Cisco Cisco Packet Data Gateway (PDG) Documentation Roadmaps
CDMA2000 Wireless Data Services
Features and Functionality—Base Software ▀
Cisco ASR 5000 Series Product Overview ▄
OL-22937-01
Access Control List Support
Access Control Lists provide a mechanism for controlling (i.e permitting, denying, redirecting, etc.) packets in and out
of the system.
of the system.
IP access lists, or Access Control Lists (ACLs) as they are commonly referred to, are used to control the flow of packets
into and out of the system. They are configured on a per-context basis and consist of ―rules‖ (ACL rules) or filters that
control the action taken on packets that match the filter criteria. Once configured, an ACL can be applied to any of the
following:
into and out of the system. They are configured on a per-context basis and consist of ―rules‖ (ACL rules) or filters that
control the action taken on packets that match the filter criteria. Once configured, an ACL can be applied to any of the
following:
An individual interface
All traffic facilitated by a context (known as a policy ACL)
An individual subscriber
All subscriber sessions facilitated by a specific context
There are two primary components of an ACL:
Rule: A single ACL consists of one or more ACL rules. As discussed earlier, the rule is a filter configured to
take a specific action on packets matching specific criteria. Up to 128 rules can be configured per ACL.
Each rule specifies the action to take when a packet matches the specifies criteria. This section discusses the
rule actions and criteria supported by the system.
rule actions and criteria supported by the system.
Rule Order: A single ACL can consist of multiple rules. Each packet is compared against each of the ACL rules,
in the order in which they were entered, until a match is found. Once a match is identified, all subsequent rules
are ignored.
are ignored.
Important:
For more information on Access Control List configuration, refer IP Access Control List chapter in
System Enhanced Feature Configuration Guide.
IP Policy Forwarding
IP Policy Forwarding enables the routing of subscriber data traffic to specific destinations based on configuration. This
functionality can be implemented in support of enterprise-specific applications (i.e. routing traffic to specific enterprise
domains) or for routing traffic to back-end servers for additional processing.
functionality can be implemented in support of enterprise-specific applications (i.e. routing traffic to specific enterprise
domains) or for routing traffic to back-end servers for additional processing.
Description
The system can be configured to automatically forward data packets to a predetermined network destination. This can
be done in one of three ways:
be done in one of three ways: