Add/Edit IP ACE

Configuration > Classification > IP ACL > Add/Edit ACL > Add/Edit ACE

In this dialog box, you can specify the settings for a particular IP ACE.

To view the definition for a particular MIB variable, click the appropriate link from the following list:

The following list specifies buttons in this dialog box, as well as their function:


Protocol Type (capIpAceProtocolType)

The protocol number field in the IP header used to indicate the higher layer protocol. Values can range from 0 to 255. A value of "0" matches every IP packet.


Source IP (caqIpAceSrcIp)

The specified source IP address.


Source IP Mask (caqIpAceSrcIpMask)

The specified source IP address mask.


Destination IP (caqIpAceDestIp)

The specified destination IP address.


Destination IP Mask (caqIpAceDestIpMask)

The specified destination IP address mask.


ToS Matching Criteria (caqIpAceTosMatchCriteria)

Indicates the field of the ToS octet in the packet header to be matched. There are 3 possible values: none(1), matchDscp(2), and matchIpPrec(3).


IP Precedence (caqIpAceIpPrec)

Specifies the IP precedence value to be matched against.


DSCP Field (caqIpAceDscp)

Specifies the DSCP value to be matched against.


Protocol Matching Criteria (caqIpAceProtocolMatchCriteria)

Indicates the field in the packet header for ICMP, IGMP, TCP protocol to be matched. There are 5 possible values: none(1), matchIgmpType(2), matchIcmpType(3), matchIcmpTypeAndCode(4), and matchEstablished(5).


ICMP Code (caqIpAceIcmpCode)

Indicates the message code of ICMP packets. The code is a number from 0 to 255.


ICMP Type (caqIpAceIcmpType)

Indicates the message type of ICMP packets. The type is a number from 0 to 255.


IGMP Type (caqIpAceIgmpType)

Indicates the message type of IGMP packets. The type is a number from 0 to 15.


The following table outlines which policy types are supported by the IP, IPX, and MAC interfaces on Sup1 and Sup2 supervisor cards.

Table 1: Policy Types Supported

Policy Type

Sup1 Card

Sup2 Card

IP

IPX

MAC

IP

IPX

MAC

Micro Flow

Yes

No

No

Yes

No

No

Aggregate Flow

Yes

Yes

Yes

Yes

Yes

Yes

No Trust

Yes

Yes

Yes

Yes

No

No

Trust CoS

Yes

Yes

Yes

Yes

Yes

Yes

DSCP

Yes

No

No

Yes

No

No

IP Prec

Yes

No

No

Yes

No

No