Netgear GSM7328SNA 7000 Series Managed Switch Administration Guide for Softwar - Page 112
MAC ACLs, IP ACLs, ACL Configuration, Class of Service CoS 802.1p .
UPC - 606449042979
View all Netgear GSM7328SNA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 112 highlights
ProSafe 7000 Managed Switch Release 8.0.3 MAC ACLs MAC ACLs are Layer 2 ACLs. You can configure the rules to inspect the following fields of a packet (limited by platform): • Source MAC address with mask. • Destination MAC address with mask. • VLAN ID (or range of IDs). • Class of Service (CoS) (802.1p) . • EtherType: - Secondary CoS (802.1p). - Secondary VLAN (or range of IDs). • L2 ACLs can apply to one or more interfaces. • Multiple access lists can be applied to a single interface: the sequence number determines the order of execution. • You cannot configure a MAC ACL and an IP ACL on the same interface. • You can assign packets to queues using the assign queue option. • You can redirect packets using the redirect option. IP ACLs IP ACLs classify for Layer 3. Each ACL is a set of up to 10 rules applied to inbound traffic. Each rule specifies whether the contents of a given field should be used to permit or deny access to the network, and can apply to one or more of the following fields within a packet: • Source IP address • Destination IP address • Source Layer 4 port • Destination Layer 4 port • ToS byte • Protocol number Note that the order of the rules is important: When a packet matches multiple rules, the first rule takes precedence. Also, once you define an ACL for a given port, all traffic not specifically permitted by the ACL is denied access. ACL Configuration To configure ACLs: 1. Create an ACL by specifying a name (MAC ACL) or a number (IP ACL). 2. Add new rules to the ACL. 3. Configure the match criteria for the rules. 112 | Chapter 10. ACLs