Access-Control Lists (ACLs)
Access-Control Lists consist of one or multiple Access-Control Entries/Rules.
Each entries or rule has Permit/Deny condition.
Utilize Access-Control Lists for:
- to Identify Traffic
Identify INTERESTING TRAFFIC, for example VPN or ISDN traffic
Identify ROUTES to FILTER/ALLOW in ROUTING UPDATES
Identify TRAFFIC for QoS purpose
- to Filter Traffic
To Filter Traffic
- PERMIT is used to ALLOW TRAFFIC
- DENY is used to BLOCK TRAFFIC
To Identify Traffic
- PERMIT is used to INCLUDE TRAFFIC
- DENY is used to NOT INCLUDE TRAFFIC
NOTES:
ACL: Identify Traffic and Filter Traffic
IP Prefix-List: Match Routes (Not Traffic)
Route-Map: Advanced version of ACL. Use for Permit/Deny Traffic, Perform Action and Modify Traffic
Distribute List: Filter Routing Updates.
Distribute-List uses Access-List or Prefix-List
No comments:
Post a Comment