3com 3031 Instruccion De Instalación
![3com](https://files.manualsbrain.com/attachments/960452ff43b9899cbcffced60c87abf956e7967a/common/fit/150/50/f6ac125d7af2cf40fec58935fa6d4bf71457a57efe50bee91208a434f325/brand_logo.jpeg)
58
ACL C
ONFIGURATION
This chapter covers the following topics:
■
■
■
■
■
Introduction to ACL
This section introduces Access Control Lists (ACLs).
ACL Overview
In order to filter data packets, a series of rules need to be configured on the router
to decide which data packets can pass. These rules are defined by ACL (Access
Control List), which are a series of sequential rules consisting of
to decide which data packets can pass. These rules are defined by ACL (Access
Control List), which are a series of sequential rules consisting of
permit | deny
statements. The rules are described by source address, destination address and
port number of data packets. ACL classifies data packets through these router
interface applied rules, by which the router decides which packets can be received
and which should be rejected.
port number of data packets. ACL classifies data packets through these router
interface applied rules, by which the router decides which packets can be received
and which should be rejected.
Classification of ACL
An ACL is represented by a number which shows the application purpose of the
ACL. Table 877 lists the range of numbers that match each application purpose.:
ACL. Table 877 lists the range of numbers that match each application purpose.:
Match order of ACL
An access control rule may consist of several
permit
|
deny
statements, each
statement specifying different packet ranges. In this case, match order problem
exists on matching a packet and access control rule.
exists on matching a packet and access control rule.
There are two kinds of match orders:
■
Configuration sequence: match ACL rules according to their configuration
order.
order.
■
Automatic sequencing: follow the principle of “depth priority”.
“Depth priority” rule puts the statement that specifies the smallest packet range
into first place. This can be realized by comparing address wildcard. The smaller
into first place. This can be realized by comparing address wildcard. The smaller
Table 877 Classifcation of ACLs
Application Purpose
Number Range
Interface-based ACL
1000 to 1999
Basic ACL
2000 to 2999
Advanced ACL
3000 to 3999
MAC-based ACL
4000 to 4999