Appendix B. Tutorial: Access Lists

Previous page
Table of content
Next page

Access lists are probably misnamed these days. As the name implies, the original intention of an access list was to permit or deny access of packets into, out of, or through a router. Access lists have become powerful tools for controlling the behavior of packets and frames. Their use falls into three categories (see Figure B-1):

  • Security filters protect the integrity of the router and the networks to which they are passing traffic. Typically, security filters permit the passage of a few, well-understood packets and deny the passage of everything else.

  • Traffic filters prevent unnecessary packets from passing onto limited-bandwidth links. These filters look and behave much like security filters, but the logic is generally inverse: Traffic filters deny the passage of a few unwanted packets and permit everything else.

  • Packet identification is required for many tools available on Cisco routers, such as dialer lists, route filters, route maps, and queuing lists. The tools must be able to identify certain packets to function properly. Access lists might be linked to these and other tools to provide this packet identification function.

Figure B-1. Access lists are used as security filters, as traffic filters, and for packet identification.




Previous page
Table of content
Next page
CCIE Professional Development Routing TCP/IP (Vol. 12005)
Routing TCP/IP, Volume 1 (2nd Edition)
ISBN: 1587052024
EAN: 2147483647
Year: 2005
Pages: 233
Authors: Jeff Doyle, Jennifer Carroll
BUY ON AMAZON
Beginning Cryptography with Java
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
Twisted Network Programming Essentials
PMP Practice Questions Exam Cram 2
AutoCAD 2005 and AutoCAD LT 2005. No Experience Required
Junos Cookbook (Cookbooks (OReilly))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy