Intel® Gigabit Ethernet Switch AXXSW1GB User Guide 17
Defining Access Control Lists
Access Control Lists (ACL) allow network managers to define classification actions and
rules for specific ingress ports. Packets entering an ingress port, with an active ACL, are
either admitted or denied entry. If they are denied entry, the user can disable the port.
For example, an ACL rule is defined that states, port number 20 can receive TCP packets,
however, if a UDP packet is received, the packet is dropped. ACLs are composed of
access control entries (ACEs) that are rules that determine traffic classifications.
When configuring ACLs consider the following:
• The maximum number of ACEs/rules per a single ACL are 1018.
• The maximum number of ACEs/rules in all ACLs are 1021.
• The maximum number of ACLs applied to a single interface are 256.
Stages for configuring ACLs:
1. Define an ACL and the initial ACL Rule.
2. Add additional rules to the ACL.
This section contains the following topics:
• Defining MAC Based Access Control Lists
• Defining IP Based Access Control Lists