When activating an ACL on an interface, you must specify in which direction the traffic should be filtered:
Inbound (as the traffic comes into an interface)
Outbound (before the traffic exits an interface)
Inbound ACLs:
Incoming packets are processed before they are routed to an outbound interface. An inbound ACL is efficient because it saves the overhead of routing lookups if the packet will be discarded after it is denied by the filtering tests. If the packet is permitted by the tests, it is processed for routing.
Outbound ACLs:
Incoming packets are routed to the outbound interface and then processed through the outbound ACL.
Access List Ranges
| Type | Range | |||
| IP Standard | 1–99 | |||
| IP Extended | 100–199 | |||
| IP Standard Expanded Range | 1300–1999 | |||
| IP Extended Expanded Range | 2000–2699 |
http://computernetworkingnotes.com/network-security-access-lists-standards-and-extended/access-control-list.html
The topic on Access Control Lists are very easy to understand and proper paragraphing as well as spacing makes it easy for the user to read. From this topic, I was able to understand what ACL was about as well as the types of ACLs, mainly Inbound ACLs and Outbound ACLs. I was also able to understand the Access List Ranges as well as the types of ACLs.
ReplyDeleteThe topic on CBAC has allowed me to understand that it is able to filter packets based on application layer protocol session information and can be used for intranets, extranets and internets as well as many other things.
From your post about the Access Control Lists, I can understand more about what Access Control Lists do. Firstly, I have learned that access lists filter network traffic by controlling whether routed packets are forwarded or blocked at the router's interfaces. Secondly, I have learned that access list criteria could be the source address of the traffic, the destination address of the traffic, the upper-layer protocol, or other information and no authentication is required whatsoever. Lastly, I have learned why we should configure access control lists.
ReplyDeleteUr post helps me to understand more about access control lists. like how access lists filter network traffic by controlling whether routed packets are forwarded or blocked at the router's interfaces, the two different interfaces (Inbound, outbound)and what both interfaces does and lastly, the ranges of access list, very good post!
ReplyDelete-Adler
Very informative and very high quality work coming from you yet again! You've earned yourself a loyal subscriber. I'm fond of reading your blog as it provides a well thought out and well-written articles on many networking topics. This help dummies like myself understand clearly what are these topics about, you are simply the best! Hope you could have a great day ahead! Hope you could include the usage of pictures, as a popular saying goes that a picture speaks a thousand words, hence, hope you could consider my suggestion and create a better article than before. I know you can do it. I will root for you, thank you for all the great and insightful articles that you have written over the years.
ReplyDelete