From: Fowlie, Colin (Colin.Fowlie@aliant.ca)
Date: Wed Apr 14 2004 - 11:04:32 GMT-3
The "evaluate" command tells the router to look at the dynamic entries
created in the reflexive ACL. These dynamic entries are created by the
"reflect <name-tag>" command, and can be referenced by <name-tag>
The reflect and evaluate commands work in concert to provide the overall
reflexive functionality.
HTH
-Colin
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Bayraktar, Ersoy
Sent: Wednesday, April 14, 2004 11:01 AM
To: ccielab@groupstudy.com
Subject: reflexive access list
Hi Guys,
What does the evaluate command to on the reflexive access list
For example
ip access-list extended outboundfilters
permit tcp any any reflect tcptraffic
!
ip access-list extended inboundfilters
permit bgp any any
permit eigrp any any
deny icmp any any
evaluate tcptraffic
It says if a packet does not match the first three entries on the
inboundfilters , the packet will be evaluated against all entries in the
reflexive access
list tcptraffic, what does this mean.
Thanks
Ersoy
This archive was generated by hypermail 2.1.4 : Mon May 03 2004 - 19:48:47 GMT-3