Defining ip based access control lists – Intel AXXSW1GB User Manual

22

Intel® Gigabit Ethernet Switch AXXSW1GB User Guide

Defining IP Based Access Control Lists

Access Control Lists (ACL) allow network managers to define classification actions and

rules for specific ingress ports. Packets entering an ingress port, with an active ACL, are

either admitted or denied entry. If they are denied entry, the user can disable the port.

ACLs are composed of access control entries (ACEs) which are rules that are made of the

filters that determine traffic classifications.

When configuring ACLs consider the following:

•

The maximum number of ACEs/rules per a single ACL are 1018.

•

The maximum number of ACEs/rules in all ACLs are 1021.

•

The maximum number of ACLs applied to a single interface are 256.

The IP Based ACL Page contains information for defining IP Based ACLs and rules.

To define IP Based ACLs:

1. Click Network Security > Access Control List > IP Based ACL. The IP Based

ACL Page opens:

Figure 17. IP Based ACL Page

The IP Based ACL Page contains the following fields:

•

ACL Name — Displays the user-defined IP based ACLs.

•

Delete — Deletes the IP based ACLs. The possible field values are:

— Checked — Deletes the selected IP based ACL.
— Unchecked — Maintains the IP based ACLs.

•

Priority — Indicates the Rule priority that determines which rule is matched to a

packet based on a first-match basis. The possible field value is 1-2147483647.