Manualshelf

Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N1500 Series
641642643644645646647648649650
646 Access Control Lists
using the routing table. A default route in the routing table is not
considered an explicit route for an unknown destination address. This type
of rule takes priority over default entries in the routing table.
IP precedencePackets matching the ACL criteria have their IP
precedence rewritten. The IP precedence value is the 4 ToS bits in the IP
packet header.
The following table summarizes the actions taken by the routing policy
depending on the combination of ACL and route-map permit and deny rules:
In the table, the Action column indicates the disposition of the packet:
Next
means fall through to next route-map, and if there are no further
route-maps to be processed, route the packet using the default routing
table.
Set
means route the packet per the action in the set clause.
Route
means route the packet with the default routing table.
In the last column of the table (Optimized), a Yes entry means the rule is
never processed in hardware because the action, if any, is to fall through to the
next match criteria. The system optimizes out deny ACL match clauses and
never processes them in the system hardware. Counters for these match
clauses will always show 0.
ACL Match Route-Map Outcome Action Optimized
Permit Yes Permit Permit Set No
Permit No Permit Deny Next No
Permit Yes Deny Permit Route No
Permit No Deny Deny Next No
Deny Yes Permit Deny Next Yes
Deny No Permit Deny Next Yes
Deny Yes Deny Deny Next Yes
Deny No Deny Deny Next Yes