DELL 8132 ユーザーズマニュアル

IPv6 Access List Commands

Access to a switch or router can be made more secure through the use of 

Access Control Lists (ACLs) to control the type of traffic allowed into or out 

of specific ports. An ACL consists of a series of rules, each of which describes 

the type of traffic to be processed and the actions to take for packets that 

meet the classification criteria. Rules within an ACL are evaluated 

sequentially until a match is found, if any. Every ACL is terminated by an 

implicit deny all rule, which covers any packet not matching a preceding 

explicit rule. ACLs can help to ensure that only authorized users have access 

to specific resources while blocking out any unwarranted attempts to reach 

network resources.
ACLs may be used to restrict contents of routing updates, decide which types 

of traffic are forwarded or blocked and, above all, provide security for the 

network. ACLs are normally used in firewall routers that are positioned 

between the internal network and an external network, such as the Internet. 

They can also be used on a router positioned between two parts of the 

network to control the traffic entering or exiting a specific part of the internal 

network.
The PowerConnect ACL feature allows classification of packets based upon 

Layer 2 through Layer 4 header information. An Ethernet IPv6 packet is 

distinguished from an IPv4 packet by its unique Ethertype value; thus all IPv6 

classifiers include the Ethertype field.
Multiple ACLs per interface are supported. The ACLs can be combination of 

Layer 2 and/or Layer 3/4 ACLs. ACL assignment is appropriate for both 

physical ports and LAGs. ACLs can also be time based.

This chapter explains the following commands:

–

2CSPC4.X8100-SWUM102.book  Page 511  Friday, March 15, 2013  8:56 AM