IP Access List

An Access List basically is used for controlling and managing the access of interesting and non-interesting traffic. These are the access controlling tools which are powerful enough for both to and from network segments. They are used to enforce security policies and also for the filtration of uninteresting packets. If the network managers use the right combination of the access list they can be powerful enough to implement any policies of their own choice. Access list can also affect the router to analyze each packet.

RULES AND REGULATIONS FOR IP ACCESS LIST:

Some of the rules which should be followed when a packet is being compared by an access list:

•    The order of the lines should not be changed and it should be compared in a sequential order, starting from first then 2nd and so on.
•    If the packet is matched with a line in the access list then no further comparison should take place.
•    An access list is disposed if no line matches the packet and to end the access list “deny all” is used.

There are two main types of IP Access List which are:

1.    Standard Access List.
2.    Extended Access List.

The standard IP Access List fundamentally permits or denies the complete protocol suite. It only uses the source IP address in an IP packet for the filtration of the network. Whereas the Extended Access List always checks for IP address, protocol fields, source, destination and port number at the 4 header.

Subsequent to making the IP access list it is applied to either inbound or outbound list. The packets under consideration are first processed through the inbound access list earlier than they are routed towards the outbound interface. Now these packets which are routed towards the outbound interface are then processed through the outbound access list.