-
Cisco Active Network Abstraction Reference Guide, 3.7.2
-
Preface
-
Part 1 - Cisco VNEs
-
Introduction
-
Overview—Supported Network Elements in Cisco ANA Version 3.7.2
-
Support Information for Cisco Security Appliances
-
Support Information for Cisco Access Servers
-
Support Information for Cisco Gateways
-
Support Information for Cisco Routers
-
Support Information for Cisco Switches
-
Support Information for Generic Devices
-
-
Part 2 - Technology Support and Information Model Objects
-
Technology Support Introduction
-
Internet Protocol
-
Routing Protocols
-
VPN and VRF
-
Bidirectional Forwarding Detection
-
Session Border Controller
-
Multiprotocol Label Switching
-
Multiprotocol Label Switching Traffic Engineering
-
Pseudowire
-
Ethernet (IEEE 802.3)
-
Ethernet OAM
-
Asynchronous Transfer Mode
-
Frame Relay
-
Integrated Services Digital Network
-
Point-to-Point Protocol
-
High-Level Data Link Control
-
Layer 2 Tunnel Protocol
-
Discovery Protocols
-
Local Switching
-
Digital Subscriber Line
-
SONET/SDH
-
Internet Protocol Over Dense Wave Division Multiplexing
-
TDM/DSx
-
Clocking
-
Serial
-
Access Control Lists
-
Physical Components
-
Logical Components
-
Common Components
-
Cisco ANA VNE Topology
-
- Part 3 - Alarms and Events
-
Part 4 - Commands
-
Using Connectivity Fault Management Commands
-
Using Resilient Ethernet Protocol Commands
-
Using Cisco Carrier Grade NAT Commands
-
Using Pseudowire Virtual Circuit Connectivity Verification Commands
-
Using Link Operations, Administration and Maintenance Operations Commands
-
Using Ethernet Local Management Interface Commands
-
-
Index
-
Feedback
Table Of Contents
Information Model Objects (IMOs)
Access List Traffic Descriptor
Vendor-Specific Inventory and IMOs
Access Control Lists
This chapter describes the level of support that Cisco ANA provides for Access Control Lists (ACLs), as follows:
•
Information Model Objects (IMOs)
•
Please see Part 1: Cisco VNEs in this guide for information about which devices support the various technologies.
Technology Description
An ACL is a group of statements. Each defines a pattern of data that can be found in an IP packet. As each packet comes through an interface with an associated ACL, the ACL is scanned from top to bottom, in the exact order in which it was entered, for a pattern that matches the incoming packet. A permit or deny rule associated with each pattern determines that packet's fate. A mask (similar to a wild card) can also be used to determine how much of an IP source or destination address to use when matching against the pattern. The pattern statement can also include a TCP or UDP port.
Note that Cisco ANA currently supports IP ACLs only. MAC ACLs are not supported.
Information Model Objects (IMOs)
This section describes the following IMOs:
•
•
Access List Traffic Descriptor
The Access List Traffic Descriptor, with its Access List Entry objects, describes an access list of a single type (Unknown, Standard, Extended, or Rate Limit). It is aggregated by a Traffic Descriptor Container object (see Common Components).
Table 34-1 Access List Traffic Descriptor (IAccessList)
Type
Access list type (Unknown, Standard, Extended, Rate Limit)
Any
Configuration
Access List Entries Table
Array of instances of Access List Entry
Any
Configuration
Name or ID
Traffic descriptor name or identifier
Any
Configuration
Index
Traffic descriptor index
Any
Configuration
Access List Entry
Vendor-Specific Inventory and IMOs
There are no vendor-specific inventory or IMOs for this technology.
Service Alarms
There are no faults or alarms associated with this technology.