Chapter 25. Access Lists
The technical name for an access list is access control list. The individual entries in an access control list are called access control entries, or ACEs. The term access control list isnât often used in practice; youâll typically hear these lists referred to simply as access lists or ACLs.
Access lists do more than just control access. They are the means whereby Cisco devices categorize and match packets in any number of interesting ways. Access lists are used as simple filters to allow traffic through interfaces. They are also used to define âinteresting trafficâ for ISDN dialer maps, and are used in some route maps for matching.
Designing Access Lists
This chapterâs focus will be less on the basics of access list design, and more on making you conscious of its benefits and pitfalls. The tips and tricks in this chapter should help you to write better, more efficient, and more powerful access lists.
Note
When youâre creating access lists (or any configuration, for that matter), itâs a good idea to create them first in a text editor, and then, once youâve worked out all the details, try them in a lab environment. Anytime youâre working on filters, you risk causing an outage.
Named Versus Numbered
Access lists on many Cisco devices can be either named or numbered. Named
access lists are referenced with a name such as GAD or RepelInvaders. Numbered access lists are the
older method, where each ACL is defined by a number such as 101. Where possible, ...
Get Network Warrior, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
