tailieunhanh - IOS_Access Control Lists Made Easy

It is assumed that different readers will have different levels of experience with Access Control Lists (ACLs). Some will have no experience. Others will have dabbled with ACLs in lab envi- ronments. Still others will have extensive real-world experience with the implementation of ACLs. The goal of this white paper is to be interesting to readers with any level of ACL experi- ence. The ACL novice should gain an appreciation and understanding of what goes into the definition of an ACL. And hopefully the ACL expert can also gain an insight or two from the material | Global Knowledge Expert Reference Series of White Papers B ÂÉ ïB B KMOOOOCOtl B 1. MO IOS Access Control Lists Made Easy MO 1-800-COURSES IOS Access Control Lists Made Easy Kurt E. Patzer Global Knowledge Instructor CCSP CCNP CCSI 7 . Introduction It is assumed that different readers will have different levels of experience with Access Control Lists ACLs . Some will have no experience. Others will have dabbled with ACLs in lab environments. Still others will have extensive real-world experience with the implementation of ACLs. The goal of this white paper is to be interesting to readers with any level of ACL experience. The ACL novice should gain an appreciation and understanding of what goes into the definition of an ACL. And hopefully the ACL expert can also gain an insight or two from the material. What Is an ACL Try to define an ACL using just two words. Did you come up with packet filter This is the most common response and for good reason. It is intuitive because it is indeed a two-word definition and it describes a very common use for ACLs. The problem with this definition is that ACLs can be used for many objectives other than filtering packets. For example ACLs can be used to define which queue a packet will enter when using custom queuing or priority queuing. In either of these cases packets aren t filtered. They are simply sent to the front middle or end of the line depending on certain criteria. Another example is to use ACLs to define interesting traffic for a dial-on-demand link. When applied this way the ACL defines traffic that is important enough to have the router pick up the phone and incur toll charges. Once the phone call is connected all traffic is allowed across the link not just interesting traffic. If you want only interesting traffic to cross the link you must also apply the ACL to the interface. A third use for an ACL is to reference the ACL within a crypto map where it defines interesting traffic for an IPSec .

TỪ KHÓA LIÊN QUAN