Presentation is loading. Please wait.

Presentation is loading. Please wait.

IETF ACL YANG Enhancements

Published byJuan Carlos Lucero Blanco Modified over 6 years ago

Similar presentations

Presentation on theme: "IETF ACL YANG Enhancements"— Presentation transcript:

1 IETF ACL YANG Enhancements
Sonal Agarwal Mahesh Jethanandani

2 Agenda Support for different combinations of statistics and ACL application on an interface Inclusion of match & action parameters Open Issues found on further review These slides do no reflect discussion after -14

3 Support for different combinations of statistics
What’s in the current model? Draft 11 provides stats support on a per ACE level. The problem is that it aggregates stats across all interfaces, which is not granular. What’s new in draft 14? Statistics support on a per interface/per ace basis, in both ingress and egress directions.

4 Support for ACL-set application on interface
What’s in the current model? Draft 11 does not provide a way to support ACL application on an interface. What’s new in draft 14? Support for application of a list of ACL’s in both ingress and egress directions of an interface.

5 Inclusion of match and action parameters
identity log-action { description "Base identity for defining the destination for logging actions”; } identity log-syslog { base log-action; "System log (syslog) the information for the packet"; Added logging option as an action Added dscp and ecn leafs Added operations to source and destination port containers typedef operator { type enumeration { enum lt { description "Less than."; } enum gt { "Greater than."; enum eq { "Equal to."; enum neq { "Not equal to.";

6 Inclusion of match and action parameters
Added headers for tcp Added udp headers Added icmp headers Added input-interface

7 Open issues

Download ppt "IETF ACL YANG Enhancements"

Similar presentations

Tunnel congestion Feedback (draft-wei-tunnel-congestion-feedback-01) Xinpeng Wei Lei Zhu Lingli Deng Huawei Huawei China Mobile IETF 89 London, UK.

Tunnel congestion Feedback (draft-wei-tunnel-congestion-feedback-01) Xinpeng Wei Lei Zhu Lingli Deng Huawei Huawei China Mobile IETF 89 London, UK.
Access Control Lists. Types Standard Extended Standard ACLs Use only the packets source address for comparison 1-99.

Access Control Lists. Types Standard Extended Standard ACLs Use only the packets source address for comparison 1-99.
Deployment Considerations for Dual-stack Lite IETF 80 Prague Yiu Lee, Roberta Magione, Carl Williams, Christian Jacquenet Mohamed Boucadair.

Deployment Considerations for Dual-stack Lite IETF 80 Prague Yiu Lee, Roberta Magione, Carl Williams, Christian Jacquenet Mohamed Boucadair.
ClassBench: A Packet Classification Benchmark

ClassBench: A Packet Classification Benchmark
WXES2106 Network Technology Semester 1 2004/2005 Chapter 10 Access Control Lists CCNA2: Module 11.

WXES2106 Network Technology Semester /2005 Chapter 10 Access Control Lists CCNA2: Module 11.
1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. 

1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. 
NSIS Operation Over IP Tunnels draft-shen-nsis-tunnel-00.txt Charles Shen, Henning Schulzrinne Sung-Hyuck Lee, Jong Ho Bang IETF#63 – Paris, France August.

NSIS Operation Over IP Tunnels draft-shen-nsis-tunnel-00.txt Charles Shen, Henning Schulzrinne Sung-Hyuck Lee, Jong Ho Bang IETF#63 – Paris, France August.
Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.

Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.
ARP and RARP The left side of this slide gives an ARP message in hexadecimal format, identify the ARP header fields, and work out their corresponding values.

ARP and RARP The left side of this slide gives an ARP message in hexadecimal format, identify the ARP header fields, and work out their corresponding values.
Institute of Technology, Sligo Dept of Computing Access Control Lists Semester 3, Chapter 6.

Institute of Technology, Sligo Dept of Computing Access Control Lists Semester 3, Chapter 6.
Ipchains A packet-filtering Firewalls supported by Linux distributions.

Ipchains A packet-filtering Firewalls supported by Linux distributions.
Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.

Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.
CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control 172.16.3.0172.16.4.0 Non-172.16.0.0 e0e1 s0 172.16.4.13 server.

CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control Non e0e1 s server.
1 Semester 2 Module 11 Access Control Lists (ACLs) Yuda college of business James Chen

1 Semester 2 Module 11 Access Control Lists (ACLs) Yuda college of business James Chen


1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)

1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)
Access Control Lists Written by Bill Reed 03/11/05.

Access Control Lists Written by Bill Reed 03/11/05.
NetfFow Overview SANOG 17 Colombo, Sri Lanka. Agenda Netflow –What it is and how it works –Uses and Applications Vendor Configurations/ Implementation.

NetfFow Overview SANOG 17 Colombo, Sri Lanka. Agenda Netflow –What it is and how it works –Uses and Applications Vendor Configurations/ Implementation.
Network Certification Preparation. Module - 5 Basic troubleshooting of IP addressing issues Basic troubleshooting of RIP and IGRP Basic troubleshooting.

Network Certification Preparation. Module - 5 Basic troubleshooting of IP addressing issues Basic troubleshooting of RIP and IGRP Basic troubleshooting.
Session 2 Security Monitoring Identify Device Status Traffic Analysis Routing Protocol Status Configuration & Log Classification.

Session 2 Security Monitoring Identify Device Status Traffic Analysis Routing Protocol Status Configuration & Log Classification.

Similar presentations

Ads by Google