Shulou(Shulou.com)06/01 Report--

This article introduces the knowledge of "Overview and function introduction of ACL Standard access Control list". Many people will encounter this dilemma in the operation of actual cases, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

Overview

The access control list reads the header information of the third layer and the fourth layer, and filters the header according to the predefined rules. A list of instructions applied to a router interface to tell the router which packets can be received and which packets need to be rejected.

Access control is the main strategy of network security prevention and protection, and its main task is to ensure that network resources are not used and accessed illegally. It is one of the most important core strategies to ensure network security. Access control also involves a wide range of technologies, including network access control, network access control, directory-level control and attribute control and other means.

An access control list is a list of instructions applied to a router interface. These instruction lists are used to tell the router which packets can be received and which packets need to be rejected. Whether a packet is received or rejected can be determined by specific indication conditions such as source address, destination address, port number, and so on.

Access control list can not only control network traffic and flow direction, but also play a key role in protecting network devices and servers to a great extent. As the first barrier for the external network to enter the intranet, the access control list on the router has become an effective means to protect the security of the intranet.

In addition, access control lists are required in many other configuration tasks of the router, such as network address translation (Network Address Translation,NAT), dial-on-demand routing (Dial on Demand Routing,DDR), route redistribution (Routing Redistribution), policy routing (Policy-Based Routing,PBR), and so on.

Function

1) limit network traffic and improve network performance. For example, ACL can specify that this type of packet has a higher priority according to the protocol of the packet, and can be pre-processed by the network device in the same case.

2) provide the means to control the communication flow.

3) provide basic security means for network access.

4) at the network device interface, determine which type of traffic is forwarded and which type of traffic is blocked.

classification

Standard access control list

Extended access control list

Named access control list * *

The direction in which access control lists are applied to interfaces

Outgoing: packets that have been processed by the router and are leaving the interface of the router

Incoming: packets that have arrived at the router interface will be processed by the router

Type of access control list

Standard access control list

1 filter packets based on source IP address

2 the access control list number of the standard access control list is 1: 99

Expand access control list

1 filter packets based on source IP address, destination IP address, specified protocol, port, and flag

2 the access control list number of the extended access control list is 1000199

Named access control list

Named access control lists allow names to be used instead of table numbers in standard and extended access control lists

Configuration of standard access control lists

Create ACL

Router (config) # access-list access-list-number {permit | deny} source [source-wildcard]

Delete ACL

Router (config) # no access-list access-list-number

Example

Disable host PC2 access to R1 and allow other traffic

The experimental topology diagram is as follows

1 configure according to the topology diagram

2. Complete configuration and test interoperability

3 the interconnection of the whole network, configure the access control list as required

ACL access control lists are set on routers or layer 3 switching, and this lab is configured on R1

4 access control list configuration completed, test interoperability

This is the end of the introduction of "Overview and function introduction of ACL Standard access Control list". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.