Alcatel-Lucent 6600 Switch User Manual

Open as PDF

of 654

Configuring ACLs Configuring ACLs

page 25-12 OmniSwitch 6600 Family Network Configuration Guide April 2006

rule7 will take precedence over the other rules. (For more information about precedence, see “Rule Prece-

dence” on page 25-5.) The action configured for the rule, a1, allows traffic from 10.10.4.8, so the flow will

be accepted on the switch.

The rule will not be used to classify traffic or enforce the policy until the qos apply command is entered.

For information about applying policy parameters, see “Applying the Configuration” on page 24-46 in

Chapter 24, “Configuring QoS.”

Layer 2 ACLs

Layer 2 filtering filters traffic at the MAC layer. The QoS software works in conjunction with the source

learning mechanism in the switch to filter Layer 2 traffic. Layer 2 filtering may be done for both bridged

and routed packets. As MAC addresses are learned on the switch, QoS classifies the traffic based on:

• MAC address or MAC group

• VLAN

• Physical slot/port or port group

• Interface type

The switch classifies the MAC address as both source and destination. The condition parameters in the

policy rule must be all source parameters or all destination parameters.

The following policy condition keywords are used for Layer 2 ACLs:

A group and an individual item cannot be specified in the same condition. For example, a source MAC

address and a source MAC group cannot be specified in the same condition.

Note that some combinations of Layer 2 conditions may not be valid. Refer to “Condition Combinations”

on page 24-6 and “Condition/Action Combinations” on page 24-7 in Chapter 24, “Configuring QoS.”

If the default bridged disposition is set to drop or deny, any rules for allowing Layer 2 traffic through the

switch must be configured in two instances, once for source and once for destination.

Layer 2 ACL Condition Keywords

source mac

source mac group

source vlan

source port

source port group

source interface type

destination mac

destination mac group

destination vlan

destination port

destination port group

destination interface type

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Alcatel-Lucent 6600 Switch User Manual