Netgear XCM8806 - 8800 SERIES 6-SLOT CHASSIS SWITCH ハードウェアマニュアル

12.   

Policy Manager Commands

This chapter describes commands for:

Creating and configuring policy files for IP access lists (ACLs)

Creating and configuring policy files for routing policies

Policies are a generalized category of features that impact forwarding and route forwarding 
decisions. Access policies are used primarily for security and quality of service (QoS) purposes.

IP access lists (also referred to as Access Lists or ACLs) consist of IP access rules and are used 
to perform packet filtering and forwarding decisions on traffic traversing the switch. Each packet 
on an interface is compared to the access list in sequential order and is either forwarded to a 
specified QoS profile or dropped. Additionally, packets can be metered using ACLs. Using 
access lists has no impact on switch performance. 

Access lists are typically applied to traffic that crosses Layer 3 router boundaries, but it is 
possible to use access lists within a Layer 2 VLAN. NETGEAR products are capable of 
performing this function with no additional configuration. 

Routing policies are used to control the advertisement or recognition of routes from routing 
protocols, such as RIP, OSPF, or BGP. Routing policies can be used to ‘hide’ entire networks or 
to trust only specific sources for routes or ranges of routes. The capabilities of routing policies 
are specific to the type of routing protocol involved, but are sometimes more efficient and easier 
to implement than access lists.

Although the NETGEAR 8800 does not prohibit mixing ACL and 

routing type entries in a policy file, it is strongly recommended that 
you do not mix the entries, and you use separate policy files for ACL 
and routing policies.

check  policy  <policy-name> {access-list}

Checks the syntax of the specified policy.