Introduction - HP ProCurve 5300xl Series Management Manual

Access Control Lists (ACLs) for the Series 3400cl and Series 6400cl Switches

Introduction

Feature
Numbered ACLs
Standard ACLs
Extended ACLs
Named ACLs
Enable or Disable an ACL
Display ACL Data
Delete an ACL
Configure an ACL from a TFTP Server
Enable ACL Logging
Show ACL Resources
Access-List Resources Help
ACL Applications on Series 3400cl and 6400cl Switches
ACLs can filter traffic from a host, a group of hosts, or from entire subnets.
Where it is necessary to apply ACLs to filter traffic from outside a network or
subnet, applying ACLs at the edge of the network or subnet removes unwanted
traffic as soon as possible, and thus helps to improve system performance.
ACLs on the 3400cl/6400cl switches filter inbound traffic only and can rapidly
consume switch resources. Also, ACLs, QoS, and Rate-Limiting share the same
per-port mask resources on these switches. For these reasons, the best places
to apply ACLs on the 3400cl/6400cl switches are in "edge" positions where
filtering is likely to be less complex and resource-intensive than in core
network applications that are more likely to require the per-VLAN and
inbound/outbound ACL filtering available on the Series 5300xl switches.
General Application Options
Layer 3 IP filtering with Access Control Lists (ACLs) on the 3400cl/6400cl
switches enables you to improve network performance and restrict network
use by creating policies for:
Default Menu
None —
None —
—
—
n/a —
n/a —
n/a —
n/a —
Introduction
CLI Web
10-43 —
10-48 —
10-54 —
10-57 —
10-58 —
10-58 —
10-67 —
10-72 —
10-3