Layer 3 access control list policy, Layer 3 access control, List policy – Brocade Network Advisor SAN + IP User Manual v12.1.0 User Manual

Page 828

Advertising
background image

772

Brocade Network Advisor SAN + IP User Manual

53-1002949-01

Layer 3 access control list policy

22

FIGURE 272

Device/Fabric_Name - Port_Number

- Layer 2 ACL Configuration dialog box

4. Review the Layer 2 ACL configuration details.

Details of Selected ACL table — Displays the details of the ACL selected in the ACLs list.The
Details of Selected ACL table includes the following details:

Sequence — The Layer 2 ACL entry sequence number.

Action — Whether the ACL permits or denies traffic.

Source — The source MAC address on which the ACL filters traffic.

Destination (Extended only) — The destination MAC address on which the ACL filters the
traffic.

Count — Whether count is enabled or disabled.

Ether Type (Extended only) — The Ethernet protocol. Values include ARP, FCoE, IPv4, or
Custom.

5. Click OK to close on the Device/Fabric_Name - Port_Number - Layer 2 ACL Configuration dialog

box.

Layer 3 access control list policy

A Layer 3 access control list (L3 ACL) enables you to filter incoming and outgoing traffic based on
the information in the IP packet header.

An ACL is a unique collection of permit and deny statements (rules) that apply to frames. You can
use ACLs to permit or deny incoming and outgoing frames from passing through an interface to
which you assigned the ACLs. When the interface receives the frame, the device compares the
fields in the frame against any ACLs assigned to the interface to verify that the frame has the
required permissions to be forwarded. The device compares the frame, sequentially, against each
rule in the assigned ACL. If the frame matches the ‘permit’ rule, the traffic is forwarded; otherwise,
the traffic is dropped.

You must configure the ACL on the device before you assign the ACL to an interface. You can create
multiple ACLs and save them to the device configuration. However, the ACL does not filter traffic
until you assign it to an interface. You can assign an ACL on the following interface types: physical
port, Virtual LAN (VLAN), or Link Aggregation Group (LAG).

Advertising
Popular Brands
Popular manuals