EasyManuals Logo
Home>Zte>Switch>ZXR10 5900 Series

Zte ZXR10 5900 Series User Manual

Zte ZXR10 5900 Series
208 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #73 background imageLoading...
Page #73 background image
Chapter7
ACLConfiguration
TableofContents
ACLOverview...................................................................59
Conîš¿guringACL................................................................60
ACLConîš¿gurationExample.................................................66
ACLMaintenanceandDiagnosis...........................................68
ACLOverview
Packetîš¿lteringcanhelplimitnetworktrafîš¿candrestrictnetwork
usebycertainusersordevices.ACL’scanltertrafcasitpasses
througharouterandpermitordenypacketsatspeciîš¿edinter-
faces.
AnACLisasequentialcollectionofpermitanddenyconditions
thatapplytopackets.Whenapacketisreceivedonaninterface,
theswitchcomparestheîš¿eldsinthepacketagainstanyapplied
ACL’stoverifythatthepackethastherequiredpermissionstobe
forwarded,basedonthecriteriaspeciîš¿edintheaccesslists.It
testspacketsagainsttheconditionsinanaccesslistonebyone.
Theîš¿rstmatchdetermineswhethertheswitchacceptsorrejects
thepacketsbecausetheswitchstopstestingconditionsafterthe
îš¿rstmatch.Theorderofconditionsinthelistiscritical.Ifno
conditionsmatch,theswitchrejectsthepackets.Ifthereareno
restrictions,theswitchforwardsthepacket;otherwise,theswitch
dropsthepacket.
Packetmatchingrulesdeîš¿nedbytheACLarealsousedinother
conditionswheredistinguishingtrafîš¿cisneeded.Forinstance,the
matchingrulescandeîš¿nethetrafîš¿cclassiîš¿cationruleintheQoS.
ZXR105900/5200providesthefollowingsixtypesofACLs:
�StandardACL:OnlymatchthesourceIPaddress.
�ExtendedACL:Matchthefollowingitems:SourceIPaddress,
destinationIPaddress,IPprotocoltype,TCPsourceportnum-
ber ,TCPdestinationportnumber ,UDPsourceportnumber ,
UDPdestinationportnumber ,ICMPtype,ICMPCode,DiffServ
CodePoint(DSCP),ToSandPrecedence.
�L2ACL:MatchsourceMACaddress,destinationMACaddress,
sourceVLANID,L2Ethernetprotocoltypeand802.1ppriority
value.
�HybridACL:MatchsourceMACaddress,destinationMACad-
dress,sourceVLANID,sourceIPaddress,destinationIPad-
Conîš¿dentialandProprietaryInformationofZTECORPORATION59

Table of Contents

Other manuals for Zte ZXR10 5900 Series

Preview: Hardware Manual
Hardware Manual53 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Zte ZXR10 5900 Series and is the answer not in the manual?

Zte ZXR10 5900 Series Specifications

General IconGeneral
BrandZte
ModelZXR10 5900 Series
CategorySwitch
LanguageEnglish

Related product manuals