Please enable JavaScript.
Coggle requires JavaScript to display documents.
Module 4: ACL Concepts - Coggle Diagram
Module 4: ACL Concepts
4.2.1 Wildcard Mask Overview: A wildcard mask is similar to a subnet mask in that it applies the ANDing process to identify matching bits in an IPv4 address. However, they differ in how they interpret binary 1s and 0s. In a subnet mask, a binary 1 indicates a match, while a binary 0 does not. In contrast, a wildcard mask reverses this logic.
-
-
-
-
4.2.2 Wildcard Mask Types: Using wildcard masks will take some practice. Refer to the examples to learn how the wildcard mask is used to filter traffic for one host, one subnet, and a range IPv4 addresses.
-
-
-
4.2.3 Wildcard Mask Calculation: Calculating wildcard masks can be challenging. One shortcut method is to subtract the subnet mask from 255.255.255.255.
-
-
-
-
-
4.3.1 Número limitado de ACL por interfaz
4.3.2 Mejores prácticas de ACL
-
4.1.1 What is an ACL?
Routers make routing decisions based on the packet header and routing table. They compare the destination IP address with the routing table to find the best match and forward the packet accordingly. This process can also be used for traffic filtering with an Access Control List (ACL).
An ACL is a set of IOS commands used to filter packets based on the packet header. By default, routers have no ACLs configured, but when applied to an interface, the router evaluates network packets to determine if they can be forwarded.
ACLs consist of sequential permit or deny statements called Access Control Entries (ACEs). When traffic passes through an ACL-configured interface, the router checks each packet against ACEs in order, a process known as packet filtering. ACLs are used in various router tasks to identify traffic.
4.1.2 Filtrado de paquetes
Packet filtering controls access to a network by analyzing the incoming and/or outgoing packets and forwarding them or discarding them based on given criteria. Packet filtering can occur at Layer 3 or Layer 4,
4.1.3 Funcionamiento de las ACL
ACLs control traffic on routers by applying rules to packets entering, transiting, or exiting interfaces. They can be configured for inbound traffic (filtering before routing) or outbound traffic (filtering after routing).In an inbound ACL, the router checks the source IPv4 address against ACEs sequentially. If a match is found, the packet is either permitted or denied, and further ACEs are not evaluated. If no match is found, the packet is discarded due to an implicit deny statement at the end of every ACL.ACLs must include at least one permit statement, or all traffic will be denied by default..