Shulou(Shulou.com)06/02 Report--

ACL: access control list access control list

Definition: a list of instructions for router and switch interfaces that are used to control packets entering and leaving the port. Tell the router which packets can be received and which packets need to be rejected to ensure that network resources are not illegally used and accessed. ACL applies to all routed protocols that are the instruction list of router and switch interfaces, which are used to control packets entering and leaving the port. Tell the router which packets can be received and which packets need to be rejected to ensure that network resources are not illegally used and accessed. ACL applies to all routed protocols

Principle: an ACL is a set of rules.

In an ACL, there are several different subdivision entries

Different items are distinguished by number

When matching traffic through ACL, each "subdivision entry" is checked in order of number from smallest to largest:

If it can match, perform the previous action (deny/permit); if not, continue to check the next "subdivision entry"; if it does not match in the end, execute the last default "subdivision entry" of ACL-reject all (deny any)!

Note: any type of ACL ends up with a "reject all" entry

Denote ID: represent different ACL by numbers

Name: different ACL is represented by name

classification

Cisco:

Standard ACL: when matching traffic, only the source IP address of the traffic can be matched

Number range: 1-99

Location: close to the destination

Extended ACL: when matching traffic, the source IP address, destination IP address and TCP/UDP+ port number of the traffic can be matched at the same time

Number range: 100-199

Location: close to sourc

Expand ACL matching traffic to be more accurate

Traffic is made up of five tuples: source MAC; destination MAC; source IP; destination IP; transport into a protocol

Huawei:

Ip-ACL (layer 3 acl)

Basic ACL-basic ACL-> Standard ACL

Advanced ACL- advanced ACL---- > extended ACL

Note 1. Wildcard 0 for exact 1 for random

2.ACL does not work on traffic initiated by local devices, only on traversing traffic

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.