Javatpoint Logo
Javatpoint Logo

Access Lists (ACL)

ACLs are a set of rules for regulating network traffic and minimising network attacks. Using a set of rules specified for the network's incoming or outgoing traffic, ACLs are used to filter traffic.

Features of Access List -

  • The defined set of rules is matched line by line, starting with the first line, then the second, then the third, and so on.
  • Only up until the rule matches are the packets matched. No further comparisons are made after a rule matches, and that rule is then applied.
  • Every ACL has an implicit denial at the end, meaning that the packet will be discarded if neither a condition nor a rule is met.

The access-list should then be applied to the interface's inbound or outbound traffic once it has been constructed:

  • Inbound access lists - When an access list is applied to an interface's inbound packets, the inbound packets are first processed in accordance with the access list before being forwarded to the outbound interface.
  • Outbound access lists - When an access list is applied to an interface's outbound packet header, the outbound interface will first route the packet before processing it.

Types of Access List -

There are two main types of access-list, and they are as follows:

  • Standard Access-list : These Access-lists are created solely using the source IP address. These ACLs either allow or disallow the entire set of protocols. TCP, UDP, HTTPS, and other types of IP traffic are not differentiated. The router will recognise it as a standard ACL and the specified address as the source IP address if you use the numbers 1-99 or 1300-1999.
  • Long Access List : The ACL that makes use of source IP, destination IP, source port, and destination port is this one. We can also specify which IP traffic should be permitted or blocked using these ACLs. These employ the 100-199 and 2000-2699 ranges. The process on the client machine sends the clock server a request at time T 0 for the clock time (time at the server).

Additionally, there are two types of access-lists:

  • Numbered access lists are access lists that, once created, cannot be specifically deleted; for example, if we want to remove any rules from an access list, this is not allowed in the case of a numbered access list. The access list as a whole will be deleted if we attempt to remove a rule from it. Both standard and extended access lists can use the numbered access-list.
  • Named access list: In this type of access list, a name is given to the access list in order to identify it. Unlike numbered access lists, named access lists can be deleted. These can be used with both standards and extended access lists, just like numbered access lists.

Guidelines for Access List -

  • In general, the standard Access-list is used close to the destination ( but not always ).
  • Typically, the extended Access-list is used close to the source (but not always).
  • We are only allowed to assign one ACL per interface, per protocol, and per direction, meaning that each interface can only have one inbound and one outbound ACL.
  • If we are using a numbered Access-list, we are unable to remove a rule from it. The entire ACL will be removed if we attempt to remove a rule. A specific rule can be deleted if named access lists are being used.
  • Before implementing the access lists, carefully analyse the entire scenario because every new rule that is added will be placed at the bottom of the access list.
  • Every access list has an implicit denial at the end, so we need to have at least a permit statement there; otherwise, all traffic will be blocked.
  • Extended access lists cannot share the same name as standard access lists.

Benefits of Access List -

  • Boost network efficiency.
  • Security is provided because the administrator can customise the access list to meet specific requirements and prevent malicious packets from entering the network.
  • provides control over the traffic by allowing or disallowing it based on the requirements of the network.
Next TopicDigital Subscriber Line (DSL)




Youtube For Videos Join Our Youtube Channel: Join Now

Feedback

Help Others, Please Share

facebook twitter pinterest

Learn Latest Tutorials

Splunk tutorial

Splunk
SPSS tutorial

SPSS
Swagger tutorial

Swagger
T-SQL tutorial

Transact-SQL
Tumblr tutorial

Tumblr
React tutorial

ReactJS
Regex tutorial

Regex
Reinforcement learning tutorial

Reinforcement Learning
R Programming tutorial

R Programming
RxJS tutorial

RxJS
React Native tutorial

React Native
Python Design Patterns

Python Design Patterns
Python Pillow tutorial

Python Pillow
Python Turtle tutorial

Python Turtle
Keras tutorial

Keras

Preparation

Aptitude

Aptitude
Logical Reasoning

Reasoning
Verbal Ability

Verbal Ability
Interview Questions

Interview Questions
Company Interview Questions

Company Questions

Trending Technologies

Artificial Intelligence

Artificial Intelligence
AWS Tutorial

AWS
Selenium tutorial

Selenium
Cloud Computing

Cloud Computing
Hadoop tutorial

Hadoop
ReactJS Tutorial

ReactJS
Data Science Tutorial

Data Science
Angular 7 Tutorial

Angular 7
Blockchain Tutorial

Blockchain
Git Tutorial

Git
Machine Learning Tutorial

Machine Learning
DevOps Tutorial

DevOps

B.Tech / MCA

DBMS tutorial

DBMS
Data Structures tutorial

Data Structures
DAA tutorial

DAA
Operating System

Operating System
Computer Network tutorial

Computer Network
Compiler Design tutorial

Compiler Design
Computer Organization and Architecture

Computer Organization
Discrete Mathematics Tutorial

Discrete Mathematics
Ethical Hacking

Ethical Hacking
Computer Graphics Tutorial

Computer Graphics
Software Engineering

Software Engineering
html tutorial

Web Technology
Cyber Security tutorial

Cyber Security
Automata Tutorial

Automata
C Language tutorial

C Programming
C++ tutorial

C++
Java tutorial

Java
.Net Framework tutorial

.Net
Python tutorial

Python
List of Programs

Programs
Control Systems tutorial

Control System
Data Mining Tutorial

Data Mining
Data Warehouse Tutorial

Data Warehouse