Introduction to ipv4 acl, Ipv4 acl classification, Ipv4 acl naming – H3C Technologies H3C WX6000 Series Access Controllers User Manual
Page 404: 2 ipv4 acl naming
40-2
z
Software-based application: An ACL is referenced by a piece of upper layer software. For example,
an ACL can be referenced to configure login user control behavior, thus controlling Telnet, SNMP
and Web users. Note that when an ACL is reference by the upper layer software, actions to be
taken on packets matching the ACL depend on those defined by the ACL rules. For details about
login user control, refer to the part about login configuration in this guide.
z
When an ACL is assigned to a piece of hardware and referenced by a QoS policy for traffic
classification, the switch does not take action according to the traffic behavior definition on a packet
that does not match the ACL.
z
When an ACL is referenced by a piece of software to control Telnet, SNMP, and Web login users,
the switch denies all packets that do not match the ACL.
Introduction to IPv4 ACL
This section covers these topics:
z
z
z
z
z
Effective Period of an IPv4 ACL
z
IP Fragments Filtering with IPv4 ACL
IPv4 ACL Classification
IPv4 ACLs, identified by ACL numbers, fall into four categories, as shown in
.
Table 40-1
IPv4 ACL categories
Category
ACL number
Matching criteria
Basic IPv4 ACL
2000 to 2999
Source IP address
Advanced IPv4 ACL
3000 to 3999
Source IP address, destination IP address,
protocol carried on IP, and other Layer 3 or Layer
4 protocol header information
Ethernet frame header ACL
4000 to 4999
Layer 2 protocol header fields such as source
MAC address, destination MAC address, 802.1p
priority, and link layer protocol type
IPv4 ACL Naming
When creating an IPv4 ACL, you can specify a unique name for it. Afterwards, you can identify the ACL
by its name.