Access control list overview, Access control list overview -17, Standard vs. extended acls – Avaya P580 User Manual
Page 303
Avaya P550R, P580, P880, and P882 Multiservice Switch User Guide, v5.3.1
9-17
Configuring IP Routing
Access Control List Overview
An Access Control List (ACL) is a group of Access Control Rules.
Access Control Rules are used to describe how to forward (route)
packets, as opposed to where to forward them. The how can be to
forward the packet with a specific priority(0-7), forward the traffic
with an un-changed priority, or filter packets (drop).
ACLs provide the mechanism to prioritize traffic flows through the
router and the network. This traffic flow management is commonly
referred to as Quality of Service (QoS). Refer to
for more
information on QoS.
Standard vs.
Extended ACLs
A “Standard” ACL allows you to prioritize traffic by the Source IP
address.
An “Extended” ACL provides greater control over what traffic is
prioritized. Extended ACLs can use any or all of the following
parameters:
■
Source IP address
■
Destination IP address
■
TCP/UDP Source port
■
TCP/UDP Destination port.
■
Protocol ID (RFC1700)
These five parameters are referred to as a “5 Tuple”. Source and/or
Destination addresses allow you to prioritize traffic between any
combination of host, subnet, and network addresses.
Further, if you specify source and/or destination TCP/UDP port, you
can prioritize specific traffic between hosts on two different
networks. For example, you could increase the priority of Voice
Over IP (VoIP) traffic between two subnets in a call center by
specifying the UDP port number used by the phone system.
* Note: If you specify TCP or UDP port numbers, you must
specify Protocol ID 6 or 17 respectively. Failure to specify
the Protocol ID number will result in an error message
and the ACL will not be created.
Protocol ID allows you to prioritize traffic based on the Protocol ID
number. RFC 1700 lists Protocol ID numbers. You could, for
example, block all RSVP traffic (Protocol ID 46) through the router.