Chapter 17: Access Control List Configuration Guide

This command creates a Profile ACL called prof3 that uses as its selection criteria all IGMP traffic on the SSR:

ssr(config)# acl prof3 permit igmp

The following command causes packets matching Profile ACL prof3’s selection criteria (that is, all IGMP traffic) to be copied to mirror port et.1.2.

ssr(config)# port mirroring monitor-port et.1.2 target-profile prof3

See “Configuring the SSR for Port Mirroring” on page 297 for more information on using the port mirroring command.

Using Profile ACLs with the Web Caching Facility

Web caching is the SSR’s ability to direct HTTP requests for frequently accessed Web objects to local cache servers, rather than to the Internet. Since the HTTP requests are handled locally, response time is faster than if the Web objects were retrieved from the Internet.

You can use Profile ACLs with Web caching in two ways:

Specifying which HTTP traffic should always (or never) be redirected to the cache servers

Specifying characteristics of Web objects that should not be cached

Redirecting HTTP Traffic to Cache Servers

You can use a Profile ACL to specify which HTTP traffic should always (or never) be redirected to the cache servers. (By default, when Web caching is enabled, all HTTP traffic from all hosts is redirected to the cache servers unless you specify otherwise.)

For example, you can specify that packets with a source address of 10.10.10.10 and a destination address of 1.2.3.4 always are sent to the Internet and never to the cache servers. The following commands illustrate this example.

This command creates a Profile ACL called prof4 that uses as its selection criteria all packets with a source address of 10.10.10.10 and a destination address of 1.2.3.4 :

ssr(config)# acl prof4 permit ip 10.10.10.10 1.2.3.4

The following command creates a Web caching policy that prevents packets matching Profile ACL prof4’s selection criteria (that is, packets with a source address of 10.10.10.10

SmartSwitch Router User Reference Manual

267

Page 267
Image 267
Cabletron Systems SmartSwitch Using Profile ACLs with the Web Caching Facility, Redirecting Http Traffic to Cache Servers