EKI-9500 Series User Manual
280
To access this page, click
QoS
>
Access Control Lists
>
Configuration
.
Figure 4.310 QoS > Access Control Lists > Configuration
The following table describes the items in the previous figure.
Item
Description
ACL Identifier
The menu contains the ID for each ACL that exists on the system.
Before you add or remove a rule, you must select the ID of the ACL
from the menu. For ACLs with alphanumeric names, click the Edit icon
to change the ACL ID. The ID of a named ACL must begin with a letter,
and not a number. The ACL identifier for IPv4 Standard and IPv4
Extended ACLs cannot be changed.
Rule
The number that identifies the rule. A number is automatically
assigned to a rule when it is created. Rules are added in the order that
they are created and cannot be renumbered. Packets are checked
against the rule criteria in order, from the lowest-numbered rule to the
highest. When the packet matches the criteria in a rule, it is handled
according to the rule action and attributes. If no rule matches a packet,
the packet is discarded based on the implicit deny all rule, which is the
final rule in every ACL.
ACL Type
The type of ACL. The ACL type determines the criteria that can be
used to match packets. The type also determines which attributes can
be applied to matching traffic. IPv4 ACLs classify Layer 3 and Layer 4
IPv4 traffic, IPv6 ACLs classify Layer 3 and Layer 4 IPv6 traffic, and
MAC ACLs classify Layer 2 traffic. The ACL types are as follows:
IPv4 Standard: Match criteria is based on the source address of
IPv4 packets.
IPv4 Extended: Match criteria can be based on the source and
destination addresses, source and destination Layer 4 ports, and
protocol type of IPv4 packets.
IPv4 Named: Match criteria is the same as IPv4 Extended ACLs,
but the ACL ID can be an alphanumeric name instead of a num-
ber.
IPv6 Named: Match criteria can be based on information includ-
ing the source and destination IPv6 addresses, source and desti-
nation Layer 4 ports, and protocol type within IPv6 packets.
Extended MAC: Match criteria can be based on the source and
destination MAC addresses, 802.1p user priority, VLAN ID, and
EtherType value within Ethernet frames.
Status
Indicates whether the ACL is active. If the ACL is a time-based ACL
that includes a time range, the ACL is active only during the periods
specified within the time range. If an ACL does not include a time
range, the status is always active.
Содержание EKI-9512-C0IDW10E
Страница 1: ...User Manual EKI 9500 Series Full Managed Ethernet Switches...
Страница 20: ...Chapter 1 1Product Overview...
Страница 28: ...Chapter 2 2Switch Installation...
Страница 38: ...Chapter 3 3Configuration Utility...
Страница 43: ...Chapter 4 4Managing Switch...