Patton electronic SmartNode 4110 Series manual Configuring access control lists

Configuring access control lists

Packet filtering helps to control packet movement through the network. Such control can help to limit net- work traffic and to restrict network use by certain users or devices.

An access control list is a sequential collection of permit and deny conditions that apply to packets on a certain interface. Access control lists can be configured for all routed network protocols (IP, ICMP, TCP, UDP, and SCTP) to filter the packets of those protocols as the packets pass through a SmartNode. SmartWare tests pack- ets against the conditions in an access list one by one. The first match determines whether SmartWare accepts or rejects the packet. Because SmartWare stops testing conditions after the first match, the order of the condi- tions is critical. If no conditions match, the software rejects the address.

For information and examples on how configure access control lists, refer to chapter 24, “Access control list configuration” on page 253.

Configuring quality of service (QoS)

The link scheduler enables the definition of QoS profiles for network traffic on a certain interface, as shown in figure 16 on page 115. QoS refers to the ability of a network to provide improved service to selected network traffic over various underlying technologies including Frame Relay, Ethernet and 802.x type networks, and IP- routed networks. In particular, QoS features provide improved and more predictable network service by pro- viding the following services:

•Supporting dedicated bandwidth

•Improving loss characteristics

•Avoiding and managing network congestion

•Shaping network traffic

•Setting traffic priorities across the network

The QoS features described in chapter 13, “Link scheduler configuration” on page 151 address these diverse and common needs.