Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N2000 Series
711712713714715716717718719720
Access Control Lists 715
Inbound rule allowing access FROM hosts with IP addresses ranging from
10.0.46.0 to 10.0.47.254:
permit ip 10.0.46.0 0.0.1.255 any
Inbound rule allowing access TO hosts with IP addresses ranging from
10.0.48.0 to 10.0.49.254:
permit ip any 10.0.48.0 0.0.1.255
As the last rule in an administrator-defined list, the narrower scope of this
inbound rule has no effect other than to possibly interfere with switch
management access or router operations. The system installs an implicit
deny every rule after the end of the last access group bound to an interface:
500 deny ip any any
Internal System ACLs
The switch installs a number of internal ACLS to trap packets to the switch
CPU for processing. Examples of these types of packets are IEEE 802.1X
EAPOL packets, IP source guard packets, LLPF packets, LLDP packets, IEEE
802.1AD packets, etc. These internal ACLs are generally configured at the
lowest priority (higher numerically) so that the switch administrator, through
the use of ACLs, can override the default switch behavior. An example is an
ACL that matches only on the source MAC address. Some of the system rules
are installed when the administrator enables specific protocols; other rules are
always present and may have their behaviors altered by enabling or disabling
protocols, e.g., iSCSI or LLPF. For example, spanning tree BPDUs, LLDP
packets, and IEEE 802.1X packets are never forwarded by the switch by
default.