Creating Named Standard IP ACLs

Chapter 14 Configuring Access Control Lists on the ML-Series Card

ML-Series ACL Support

To create a named standard IP ACL, perform the following procedure, beginning in global configuration mode:

	Command	Purpose
Step 1
Step 1	ML_Series(config)# ip access-list	Defines a standard IP ACL using an alphabetic
	standard name	name.
Step 2
Step 2	ML_Series(config-std-nac1)# {deny	In access-list configuration mode, specifies one or
	permit} {source [source-wildcard] any}	more conditions as permitted or denied. This
		determines whether the packet is passed or dropped.
Step 3
Step 3	ML_Series(config)# exit	Exits access-list configuration mode.

Creating Named Extended IP ACLs (Control Plane Only)

To create a named extended IP ACL, perform the following procedure, beginning in global configuration mode:

	Command	Purpose
Step 1
Step 1	ML_Series(config)# ip access-list extended	Defines an extended IP ACL using an alphabetic
	name	name.
Step 2
Step 2	ML_Series(config-ext-nacl)# {deny permit}	In access-list configuration mode, specifies the
	protocol source source-wildcard destination	conditions allowed or denied.
	destination-wildcard [precedence
	precedence] [tos tos]	Or:
		Or:
	or	Defines an extended IP ACL using an abbreviation
		for a source and source wildcard of 0.0.0.0
	{deny permit} protocol any any	255.255.255.255, and an abbreviation for a
	or	destination and destination wildcard of 0.0.0.0
	or	255.255.255.255.
		255.255.255.255.
	{deny permit} protocol host source host	Or:
	destination	Or:
	destination	Defines an extended IP ACL using an abbreviation
		Defines an extended IP ACL using an abbreviation
		for a source and source wildcard of source 0.0.0.0,
		and an abbreviation for a destination and
		destination wildcard of destination 0.0.0.0.

Applying the ACL to an Interface

After you create an ACL, you can apply it to one or more interfaces. ACLs can be applied on either the inbound or the outbound direction of an interface. When controlling access to an interface, you can use a name or number. If a standard ACL is applied, the ML-Series card compares the source IP address with the ACL. To apply an ACL to one or more interfaces, use the command in Table 14-2.

Note IP standard ACLs applied to the ingress of a Bridge Group Virtual Interface (BVI) will be applied to all bridged IP traffic in the associated bridge-group, in addition to the BVI ingress traffic.

Cisco ONS 15310-CL, ONS 15310-MA, and ONS 15310-MA SDH Ethernet Card Software Feature and Configuration Guide, R9.1 and R9.2

14-4	78-19415-01

ONS 15310-CL, ONS 15310-MA, Cisco ONS 15310-MA specifications

Cisco Systems has long been a leader in networking and telecommunications technology, and among its impressive lineup of products, the Cisco ONS 15310 series stands out as an essential solution for optical networking. This series includes models such as the ONS 15310-MA, ONS 15310-CL, and ONS 15310-CA, each designed to meet the diverse needs of service providers and enterprises seeking to enhance their optical transport networks.

The Cisco ONS 15310-MA is an advanced multi-service platform designed for metropolitan area networks. It facilitates the seamless transport of data, voice, and video over optical networks. One of its main features is its ability to support a variety of interfaces, including Ethernet, SONET/SDH, and Wavelength Division Multiplexing (WDM), allowing users to integrate multiple services into a single platform. Additionally, the ONS 15310-MA supports advanced traffic management and Quality of Service (QoS) features to prioritize critical applications and ensure consistent performance.

The ONS 15310-CL variant is tailored for more specific applications, providing enhanced capabilities aimed at delivering carrier-grade services. It features a robust architecture that accommodates high-capacity traffic without compromising reliability. This model emphasizes low power consumption and a compact design, making it suitable for deployment in space-constrained environments. The ONS 15310-CL also supports a wide range of optical interfaces, making it highly flexible for various network configurations.

In terms of technologies, the Cisco ONS 15310 series leverages Optical Transport Network (OTN) capabilities, providing high efficiency and greater bandwidth utilization. OTN technology enables efficient error correction and adds resilience to the network through its built-in protection mechanisms. Furthermore, the series supports seamless integration with existing IP/MPLS networks, creating a cohesive infrastructure as organizations evolve their networking requirements.

One of the defining characteristics of the ONS 15310 series is its focus on scalability. Network operators can start with a modest deployment and gradually expand capacity as demand grows. This adaptability is complemented by Cisco's comprehensive management and monitoring tools, providing operators with real-time insights into network performance and facilitating proactive management.

In conclusion, the Cisco ONS 15310-MA and ONS 15310-CL models represent sophisticated solutions for modern optical networks. With their versatile features, advanced technologies, and robust design, they empower service providers and enterprises to build resilient, high-capacity networks that meet the demands of today’s data-driven world.

Cisco Systems Cisco ONS 15310-MA, ONS 15310-CL manual Creating Named Standard IP ACLs, 14-4

Models: ONS 15310-CL ONS 15310-MA Cisco ONS 15310-MA