Access control lists, Figure 194 s – Brocade Communications Systems Brocate Ethernet Access Switch 6910 User Manual

856

Brocade 6910 Ethernet Access Switch Configuration Guide

53-1002581-01

Access Control Lists

41

3. Select Show from the Action list.

4. Select a user from the User Name list.

5. Select the host-key type to clear.

6. Click Clear.

FIGURE 194

Showing the SSH User’s Public Key

Access Control Lists

Access Control Lists (ACL) provide packet filtering for IPv4 frames (based on address, protocol,
Layer 4 protocol port number or TCP control code), IPv6 frames (based on address, DSCP, or next
header type), or any frames (based on MAC address or Ethernet type). To filter incoming packets,
first create an access list, add the required rules, and then bind the list to a specific port.

Configuring Access Control Lists –

An ACL is a sequential list of permit or deny conditions that apply to IP addresses, MAC addresses,
or other more specific criteria. This switch tests ingress packets against the conditions in an ACL
one by one. A packet will be accepted as soon as it matches a permit rule, or dropped as soon as it
matches a deny rule. If no rules match, the packet is accepted.

Command Usage

The following restrictions apply to ACLs:

•

The maximum number of ACLs is 128.

•

The maximum number of rules per system is 512 rules.

•

An ACL can have up to 64 rules. However, due to resource restrictions, the average number of
rules bound to the ports should not exceed 20.

•

The maximum number of rules that can be bound to the ports is 64 for each of the following
list types: MAC ACLs, IP Standard ACLs, IP Extended ACLs, IPv6 Standard ACLs, and IPv6
Extended ACLs.