Blade ICE G8124 Personal Computer User Manual


 
BLADEOS 6.5.2 Application Guide
78 Chapter 5: Access Control Lists BMD00220, October 2010
Summary of ACL Actions
Once classified using ACLs, the identified packet flows can be processed differently. For each
ACL, an action can be assigned. The action determines how the switch treats packets that match the
classifiers assigned to the ACL. G8124 ACL actions include the following:
Pass or Drop the packet
Re-mark the packet with a new DiffServ Code Point (DSCP)
Re-mark the 802.1p field
Set the COS queue
Note – ACLs act only upon ingress traffic on a port, not egress traffic.
Assigning Individual ACLs to a Port
Once you configure an ACL, you must assign the ACL to the appropriate ports. Each port can
accept multiple ACLs, and each ACL can be applied for multiple ports. ACLs can be assigned
individually.
To assign an individual ACLs to a port, use the following IP Interface Mode commands:
When multiple ACLs are assigned to a port, higher-priority ACLs are considered first, and their
action takes precedence over lower-priority ACLs. ACL order of precedence is discussed in the
next section.
ACL Order of Precedence
When multiple ACLs are assigned to a port, they are evaluated in numeric sequence, based on the
ACL number. Lower-numbered ACLs take precedence over higher-numbered ACLs. For example,
ACL 1 (if assigned to the port) is evaluated first and has top priority.
If multiple ACLs match the port traffic, only the action of the one with the lowest ACL number is
applied. The others are ignored.
If no assigned ACL matches the port traffic, no ACL action is applied.
RS G8124(config)# interface port <port>
RS G8124(config-ip)# access-control list <Regular ACL number>
RS G8124(config-ip)# access-control list6 <IPv6 ACL number>