Saturday, October 27, 2012

Access Control Lists

Access-Control Lists (ACLs)

Access-Control Lists consist of one or multiple Access-Control Entries/Rules.
Each entries or rule has Permit/Deny condition.

Utilize Access-Control Lists for:
- to Identify Traffic
     Identify INTERESTING TRAFFIC, for example VPN or ISDN traffic
     Identify ROUTES to FILTER/ALLOW in ROUTING UPDATES
     Identify TRAFFIC for QoS purpose
- to Filter Traffic
     
 To Filter Traffic
- PERMIT is used to ALLOW TRAFFIC
- DENY is used to BLOCK TRAFFIC

To Identify Traffic
- PERMIT is used to INCLUDE TRAFFIC
- DENY is used to NOT INCLUDE TRAFFIC


NOTES:
ACL: Identify Traffic and Filter Traffic
IP Prefix-List: Match Routes (Not Traffic)
Route-Map: Advanced version of ACL.  Use for Permit/Deny Traffic, Perform Action and Modify Traffic

Distribute List: Filter Routing Updates.
     Distribute-List uses Access-List or Prefix-List



No comments:

Post a Comment