hit counter script

Rule Order; Configuring Acls On The System; Creating Acls - Cisco ASR 5500 System Administration Manual

Hide thumbs Also See for ASR 5500:
Table of Contents

Advertisement

Rule Order

Rule Order
A single ACL can consist of multiple rules. Each packet is compared against each of the ACL rules, in the
order in which they were entered, until a match is found. Once a match is identified, all subsequent rules are
ignored.
Additional rules can be added to an existing ACL and properly ordered using either of the following options:
• Before
• After
Using these placement options requires the specification of an existing rule in the ACL and the configuration
of the new rule as demonstrated by the following flow:
[ before | after ] { existing_rule }

Configuring ACLs on the System

This section describes how to configure ACLs.
Important
To configure the system to provide an access control list facility to subscribers:
Step 1
Create the access control list by following the example configuration in
Step 2
Specify the rules and criteria for action in the ACL list by following the example configuration in
and Criteria for Subscriber Traffic, on page 187
Step 3
Optional. The system provides an "undefined" ACL that acts as a default filter for all packets into the context. The default
action is to "permit all". Modify the default configuration for "unidentified" ACLs for by following the example
configuration in
Step 4
Verify your ACL configuration by following the steps in
Step 5
Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode
save configuration command. For additional information refer to the Verifying and Saving Your Configuration chapter.

Creating ACLs

To create an ACL, enter the following command sequence from the Exec mode of the system CLI:
configure
context acl_ctxt_name [ -noconfirm ]
ASR 5500 System Administration Guide, StarOS Release 21.5
186
This section provides the minimum instruction set for configuring access control list on the system. For
more information on commands that configure additional parameters and options, refer to the ACL
Configuration Mode Commands and IPv6 ACL Configuration Mode Commands chapters in the Command
Line Interface Reference.
Configuring an Undefined ACL, on page 187
Creating ACLs, on page 186
Verifying the ACL Configuration, on page 188
Access Control Lists
Configuring Action

Advertisement

Table of Contents
loading

Table of Contents