Service policy or acces-list for the traffic control ?

From: Cisco Net (network.cisco@gmail.com)
Date: Tue Oct 19 2004 - 19:47:52 GMT-3

• Next message: Cisco Net: "Only SNA across dlsw [IE lab 8 DLSW]"
• Previous message: Joe Freeman: "RE: VTP server backup"
• Next in thread: Bob Sinclair: "Re: Service policy or acces-list for the traffic control ?"
• Maybe reply: Bob Sinclair: "Re: Service policy or acces-list for the traffic control ?"
• Maybe reply: Carlos G Mendioroz: "Re: Service policy or acces-list for the traffic control ?"
• Maybe reply: Bob Sinclair: "Re: Service policy or acces-list for the traffic control ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi
I have a service policy defined on the interface to match all the
incoming http packets and drop.

At the same time i have an ACL specified on the same interface
(incoming) as to deny all the http packets.

Which one of this action will be taken first ? ACL or service policy.?

So if i have the following to be denyed,
Incoming http, ftp, smtp , telnet. Also the question says to not use any acls
for smtp/telnet traffic control and should use acl for ftp/smtp. Then
can i use the following,
1- http/ftp with acl (IN)
2- smtp/telnet with service policy (IN) with match protocol and drop
Regards
Cert

• Next message: Cisco Net: "Only SNA across dlsw [IE lab 8 DLSW]"
• Previous message: Joe Freeman: "RE: VTP server backup"
• Next in thread: Bob Sinclair: "Re: Service policy or acces-list for the traffic control ?"
• Maybe reply: Bob Sinclair: "Re: Service policy or acces-list for the traffic control ?"
• Maybe reply: Carlos G Mendioroz: "Re: Service policy or acces-list for the traffic control ?"
• Maybe reply: Bob Sinclair: "Re: Service policy or acces-list for the traffic control ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Nov 06 2004 - 17:11:50 GMT-3