All Documents
Current Document

Content is empty

If you don't find the content you expect, please try another search term

Documentation

Access control overview

Last updated:2021-05-26 16:59:48

Server Load Balancing (SLB) supports access control for inbound traffic based on the protocol, IP address, traffic direction, and priority.

Scenarios

You can bind an ACL to listeners that have the same network traffic control requirements. By adding inbound rules that allow or deny certain data flows, you can precisely control which data flows go to the listeners. No control is applied to outbound traffic on listeners.

ACL rules

You can create ACLs and bind them to specific listeners. When you add rules to or remove rules from an ACL, the changes are automatically applied to the bound listeners.

An ACL rule consists of the following components:

  • Priority: The rule priority, in the range of 1 to 999. A rule with a smaller priority value is matched earlier. The system uses the first matching rule and ignores other higher-priority rules.
  • Protocol: IP
  • Behavior: Allow or deny
  • Source IP (in CIDR notation)

You can add a maximum of 200 rules to an ACL.

Restrictions

When you use an ACL, take note of the following restrictions:

  • An ACL can be associated with multiple listeners, but a listener can be associated with only one ACL.
  • Different ACL rules must have different priority values.
  • An ACL has inbound rules. Each rule has a priority, protocol type, source IP address, and behavior (allow or deny).
  • After creating an ACL, you must add at least one rule to it.
On this page
Pure ModeNormal Mode

Pure Mode

Click to preview the document content in full screen
Feedback