Alcatel-Lucent 6850-48 ネットワークガイド

OmniSwitch AOS Release 6 Network Configuration Guide

page 41-1

Access Control Lists (ACLs) are Quality of Service (QoS) policies used to control whether or not packets 
are allowed or denied at the switch or router interface. ACLs are sometimes referred to as filtering lists.

ACLs are distinguished by the kind of traffic they filter. In a QoS policy rule, the type of traffic is speci-
fied in the policy condition. The policy action determines whether the traffic is allowed or denied. For 
detailed descriptions about configuring policy rules, see 

In general, the types of ACLs include:

• Layer 2 ACLs—for filtering traffic at the MAC layer. Usually uses MAC addresses or MAC groups for 

filtering.

• Layer 3/4 ACLs—for filtering traffic at the network layer. Typically uses IP addresses or IP ports for 

filtering; note that IPX filtering is not supported.

• Multicast ACLs—for filtering IGMP traffic.

This chapter describes ACLs and how to configure them through the Command Line Interface (CLI). CLI 
commands are used in the configuration examples; for more details about the syntax of commands, see the 
OmniSwitch CLI Reference Guide.

Configuration procedures described in this chapter include:

• Setting the Global Disposition. The disposition specifies the general allow/deny policy on the switch. 

See 

• Creating Condition Groups for ACLs. Groups are used for filtering on multiple addresses, ports, or 

services. The group is then associated with the policy condition. See 

• Creating Policy Rules for ACLs. Policy rules for ACLs are basically QoS policy rules. Specific 

parameters for ACLs are described in this chapter. See 

.

• Using ACL Security Features. Specific port group, action, service group, and policy rule combina-

tions are provided to help improve network security. See