ACL- Direction

From: sumit.kumar@comcast.net
Date: Tue May 31 2005 - 14:29:21 GMT-3

• Next message: marvin greenlee: "RE: BGP - Any other way of doing this [bcc][faked-from]"
• Previous message: sumit.kumar@comcast.net: "BGP - Any other way of doing this"
• Next in thread: Guyler, Rik: "RE: ACL- Direction"
• Maybe reply: Guyler, Rik: "RE: ACL- Direction"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

What is the "lab recommended" way of defining ACLs, for example requirment is to classify http traffic from network A. What is recommended using 1or both 1 and 2

1. access-list 121 permit tcp <net A> any any eq www

 2.access-list 121 permit tcp <net A> eq www any

Also on the same note if the classification has to be dome from a Router do we need a statment from all of the router's interfaces or just the connected interface example R1 and R2 are connected via p2p frame. On R2 match all the traffic coming from R1. Is 1 enough or we need all 1,2 and 3..?

1. access-list 101 permit host <R1 frame int add> any
 
2. access-list 101 permit host <R1 loopback add> any
3. access-list 101 permit host <R1 f0/0 add> any

thanks
Sumit

• Next message: marvin greenlee: "RE: BGP - Any other way of doing this [bcc][faked-from]"
• Previous message: sumit.kumar@comcast.net: "BGP - Any other way of doing this"
• Next in thread: Guyler, Rik: "RE: ACL- Direction"
• Maybe reply: Guyler, Rik: "RE: ACL- Direction"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:12:04 GMT-3