DELL N3000 User Manual
Configuring Access Control Lists
585
MAC access list actions include CoS queue assignment, mirroring,
redirection to another port, and logging, as well as the usual permit and deny
actions.
What Are IP ACLs?
IP ACLs classify for Layers 3 and 4 on IPv4 or IPv6 traffic.
Each ACL is a set of up to 100 rules applied to inbound or outbound traffic.
Each ACL is a set of up to 100 rules applied to inbound or outbound traffic.
IP ACLs support logging, redirect, mirroring, and drop. The following fields
may be specified in the permit or deny rules.
• Destination IP with wildcard mask
• Destination L4 port
• Every protocol or a specific protocol
• IP DSCP
• IP precedence
• IP TOS
• TCP flags
• Source IP with wildcard mask
• Source L4 port, with eq, ne, gt, and lt operators and ranges (IP/TCP/UDP
• Destination L4 port
• Every protocol or a specific protocol
• IP DSCP
• IP precedence
• IP TOS
• TCP flags
• Source IP with wildcard mask
• Source L4 port, with eq, ne, gt, and lt operators and ranges (IP/TCP/UDP
packets only)
• Destination layer 4 port, with eq, ne, gt, and lt operators and ranges
(IP/TCP/UDP packets only)
What Is the ACL Redirect Function?
The redirect function allows traffic that matches a permit rule to be
redirected to a specific physical port or LAG instead of processed on the
original port. A packet that is redirected does not go through the normal
forwarding process. It is sent to the redirect target port. The redirect function
and mirror function are mutually exclusive. In other words, you cannot
configure a given ACL rule with both mirror and redirect attributes.
What Is the ACL Mirror Function?
ACL mirroring provides the ability to mirror traffic that matches a permit
rule to a specific physical port or LAG. Mirroring is similar to the redirect
function, except that in flow-based mirroring a copy of the permitted traffic is