Allied Telesis AT-8100L/8POE Switch User Manual

Open as PDF

of 350

AlliedWare Plus Version 2.2.4 Management Software Web Browser User’s Guide

249

 Source and destination UDP ports

 VLAN IDs

IPv4 Address and

Mask

The mask of an IPv4 address is a decimal number that represents

the number of bits in the address, from left to right, that constitute the

network portion of the address. For example, the subnet address

149.11.11.0/24 has a mask of “24” for first the twenty-four bits of the

network portion of the address. The IP address and the mask are

separated by a slash (/); for example, “149.11.11.0/24.”

Actions The action defines the response to packets that match the filtering criterion

of the ACL. There are three actions for ACLs:

 Deny— A deny action instructs ports to discard the specified ingress

packets.

 Permit— A permit action instructs ports to forward ingress packets that

match the specified traffic flow of the ACL. By default, all ingress

packets are forwarded by the ports.

 Copy to mirror— This action causes a port to copy all ingress packets

that match the ACL to the destination port of the mirror port.

How Ingress

Packets are

Compared

Against ACLs

Ports that do not have an ACL forward all ingress packets. Ports with one

or more deny ACLs discard ingress packets that match the ACLs and

forward all other traffic. A port that has one deny ACL that specifies a

particular source IP address, for example, discards all ingress packets

with the specified source address and forwards all other traffic. In

situations where a port has more than one deny ACL, packets are

discarded at the first match.

Since ports forward all ingress packets unless they have deny ACLs,

permit ACLs are only necessary in situations where you want a port to

forward packets that are a subset of a larger traffic flow that is blocked. For

example, a port that forwards only packets having a specified destination

IP address. A permit ACL specifies the packets with the intended

destination IP address and a deny ACL specifies all traffic.

When ports have both permit and deny ACLs, you must add the permit

ACLs first, because packets are compared against the ACLs in the order

they are added to the ports. If a permit ACL is added after a deny ACL,

ports are likely to discard packets specified by the permit ACL, thus

causing them to block packets you want them to forward.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Allied Telesis AT-8100L/8POE Switch User Manual