COMMAND LINE INTERFACE

with the address for each IP packet entering the port(s) to which this ACL has been assigned.

You can specify both Precedence and ToS in the same rule. However, if DSCP is used, then neither Precedence nor ToS can be specified.

The control-code bitmask is a decimal number (representing an equivalent bit mask) that is applied to the control code. Enter a decimal number, where the equivalent binary bit “1” means to match a bit and “0” means to ignore a bit. The following bits may be specified:

-1 (fin) – Finish

-2 (syn) – Synchronize

-4 (rst) – Reset

-8 (psh) – Push

-16 (ack) – Acknowledgement

-32 (urg) – Urgent pointer

For example, use the code value and mask below to catch packets with the following flags set:

-SYN flag valid, use “control-code 2 2”

-Both SYN and ACK valid, use “control-code 18 18”

-SYN valid and ACK invalid, use “control-code 2 18”

Example

This example accepts any incoming packets if the source address is within subnet 10.7.1.x. For example, if the rule is matched; i.e., the rule (10.7.1.0 & 255.255.255.0) equals the masked address (10.7.1.2 & 255.255.255.0), the packet passes through.

Console(config-ext-acl)#permit 10.7.1.1 255.255.255.0 any Console(config-ext-acl)#

This allows TCP packets from class C addresses 192.168.1.0 to any destination address when set for destination TCP port 80 (i.e., HTTP).

Console(config-ext-acl)#permit 192.168.1.0 255.255.255.0 any destination-port 80

Console(config-ext-acl)#

4-127

Page 418 Page 420
Page 419
Image 419
SMC Networks SMC6824M manual 127
Page 418 Page 420

SMC6824M specifications

The SMC Networks SMC6824M is a robust and reliable managed switch that caters to the needs of small to mid-sized businesses, as well as enterprise environments. This switch is designed to provide enhanced performance, scalability, and security for network infrastructures that require efficient traffic management and comprehensive control.

One of the key features of the SMC6824M is its 24 10/100/1000BASE-T ports, which offer lightning-fast Ethernet connectivity. These ports are capable of auto-negotiation, allowing devices to automatically adjust their settings for optimal performance, making it easier to integrate various hardware into existing networks. Additionally, the switch includes four Gigabit SFP slots for fiber uplinks, which allow for extended connectivity options and improved network design.

The SMC6824M employs advanced Layer 2 and Layer 3 functionalities, giving network administrators the tools they need to manage their networks effectively. It supports features like VLAN (Virtual Local Area Network) support and Quality of Service (QoS), ensuring efficient bandwidth management and enhanced performance for critical applications. Through VLAN segmentation, it can isolate network traffic for different departments or functions, enhancing security and reducing congestion.

The switch also offers comprehensive network management capabilities through SNMP (Simple Network Management Protocol) and a web-based interface, enabling easy configuration, monitoring, and troubleshooting. The SMC6824M includes support for port mirroring, which is important for diagnostics and monitoring network performance.

Another significant characteristic of the SMC6824M is its redundancy features, which include IEEE 802.1d Spanning Tree Protocol (STP) to prevent loops and provide network resilience. This is essential for maintaining continuous operation, especially in dynamic environments where network availability is critical.

In terms of security, the SMC6824M supports 802.1X port-based authentication, ensuring that only authorized devices gain access to the network. This feature is crucial for protecting sensitive data and maintaining the integrity of the network.

Overall, the SMC Networks SMC6824M is a versatile and feature-rich managed switch that delivers the performance and flexibility required to support growing networks. Its combination of layer management, security features, and user-friendly interface makes it an excellent choice for organizations looking to enhance their network infrastructure.
Top Page Image Contents