Manuals / Brands / Computer Equipment / Modem / ZyXEL Communications / Computer Equipment / Modem

ZyXEL Communications IES-612-51A ACL, 31.1 Access Control Logic (ACL) Overview, 31.1.1 ACL Profile Rules

1 444

Download 444 pages, 8.29 Mb

31

ACL

This chapter shows you how to set up ACL profiles on each port.

31.1 Access Control Logic (ACL) Overview

An ACL (Access Control Logic) profile allows the IES-612-51A to classify and perform actions on the upstream traffic. Each ACL profile consists of a rule and an action, and you assign ACL profiles to PVCs.

31.1.1 ACL Profile Rules

Each ACL profile uses one of 14 rules to classify upstream traffic. These rules are listed below by rule number.

1etype <etype> vlan <vid>

2etype <etype> smac <mac>

3etype <etype> dmac <mac>

4vlan <vid> smac <mac>

5vlan <vid> dmac <mac>

6smac <mac> dmac <mac>

7vlan <vid> priority <priority>

8etype <etype>

9vlan <vid>

10smac <mac>

11dmac <mac>

12priority <priority>

13protocol <protocol>

14{srcip <ip>/<mask>{dstip <ip>/<mask>{tos <stos> <etos> {srcport <sport> <eport> {dstport <sport> <eport>}}}}}

The input values for these values have the following ranges.

•<vid>: 1~4094

•<priority>: 1~7

•<etype>: 0~65535

•<protocol>: tcpudpospfigmpipgreicmp<ptype>

•<ptype>: 0~255

•<mask>: 0~32

	215
IES-612-51A User’s Guide	215

Contents

DEFAULT LOGIN Page About This User's Guide Document Conventions Icons Used in Figures Safety Warnings Page Page Contents Overview Routing Protocol, Alarm and Management CLI Commands Troubleshooting and Specifications Appendices and Index Table of Contents Page Page Part III: Advanced Application VLAN Page Page Part IV: Routing Protocol, Alarm and Management Part V: CLI Commands Page Page Page Page Page Page Part VI: Troubleshooting and Specifications Part VII: Appendices and Index Page List of Figures Page Page Page Page Page Page Page List of Tables Page Page Page PART Introduction Page Getting to Know the IES-612-51A 1.1 Overview 1.2 Applications 1.2.2 Curbside Application 1.3 Ways to Manage the IES-612-51A 1.4Good Habits for Managing the IES-612-51A Page Hardware Installation 2.1 General Installation Instructions 2.2Installation Scenarios 2.2.2Rack-MountedInstallation 2.2.2.1 Rack-mountedInstallation Requirements 2.2.2.2Rack-MountedInstallation Procedure Page Front Panel 3.1 Front Panel 3.2 LEDs 3.2.1 Console Port 3.2.1.1 Default Ethernet Settings 3.2.2 LAN Port (Ethernet) Connection 3.2.3 Notes About MDFs (Main Distribution Frames) 3.2.4Telco-50Cables 3.2.5 Telco-50Connections 3.2.6 ADSL Connections 3.2.7Typical MDF Scenarios 3.2.7.1 Installation Scenario A 3.2.7.2Installation Scenario B Page 3.2.7.3Installation Scenario C Page Page Basic Settings Page Introducing the Web Configurator 4.1 Web Configurator Overview 4.2 Screen Privilege Levels 4.3 Accessing the Web Configurator admin User Name Password 4.4 Navigation Panel Page 4.5 Changing Your Password 4.6Saving Your Configuration Config Save 4.7Logging Out of the Web Configurator Figure 19 Logout Page Initial Configuration 5.1 Initial Configuration Overview 5.2 Initial Configuration Apply IP setting Figure 22 VC Setup All Super Channel Copy 13 Click Config Save, Config Save. The Config Save screen appears Page Home and Port Statistics Screens 6.1 Home Screen 6.1.1 Ethernet Port Statistics Screen Page Page 6.1.2 DSL Port Statistics Screen Page 6.1.3 RMON Statistics Screen RMON DSL Port Statistics Ethernet Port Statistics Page 6.1.4 RMON History Screen RMON Statistics 6.1.5 RMON History Detail Screen RMON History Page Page System Information Page Page Page General Setup Page User Account 9.1 User Account Screen 9.2 Authentication Screen Page Page Switch Setup 10.1 GARP Timer Setup 10.2 Switch Modes 10.2.2 Port Isolation with Standalone Switch Mode Example 10.2.3 Daisychain Switch Mode 10.2.4 Port Isolation with Daisychain Switch Mode Example 10.3 Switch Setup Screen Page Page Page IP Setup Page ENET Port Setup Page xDSL Port Setup 13.1 ADSL Standards Overview 13.2 Downstream and Upstream 13.3 Profiles 13.4 Interleave Delay 13.5 Configured Versus Actual Rate 13.6 Default Settings 13.7 xDSL Port Setup Screen Page 13.7.1 xDSL Port Setting Screen Page Page Page 13.8 Virtual Channels 13.9 VC Setup Screen Figure 49 VC Setup Table 21 VC Setup Page Page 13.10 Priority-basedPVCs 13.11 PPVC Setup Screen 13.11.1 PPVC Setup Members Screen PPVC Setup PPVC Setup Members Page Page xDSL Profiles Setup 14.1 Port Profile Screen Page 14.2 ATM QoS 14.3 Traffic Shaping 14.3.2.1 Peak Cell Rate (PCR) 14.3.2.2 Sustained Cell Rate (SCR) 14.3.2.3 Maximum Burst Size (MBS) 14.3.2.4 Cell Delay Variation Tolerance (CDVT) 14.4 Upstream Policing 14.5VC Profile Screen Page 14.6 Alarm Profile Screen 14.7 IGMP Filtering 14.8 IGMP Filter Profile Screen Page xDSL Line Data 15.1 xDSL Line Rate Info Screen 15.2xDSL Performance Screen Page 15.3 xDSL Line Data Screen To open this screen, click Basic Setting, xDSL Line Data, Line Data Page ART Advanced Application Page VLAN 16.1 Introduction to VLANs 16.2 Introduction to IEEE 802.1Q Tagged VLAN 16.3 VLAN Status Screen Page 16.4 Static VLAN Setting Screen 16.5 VLAN Port Setting Screen Page Page Page IGMP 17.1 IGMP 17.2 IP Multicast Addresses 17.3 IGMP Status Screen Page 17.4 IGMP Bandwidth Screen 17.4.1 Bandwidth Port Setup Screen Bandwidth Setup, Port Setup 17.5 IGMP Setup Screen 17.6 IGMP Filter Setup Screen 17.7 IGMP Count Screen 17.8 IGMP Port Info Screen 17.9 IGMP Port Group Screen Page Page Static Multicast 18.1 Static Multicast 18.2 Static Multicast Screen Page Multicast VLAN 19.1 Multicast VLAN Overview 19.2 MVLAN Status Screen 19.3 MVLAN Setup Screen Page 19.4 MVLAN Group Screen Page Page Filtering 20.1 Packet Filter Screen Page MAC Filter 21.1 MAC Filter Introduction 21.2 MAC Filter Screen Page Spanning Tree Protocol 22.1 RSTP and STP Page 22.2 Spanning Tree Protocol Status Screen 22.3 Spanning Tree Protocol Screen Page Page Port Authentication 23.1 Introduction to Authentication 23.2 RADIUS Screen 23.3 802.1x Screen Page Port Security 24.1 Port Security Overview 24.2 Port Security Screen Page DHCP Relay 25.1 DHCP Relay 25.2 DHCP Relay Agent Information Option (Option 82) 25.3 DHCP Relay Screen Page Page DHCP Snoop 26.1 DHCP Snoop Overview 26.2 DHCP Snoop Screen 26.3 DHCP Snoop Status Screen 26.4 DHCP Counter Screen Page RFC 2684 Routed Mode 27.1 RFC 2684 Routed Mode 27.22684 Routed PVC Screen Page 27.3 2684 Routed Domain Screen 27.4 RPVC Arp Proxy Screen 27.5 2684 Routed Gateway Screen Page Page PPPoA to PPPoE 28.1 PPPoA to PPPoE Overview 28.2 PPPoA to PPPoE Screen Page Page 28.3 PPPoA to PPPoE Status Screen Page Page DSCP 29.1 DSCP Overview 29.2 DSCP Setup Screen 29.3 DSCP Map Screen TLS PVC 30.1 Transparent LAN Service (TLS) Overview 30.2 TLS PVC Screen Figure 107 TLS PVC Table 67 TLS PVC Page ACL 31.1 Access Control Logic (ACL) Overview 31.2 ACL Setup Screen Figure 108 ACL Setup Table 68 ACL Setup 31.3 ACL Profile Setup Screen 31.4 ACL Profile Map Screen Page Downstream Broadcast 32.1 Downstream Broadcast 32.2 Downstream Broadcast Screen Page Syslog 33.1 Syslog 33.2 SysLog Screen Page Access Control 34.1 Access Control Screen 34.2 Access Control Overview 34.3 SNMP Page 34.3.1 Supported MIBs 34.3.2 SNMP Traps 34.4 SNMP Screen 34.5 Service Access Control Screen 34.6 Remote Management Screen Page Page Routing Protocol Alarm and Management Page Static Routing Page Maintenance 36.1 Maintenance Screen 36.2 Firmware Upgrade Screen 36.3 Restore Configuration Screen 36.4 Backing Up a Configuration File 36.5 Load Factory Defaults 36.6 Reboot System 36.7 Command Line FTP Diagnostic 37.1 Diagnostic Screen Page Page Page MAC Table 38.1 Introduction to MAC Table 38.2MAC Table Screen ARP Table 39.1 Introduction to ARP Table 39.2 ARP Table Screen Figure 128 ARP Table Table 82 ARP Table Alarm 40.1 Alarm 40.2 Alarm Status Screen 40.3 Alarm Descriptions 40.4 Alarm Event Setup Screen Page 40.4.1 Edit Alarm Event Setup Screen 40.5 Alarm Port Setup Screen CLI Commands Page Commands Summary 41.1Command Line Interface Overview 41.2 Command Privilege Levels 41.3 Saving Your Configuration 41.4 Commands Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Command Examples 42.1 Command Examples Overview 42.2 Sys Commands 42.3 Log Format 42.3.1 Log Messages Page 42.4 Isolation Commands 42.5 Statistics Monitor Command 42.6 Statistics Port Command Page Alarm Commands 43.1 Alarm Commands 43.2 General Alarm Command Parameters 43.3 Alarm Show Command 43.4 Alarm Port Show Command 43.5 Alarm Port Set Command 43.6 Alarm Tablelist Command 43.7 Log Format 43.8 Alarm History Show Command 43.9Alarm History Clear Command 43.10 Alarm XEdit Command 43.11 Alarm Cutoff Command 43.12 Alarm Clear Command Page DHCP Commands 44.1 DHCP Relay Commands 44.1.3 Disable Command 44.1.4 Server Set Command 44.1.5 Server Delete Command 44.1.6 Server Active Command 44.2DHCP Relay Option 82 (Agent Information) Sub-option1 (Circuit ID) 44.3DHCP Relay Option 82 (Agent Information) Sub-option2 (Remote ID) 44.4 DHCP Snoop Commands 44.4.3 DHCP Snoop Flush Command 44.4.4 DHCP Snoop Show Command 44.4.5DHCP Counter Statistics Command 44.4.6 DHCP Snoop Statistics Command Page IEEE 802.1Q Tagged VLAN Commands 45.1 Introduction to VLANs 45.2 IEEE 802.1Q Tagging Types 45.3 Filtering Databases 45.4 IEEE VLAN1Q Tagged VLAN Configuration Commands 45.4.4 VLAN Set Command 45.4.4.1 Modify a Static VLAN Table Example 45.4.4.2Forwarding Process Example 45.4.5VLAN Frame Type Command 45.4.6 VLAN CPU Show Command 45.4.7 VLAN CPU Set Command 45.4.8Configuring Management VLAN Example 45.4.9 VLAN Delete Command 45.5 VLAN Enable 45.6 VLAN Disable Page MAC Commands 46.1 MAC Commands Overview 46.2 MAC Filter Commands 46.2.2 MAC Filter Enable Command 46.2.3 MAC Filter Disable Command 46.2.4 MAC Filter Mode Command 46.2.5 MAC Filter Set Command 46.2.6 MAC Filter Delete Command 46.3 MAC Count Commands 46.3.3 MAC Count Disable Command 46.3.4 MAC Count Set Command Page IGMP Commands 47.1 Multicast Overview 47.2 IGMP Snoop Commands 47.3 IGMP Filter Commands 47.3.3 IGMP Filter Profile Set Command Start IP End IP 47.3.4 IGMP Filter Profile Delete Command 47.4 IGMP Bandwidth Commands 47.5 IGMP Bandwidth Port Commands 47.5.1 IGMP Bandwidth Port Disable Command 47.5.2 IGMP Bandwidth Port Enable Command 47.5.3 IGMP Bandwidth Port Set Command 47.5.4 IGMP Bandwidth Port Show Command 47.6 IGMP Count Limit Commands 47.6.2 IGMP Count Enable Command 47.6.3 IGMP Count Set Command 47.6.4 IGMP Count Show Command 47.7 IGMP Snoop Statistics Commands 47.7.3 IGMP Port Info Statistics Command 47.7.4 IGMP Port Group Statistics Command 47.8Multicast VLAN Commands 47.8.2 Multicast VLAN Delete Command 47.8.3 Multicast VLAN Disable Command 47.8.4 Multicast VLAN Enable Command 47.8.5 Multicast VLAN Show Command 47.8.6Multicast VLAN Group Set Command 47.8.7 Multicast VLAN Group Delete Command 47.8.8 Multicast VLAN Group Show Command Packet Filter Commands 48.1 Packet Filter Commands 48.1.2 Packet Filter Set Command 48.1.3 Packet Filter PPPoE Only Command Page IP Commands 49.1 IP Commands Introduction 49.2 IP Settings and Default Gateway 49.3 General IP Commands 49.3.4 Route Delete Command 49.3.5 Route Show Command 49.4 Statistics IP Command Firmware and Configuration File Maintenance Commands 50.1 Firmware and Configuration File Maintenance Overview 50.2Filename Conventions 50.3 Editable Configuration File 50.3.2 Edit Configuration File 50.3.3Editable Configuration File Upload 50.4 Firmware File Upgrade Page SNMP Commands 51.1 SNMP Commands 51.1.4 Trap Community Command 51.1.5 Trap Destination Set Command 51.1.6 Show SNMP Settings Command ADSL Commands 52.1 DSL Port Commands 52.1.3 DSL Port Disable Command 52.1.4DSL Port Profile Show Command 52.1.5 DSL Port Profile Set Command Page 52.1.6 DSL Port Profile Delete Command 52.1.7 DSL Port Profile Map Command 52.1.8 DSL Port Name Command 52.1.9 DSL Port Tel Command 52.1.10 DSL Port Loopback Command 52.1.11 DSL Port Upstream PSD Command 52.1.12 DSL Port Downstream PSD Command 52.1.13 DSL Port Upstream Carrier Command 52.1.14 DSL Port Downstream Carrier0 Command 52.1.15 DSL Port Downstream Carrier1 Command 52.1.16PMM Parameters Command Page 52.1.17 Impulse Noise Protection Command 52.1.18 Annex L Enable Command 52.1.19 Annex L Disable Command 52.1.20 Annex M Enable Command 52.1.21 Annex M Disable Command 52.1.22 Annex I Enable Command 52.2 DSL Port Statistics Commands 52.2.2 Linedata Command 52.2.3 Lineinfo Command 52.2.4 Lineperf Command 52.2.5 15 Minute Performance Command 52.2.6 1 Day Performance Command 52.2.7 Line Diagnostics Set Command 52.2.8 Line Diagnostics Get Command Page 52.2.9 Line Diagnostics Get 992.3 Command Page 52.2.10 SELT Diagnostic Set Command 52.2.11 SELT Diagnostic Get Command 52.2.12 Tone Diagnostics 992.3 Command Page 52.3 Alarm Profile Commands 52.3.2 Alarm Profile Set Command 52.3.3 Alarm Profile Delete Command 52.3.4 Alarm Profile Map Command 52.3.5 Alarm Profile Showmap Command Page Virtual Channel Management Commands 53.1 Virtual Channel Management Overview 53.2 Virtual Channel Profile Commands Page 53.3 PVC Channels 53.3.2 PVC Set Command 53.4 Priority-basedPVCs 53.4.2 PPVC Member Set Command 53.5 PPVC Member Delete Command 53.6 PPVC Member Show Command 53.7 2684 Routed Mode Commands 53.7.12684 Routed Mode Example 53.7.2 RPVC Gateway Set Command 53.7.3 RPVC Gateway Show Command 53.7.4 RPVC Gateway Delete Command 53.7.5 RPVC Set Command 53.7.6 RPVC Show Command 53.7.7 RPVC Delete Command 53.7.8 RPVC Route Set Command 53.7.9 RPVC Route Show Command 53.7.10RPVC Route Delete Command 53.7.11 RPVC ARP Agingtime Set Command 53.7.12 RPVC ARP Agingtime Show Command 53.7.13 RPVC ARP Show Command 53.7.14 RPVC ARP Flush Command 53.8 PPPoA to PPPoE (PAE) Commands 53.8.3 PAE PVC Show Command 53.8.4 PAE PVC Session Command 53.8.5 PAE PVC Counter Command Page 53.9Transparent LAN Service (TLS) Commands 53.9.3 TLS PVC Show Command Page ACL Commands 54.1 ACL Profile Commands Page 54.1.2 ACL Profile Delete Command 54.1.3ACL Profile Show Map Command 54.1.4ACL Profile Show Command 54.2 ACL Assignment Commands 54.2.3 ACL Assignment Show Command Page Troubleshooting and Specifications Page Troubleshooting 55.1 The SYS LED Does Not Turn On 55.2The ALM LED Is On 55.3 LAN Port LEDs Do Not Turn On 55.4LAN Port Data Transmission 55.5 DSL Data Transmission 55.6There Is No Voice on a DSL Connection 55.7 Testing Wiring Page 55.8 Local Server 55.9Data Rate 55.10 Configured Settings 55.11 Password 55.12 System Lockout 55.13 SNMP 55.14 Telnet 55.15 Resetting the Defaults 55.15.2 Uploading the Default Configuration File Transfer Send File 1K Xmodem Send 55.16 Recovering the Firmware Page Product Specifications 56.1 Device Specifications 56.2 Firmware Features Page Page Page 56.3 Standards Supported 56.4 Default Settings Page 56.5Hardware Telco-50Connector Pin Assignments 56.6 Console Cable Pin Assignments Page Appendices and Index Page Copyright Certifications ZyXEL Limited Warranty Note Registration Page Required Information Corporate Headquarters (Worldwide) Costa Rica Czech Republic Denmark Finland France Germany Hungary India Japan Kazakhstan Malaysia North America Norway Poland Russia Singapore Spain Sweden Thailand Ukraine United Kingdom Page Index