Alcatel-Lucent 6600 Switch User Manual

Open as PDF

of 654

Configuring ACLs Configuring ACLs

OmniSwitch 6600 Family Network Configuration Guide April 2006 page 25-15

Layer 3 ACL: Example 2

This example uses condition groups to combine multiple IP addresses in a single condition. The default

disposition is set to deny.

-> qos default routed disposition deny

-> policy network group GroupA 192.60.22.1 192.60.22.2 192.60.22.0

-> policy condition cond7 destination network group GroupA

-> policy action Ok disposition accept

-> policy rule FilterL32 condition cond7 action Ok

In this example, a network group, GroupA, is configured with three IP addresses. Condition cond7

includes GroupA as a destination group. Flows coming into the switch destined for any of the specified IP

addresses in the group will match rule FilterL32. FilterL32 is configured with an action (Ok) to allow the

traffic on the switch.

Multicast Filtering ACLs

Multicast filtering may be set up to filter clients requesting group membership via the Internet Group

Management Protocol (IGMP). IGMP is used to track multicast group membership. The IP Multicast

Switching (IPMS) function in the switch optimizes the delivery of IP multicast traffic by sending packets

only to those stations that request it. Potential multicast group members may be filtered out so that IPMS

does not send multicast packets to those stations.

For more information about IPMS, see Chapter 26, “Configuring IP Multicast Switching.”

Multicast traffic has its own global disposition. By default, the global disposition is accept. To change the

default, use the qos default multicast disposition command.

For multicast filtering, the switch classifies traffic based on the multicast IP address or multicast network

group and any destination parameters. Note that the destination parameters are used for the client from

which the switch will receive the IGMP request.

The multicast ip or multicast network group keyword is required in the condition configured for a

multicast ACL.

The following keywords may be used in the condition to indicate the client parameters:

If a destination group is specified, the corresponding single value keyword cannot be combined in the

same condition. For example, if a destination port is specified, a destination port group cannot be speci-

fied in the same condition.

Multicast ACL Keywords

destination ip

destination vlan

destination port

destination port group

destination mac

destination mac group

destination interface type

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Alcatel-Lucent 6600 Switch User Manual