Netgear XCM8806 - 8800 SERIES 6-SLOT CHASSIS SWITCH 사용자 설명서

The following rules are used to evaluate fragmented packets or rules that use the 

fragments

 

or 

first-fragments

 keywords.

With no keyword specified, processing proceeds as follows:

An L3-only rule that does not contain 

first-fragments

 keyword matches any IP packets.

An L4 rule that does not contain 

first-fragments

 keyword matches non-fragmented or 

initial-fragment packets.

With the 

first-fragments

 keyword specified:

An L3-only rule with the 

first-fragments

 keyword matches non-fragmented or initial 

fragment packets. 

An L4 rule with the 

first-fragments

 keyword matches non-fragmented or initial fragment 

packets. 

Layer-2 Protocol Tunneling ACLs

Three ACL match conditions and one ACL action interoperate with vendor-proprietary 
Layer-2 protocol tunneling.

The following fields within 802.3 Subnetwork Access Protocol (SNAP) and LLC formatted 
packets can be matched:

Destination service access point (SAP) 

Source SAP 

The following field can be matched within Subnetwork Access Protocol (SNAP) packets only:

SNAP type 

The following ACL action is added to the specified switches:

Replacement of the Ethernet MAC destination address

This action replaces the destination MAC address of any matching Layer-2 forwarded 
packets on the supported platforms. This action can be used to effectively tunnel protocol 
packets, such as STP, across a network by replacing the well-known protocol MAC address 
with a different proprietary or otherwise unique MAC address. After tunnel egress, the MAC 
destination address can be reverted back to the well-known MAC address.

The “replace-ethernet-destination-address” action applies only to 

Layer-2 forwarded packets.