Access Control List
Access control lists (ACLs) perform packet filtering to control which packets move through a network and to where. The packet filtering provides security by helping to limit the network traffic, restrict the access of users and devices to a network, and prevent the traffic from leaving a network.
Inbound ACLs filter the traffic before router makes forward decision.
Outbound ACLs filter the traffic after the router makes forward decision.
An ACL filter condition has to two actions; permit and deny. We can permit certain types of traffic while blocking rest or we can block certain types of traffic while allowing rest.
Example Network setup in NetSim:
Create a scenario as per the below screenshot
Go to router properties and enable ACL_Status shown below
Set the ACL properties as per the following screenshot and click on ADD which permits traffic from Wired Node B (220.127.116.11) to Wired Node C (18.104.22.168) in Router's interface 2
Similarly Set the following properties and click on ADD which denies traffic from Wired Node B (22.214.171.124) to Wired Node D (126.96.36.199) in Router's interface 3
Set the following properties and click on ADD and then ACCEPT which permits traffic from Wired node C (188.8.131.52) to Wired Node D (184.108.40.206) in Router's interface 3
Simulate the network and observe the application throughput.
The throughput for first application is zero, since the ACL blocks traffic flow in Router's 3rd interface