Functions
Access Lists
Depending whether it is a Deny or a Permit list the packets are blocked or forwarded that
match the criteria of the Access Control List of the interface.
An incoming and outgoing list can also be configured for the system. Like this the security
can be enhanced and/or a firewall can be established.
2-Wire CU
DSL 1
Configuration
local LAN
2
3
4
5
1
WAN
SHDSL-Interface
Intelligent Switch
ACL out
ACL in
and Monitoring
(Layer 2 or 3)
Figure 27: ACL overview for a 500NMD11
Legend:
1 FO 1
2 Ethernet Port 1
3 Ethernet Port 2
4 Ethernet Port 3
5 Ethernet Port 4
Commands for the configuration of incoming / outgoing packet filters for interfaces:
< s e t i n t e r f a c e c h a n n e l 0 a c l { 1 - 1 6 } [ i n | o u t ] >
< s e t i n t e r f a c e { d s l 1 | d s l 2 } a c l { 1 - 1 6 } [ i n | o u t ] >
< s e t s w i t c h { f o 1 | f o 2 } a c l { 1 - 1 6 } [ i n | o u t ] >
< s e t s w i t c h { p o r t 1 | p o r t 2 | p o r t 3 | p o r t 4 } a c l { 1 - 1 6 } [ i n |
< s e t s y s t e m a c l { 1 . . 1 6 } [ i n | o u t ] >
< c l e a r i n t e r f a c e c h a n n e l 0 a c l { 1 - 1 6 } [ i n | o u t ] >
< c l e a r i n t e r f a c e { d s l 1 | d s l 2 } a c l { 1 - 1 6 } [ i n | o u t ] >
< c l e a r s w i t c h { f o 1 | f o 2 } a c l { 1 - 1 6 } [ i n | o u t ] >
< c l e a r s w i t c h { p o r t 1 | p o r t 2 | p o r t 3 | p o r t 4 } a c l { 1 - 1 6 } [ i n
< c l e a r s y s t e m a c l [ i n | o u t ] >
2.25.8
Access Lists as Class Map to Qualify QoS of the Data Traffic
Access lists can be used as any Class Maps for QoS classification. A Class-of-Service can be
assigned to an access list at interface of a EDS500 device. If an Ethernet frame matches the
criteria of this Class Map the CoS is set to the configured class. Like this e.g. the data traffic
of devices that are not capable of QoS can be tagged with a certain Class-of-Service.
ADVICE
The Class-of-Service gets rewritten (remapped) for those frames that are classified as
allowed (permitted) by the list. The other (denied) frames keep the present CoS.
1KGT151021
V000 1
89
Содержание EDS500 Series
Страница 8: ...References Introduction 8 1KGT151021 V000 1 ...
Страница 152: ...Certificate Management Functions 152 1KGT151021 V000 1 ...
Страница 155: ...1KGT151021 V000 1 155 ...