To classify the IP packets, standard
and extended Cisco IOS access control lists (ACLs) are used. And by using ACLs,
various features can be applied, mainly as dial on demand routing (DDR),
policy-based routing, encryption, quality of service (QoS), Port Address
Translation, and the Network Address Translation (NAT), are the packets
classified.
Access Control List Operation:
To know how to determine and
implement on the Cisco network and systems there should be through
understanding on the access control lists (ACL). Filter packets and the
security feature on the inbound and the outbound router interfaces will be
provided by the access control operation.
Understanding the ACLs:
ACLs are primarily used in Cisco
devices by two main functions they are filtering and the classification and
they are explained as below:
- Filtering:
In the increase router connection
around the network the increase of internet all over the globe randomly
increases the new sort of challenges are occurred. The network administrators
face a various problems and they have a dilemma of how to terminate the
unwanted traffic and allow clear access to the appropriate users. And for
example data can be filtered from the rest of the network from accessing the
important and sensitive data from the finance subnet using the ACL as a filter.
- Classification:
ACLs are used in the router to
identify the traffic control. Traffic was identified and classified by the ACL
the router can be configured to know and to handle the traffic. And by
considering the example the ACL is identified in the certain subnet and the
priority is given by the ACL over different types in the congested WAN link.
Using the ACLs in the filtering and
the classification they provide a powerful toolset in the Cisco IOS. Various
ACLs, administration uses the tools to block the traffic from the internet at
which will provide an over controlled access to manage the Cisco IOS devices
and which provides the address translation for the private address such as the
192.168.0.0 network.
Cisco have the whole access and it
will deny or permit the ACLs following points:
- Ports of the router administration telnet traffic into or out of the router.
- The packets are used to the crossing from the various specified router interfaces and the traffic which was going along the Router.
In the traffic the IP is permitted in
and out at all the various interfaces by default.
When the packets are discard by the
router then, a packet is reached to the sender notifying the destination was
not reached. “Destination unreachable (U.U.U.)”is a discard result shown by
ACLs in an IP protocol. And in a trace route “Administratively prohibited (! A
*! A)” is sent in a response of the ping.
Differentiate in the traffic can be
classified in the IP ACLs. Specially defined traffic in the ACL is enabled and
assign to the special handling such as.
- To identify the type of the traffic which has to be encrypted in the Virtual Private Network (VPN) connection.
- The address to be translated are identified by using the Network Address Translation (NAT)
- The traffic across the routed in a designated link is use of policy-based routing to identify the designated link.
- Rotes that are required and distributed form one routing protocol to another can be identified.
- During the time of congestion they will schedule in a queue that which packet is required to assign with a quality of service (QoS).
No comments:
Post a Comment