DELL S50V User Manual

IP Access Control Lists (ACL), Prefix Lists, and Route-maps | 147

If a rule is simply appended, existing counters are not affected. 

For information on MAC ACLs, refer to the Access Control Lists (ACLs) chapter in the FTOS Command 
Line Reference Guide.

Ingress IP ACLs are supported on platforms: 

c 

and 

s

 

Ingress and Egress IP ACL are supported on platform: 

e

 

To pass traffic through a configured IP ACL, you must assign that ACL to a physical interface, a port 
channel interface, or a VLAN. The IP ACL is applied to all traffic entering a physical or port channel 
interface and the traffic is either forwarded or dropped depending on the criteria and actions specified in 
the ACL.

The same ACL may be applied to different interfaces and that changes its functionality. For example, you 
can take ACL "ABCD", and apply it using the 

 keyword and it becomes an ingress access list. If you 

apply the same ACL using the 

 keyword, it becomes an egress access list. If you apply the same ACL to 

the loopback interface, it becomes a loopback access list.

This chapter covers the following topics:

•

•

•

For more information on Layer-3 interfaces, refer to 

Chapter 13, Interfaces, on page 47

. 

Deny

Deny

Denied  by L3 ACL

Deny

Permit

Permitted by L3 ACL

Permit

Deny

Denied  by L2 ACL

Permit

Permit

Permitted by L2 ACL

Note: If an interface is configured as a “

” port, the packets are filtered by an 

L2 ACL only. The L3 ACL applied to such a port does not affect traffic. That is, existing rules 
for other features  (such as trace-list, PBR, and QoS) are applied accordingly to the permitted 
traffic.