-
Cisco Active Network Abstraction Reference Guide, 3.7
-
Preface
- Part 1 - Cisco VNEs
-
Part 2 - Technology Support and Information Model Objects
-
Technology Support Introduction
-
Internet Protocol
-
Routing Protocols
-
Virtual Routing and Forwarding
-
Bidirectional Forwarding Detection
-
Session Border Controller
-
Multiprotocol Label Switching
-
Multiprotocol Label Switching Traffic Engineering
-
Pseudowire Emulation Edge to Edge
-
Ethernet (IEEE 802.3)
-
Asynchronous Transfer Mode
-
Frame Relay
-
Integrated Services Digital Network
-
Point-to-Point Protocol
-
High-Level Data Link Control
-
Layer 2 Tunnel Protocol
-
Discovery Protocols
-
Local Switching
-
Digital Subscriber Line
-
Internet Protocol Over Dense Wave Division Multiplexing
-
SONET/SDH
-
TDM/DSx
-
Serial
-
Access Control Lists
-
Physical Components
-
Logical Components
-
Common Components
-
Cisco ANA VNE Topology
-
- Part 3 - Traps and Syslogs
- Part 4 - Alarms and Events
- Part 5 - Commands
-
Feedback
Table Of Contents
Information Model Objects (IMOs)
Access List Traffic Descriptor
Vendor-Specific Inventory and IMOs
Access Control Lists
This chapter describes the level of support that Cisco ANA provides for Access Control Lists (ACLs), as follows:
•
Information Model Objects (IMOs)
•
Technology Description
ACLs
An ACL is a group of statements. Each defines a pattern of data that can be found in an IP packet. As each packet comes through an interface with an associated ACL, the ACL is scanned from top to bottom, in the exact order in which it was entered, for a pattern that matches the incoming packet. A permit or deny rule associated with each pattern determines that packet's fate. A mask (similar to a wild card) can also be used to determine how much of an IP source or destination address to use when matching against the pattern. The pattern statement can also include a TCP or UDP port.
Note that Cisco ANA currently supports IP ACLs only. MAC ACLs are not supported.
Information Model Objects (IMOs)
This section describes the following IMOs:
•
•
Access List Traffic Descriptor
The Access List Traffic Descriptor, with its Access List Entry objects, describes an access list of a single type (Unknown, Standard, Extended, or Rate Limit). It is aggregated by a Traffic Descriptor Container object (see Common Components).
Table 31-1 Access List Traffic Descriptor (IAccessList)
Type
Access list type (Unknown, Standard, Extended, Rate Limit)
Any
Configuration
Access List Entries Table
Array of instances of Access List Entry
Any
Configuration
Name or ID
Traffic descriptor name or identifier
Any
Configuration
Index
Traffic descriptor index
Any
Configuration
Access List Entry
Vendor-Specific Inventory and IMOs
In this chapter, Information Model Objects (IMOs), currently describes Cisco's QoS objects. However, these are generic QoS objects that can be used by other vendors.
Network Topology
There is no specific network topology associated with this technology.
Service Alarms
There are no faults or alarms associated with this technology.
For detailed information about alarms and correlation, see the Cisco Active Network Abstraction 3.7 User Guide.