next IP rule. This is to prevent cases in
which fragments that belong to other L4 sessions may be blocked by the other L4 session
which is blocked.
●
Layer 3 rules apply to non-initial fragments
●
Layer 3 rules that include the fragment criteria do not apply to initial fragments or
non-fragment packets
●
Layer 3 rules that do not include the fragment criteria apply to initial fragments and
non-fragment packets
●
Layer 4 rules apply to initial fragments and non-fragment packets
●
Layer 3 and Layer 4 rules in QoS and policy-based routing lists apply to non-initial
fragments
IP protocol
To specify the IP protocol to which the rule applies, enter
ip-protocol
followed by the name
of an IP protocol. If you want the rule to apply to all protocols, use
any
with the command. If you
want the rule to apply to all protocols except for one, use the
no
form of the command, followed
by the name of the protocol to which you do not want the rule to apply.
For example, the following command specifies the UDP protocol for rule 1 in QoS list 401:
The following command specifies any IP protocol except IGMP for rule 3 in access control
list 302:
Source and destination IP address
To specify a range of source and destination IP addresses to which the rule applies, use the
commands
source-ip
and
destination-ip
, followed by the IP range criteria. The IP range
criteria can be one of the following:
●
A range
. Type two IP addresses to set a range of IP addresses to which the rule applies
●
A single address
. Type
host
, followed by an IP address, to set a single IP address to
which the rule applies
●
A wildcard
. Type
host
, followed by an IP address using wildcards, to set a range of IP
addresses to which the rule applies
●
All addresses
. Type
any
to apply the rule to all IP addresses
Use the
no
form of the appropriate command to specify that the rule does not apply to the IP
address or addresses defined by the command.
G350-001(QoS 401/rule 1)# ip-protocol udp
G350-001(ACL 302/ip rule 3)# no ip-protocol igmp
Summary of Contents for Media Gateway G250
Page 1: ...Administration for the Avaya G250 and Avaya G350 Media Gateways 03 300436 Issue 5 June 2008 ...
Page 24: ...Contents 24 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 32: ...Introduction 32 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 38: ...Configuration overview 38 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 244: ...Configuring logging 244 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 258: ...Configuring VoIP QoS 258 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 370: ...Configuring SNMP 370 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 548: ...Configuring the router 548 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 664: ...Configuring policy 664 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 686: ...Setting synchronization 686 Administration for the Avaya G250 and Avaya G350 Media Gateways ...