COMMAND LINE INTERFACE

Egress MAC ACLs only work for destination-mac-known packets, not for multicast, broadcast, or destination-mac-unknown packets.

The order in which active ACLs are checked is as follows:

1.User-defined rules in the Egress MAC ACL for egress ports.

2.User-defined rules in the Egress IP ACL for egress ports.

3.User-defined rules in the Ingress MAC ACL for ingress ports.

4.User-defined rules in the Ingress IP ACL for ingress ports.

5.Explicit default rule (permit any any) in the ingress IP ACL for ingress ports.

6.Explicit default rule (permit any any) in the ingress MAC ACL for ingress ports.

7.If no explicit rule is matched, the implicit default is permit all.

Masks for Access Control Lists

You must specify masks that control the order in which ACL rules are checked. The switch includes two system default masks that pass/filter packets matching the permit/deny the rules specified in an ingress ACL. You can also configure up to seven user-defined masks for an ACL. A mask must be bound exclusively to one of the basic ACL types (i.e., Ingress IP ACL, Egress IP ACL, Ingress MAC ACL or Egress MAC ACL), but a mask can be bound to up to four ACLs of the same type.

Table 4-35 Access Control List Commands

Command Groups

Function

Page

 

 

 

IP ACLs

Configures ACLs based on IP addresses, TCP/UDP

4-122

 

port number, protocol type, and TCP control code

 

 

 

 

MAC ACLs

Configures ACLs based on hardware addresses, packet

4-138

 

format, and Ethernet type

 

 

 

 

ACL Information

Displays ACLs and associated rules; shows ACLs

4-150

 

assigned to each port

 

 

 

 

4-121

Page 412 Page 414
Page 413
Image 413
SMC Networks SMC6824M manual Masks for Access Control Lists, Access Control List Commands, Command Groups Function
Page 412 Page 414

SMC6824M specifications

The SMC Networks SMC6824M is a robust and reliable managed switch that caters to the needs of small to mid-sized businesses, as well as enterprise environments. This switch is designed to provide enhanced performance, scalability, and security for network infrastructures that require efficient traffic management and comprehensive control.

One of the key features of the SMC6824M is its 24 10/100/1000BASE-T ports, which offer lightning-fast Ethernet connectivity. These ports are capable of auto-negotiation, allowing devices to automatically adjust their settings for optimal performance, making it easier to integrate various hardware into existing networks. Additionally, the switch includes four Gigabit SFP slots for fiber uplinks, which allow for extended connectivity options and improved network design.

The SMC6824M employs advanced Layer 2 and Layer 3 functionalities, giving network administrators the tools they need to manage their networks effectively. It supports features like VLAN (Virtual Local Area Network) support and Quality of Service (QoS), ensuring efficient bandwidth management and enhanced performance for critical applications. Through VLAN segmentation, it can isolate network traffic for different departments or functions, enhancing security and reducing congestion.

The switch also offers comprehensive network management capabilities through SNMP (Simple Network Management Protocol) and a web-based interface, enabling easy configuration, monitoring, and troubleshooting. The SMC6824M includes support for port mirroring, which is important for diagnostics and monitoring network performance.

Another significant characteristic of the SMC6824M is its redundancy features, which include IEEE 802.1d Spanning Tree Protocol (STP) to prevent loops and provide network resilience. This is essential for maintaining continuous operation, especially in dynamic environments where network availability is critical.

In terms of security, the SMC6824M supports 802.1X port-based authentication, ensuring that only authorized devices gain access to the network. This feature is crucial for protecting sensitive data and maintaining the integrity of the network.

Overall, the SMC Networks SMC6824M is a versatile and feature-rich managed switch that delivers the performance and flexibility required to support growing networks. Its combination of layer management, security features, and user-friendly interface makes it an excellent choice for organizations looking to enhance their network infrastructure.
Top Page Image Contents