Manualshelf

Configuration Guide for A7000 dl T1 and E1 WAN Interfaces 2005-12

ManualsBrandsHP ManualsComputer AccessoriesHP 1-port ADSL2 + Annex A dl Module
11121314151617181920
Understanding SROS Queuing Methods Binding Physical and Virtual Interfaces
5991-3823 17
Binding Physical and Virtual Interfaces
Virtual interfaces must be bound to physical interfaces to create a WAN interface where L2 signaling
occurs. Use the bind command to connect the physical and virtual interfaces. A single virtual interface is
assigned to a single physical interface, except in the case of multilink operation, where one virtual interface
is connected with multiple physical interfaces. Each created bind has a unique label identifier and specifies
a virtual and a physical interface.
The following command listing depicts three binds to a multilink Frame Relay interface and a single bind
to a PPP interface. Each bind has a unique label identifier (1 through 4):
ProCurve>enable
ProCurve#config terminal
ProCurve(config)#bind 1 t1 3/1 1 fr 1
ProCurve(config)#bind 2 t1 3/2 2 fr 1
ProCurve(config)#bind 3 t1 3/3 3 fr 1
ProCurve(config)#bind 4 t1 3/8 4 ppp 1
Creating Access Lists and Policies
Access lists (ACLs) and access policies (ACPs) are used to regulate traffic through your routed network.
ACLs and ACPs can block, filter, and manipulate traffic to make your network more secure.
ACLs are traffic selectors that include a “matching” parameter (to select the traffic) and an action
statement (to either permit or deny the matched traffic). Standard ACLs (using the ip access-list standard
command) provide pattern matching for source IP addresses only. Use extended ACLs (using the ip
access-list extended command) for more flexible pattern matching (including destination IP addresses).
ACPs use configured ACLs to permit, deny, or manipulate (using NAT) data on each interface where the
ACP is applied. When packets are received on an interface, the configured ACPs are applied to determine
whether the data will be processed or discarded. Creating access policies is a five-step process:
1. Determine what traffic needs to be regulated.
2. Enable the security features (using the ip firewall command).
3. Create an ACL to act as a traffic selector.
4. Create an ACP to either permit, deny, or manipulate (using NAT) the traffic selected using an access list.
5. Apply the ACP to an interface (or multiple interfaces).
Access List Traffic Selectors
ACLs include a matching parameter (to select traffic) and an action statement (to either permit or deny the
matched traffic). Standard ACLs provide pattern matching for source IP addresses only. To create a
standard ACL (labeled MYLIST), use the following command:
(config)#ip access-list standard MYLIST
(config-std-nacl)#
Note
When configuring interfaces using the Web GUI, binding virtual interfaces to physical
interfaces is automatic and does not require an additional step.