Foundry NetIron M2404C and M2404F Metro Access Switches
Configuring ACLs (Rev. 03)
Overview
© 2008 Foundry Networks, Inc
Page 25 of 50
NOTE
The IGMP ACLs in the range <300-399>, filter only the IGMP network traffic.
The rest of the traffic is forwarded.
For more information regarding IGMP Snooping see “
Configuring Multicast Layer
2
”.
The Multicast Group extended ACL filters the traffic by the following parameters:
•
Source IP address in the IP packet header.
•
Multicast group address in the IGMP packet header.
•
IGMP protocol.
•
IGMP type in the IGMP packet header (see
Table 12
for valid literal values).
In order to distinguish between Multicast Group extended ACLs and other types of Access Control
Lists, the Multicast Group extended ACLs are created with
acl-number
values in the range 300 to
399.
Command Syntax
device-name
(config)#
access-list
<
acl-number
>
{
deny
|
permit
}
igmp SOURCE
[
SOURCE-WILDCARD
]
DESTINATION
[
DESTINATION-WILDCARD
] [<
igmp-type
>]
device-name
(config)#
no access-list
<
acl-number
>
Argument Description
acl-number
Number of the ACL. Valid values are in the range <300-399>.
deny
Denies access if the conditions are matched.
permit
Permits access if the conditions are matched.
igmp
Specifies the IGMP protocol.
SOURCE
Number of the network or host from which the packet is being sent. There are
three ways to specify the source:
1.
Use a 32-bit quantity in 4-part dotted-decimal format.
2.
Use the keyword
any
as an abbreviation for a
source
of 0.0.0.0 and
source-wildcard
of 255.255.255.255
.
3.
Use
host
source
as an abbreviation for a
source
of 0.0.0.0 and
source-
wildcard
of 0.0.0.0.
SOURCE-
WILDCARD
(Optional). Wildcard bits to be applied to source. There are two ways to
specify the source wildcard:
1.
Use a 32-bit quantity in 4-part dotted-decimal format. Place
ones
in the
bit positions the user wants to ignore.
2.
Use
/M
to describe the IP mask.
DESTINATION
Number of the network or host to which the packet is being sent. There are
three ways to specify the destination:
1.
Use a 32-bit quantity in 4-part dotted-decimal format.
2.
Use the keyword
any
as an abbreviation for a
destination
of 0.0.0.0
and
destination-wildcard
of 255.255.255.255.
Use
host
destination
as an abbreviation for a
destination
of 0.0.0.0 and
destination-wildcard
of 0.0.0.0.