Cisco me 3400 Guida Al Software
31-37
Cisco ME 3400 Ethernet Access Switch Software Configuration Guide
OL-9639-07
Chapter 31 Configuring Network Security with ACLs
Using VLAN Maps with Router ACLs
Examples of Router ACLs and VLAN Maps Applied to VLANs
This section gives examples of applying router ACLs and VLAN maps to a VLAN for switched, routed,
and multicast packets. Although the following illustrations show packets being forwarded to their
destination, each time the packet’s path crosses a line indicating a VLAN map or an ACL, it is also
possible that the packet might be dropped, rather than forwarded.
and multicast packets. Although the following illustrations show packets being forwarded to their
destination, each time the packet’s path crosses a line indicating a VLAN map or an ACL, it is also
possible that the packet might be dropped, rather than forwarded.
ACLs and Switched Packets
within the VLAN without being routed or forwarded are only subject to the VLAN map of the input
VLAN.
VLAN.
Figure 31-6
Applying ACLs on Switched Packets
ACLs and Routed Packets
shows how ACLs are applied on routed packets. For routed packets, the ACLs are applied
in this order:
1.
VLAN map for input VLAN
2.
Input router ACL
3.
Output router ACL
4.
VLAN map for output VLAN
VLAN 10
map
Frame
Input
router
ACL
Output
router
ACL
Routing function or
fallback bridge
VLAN 10
VLAN 20
Host C
(VLAN 10)
Host A
(VLAN 10)
VLAN 20
map
Packet
101357