RE: CBAC vs. Reflexive ACL

From: Rik Guyler (rik@guyler.net)
Date: Tue Feb 12 2008 - 13:48:14 ARST

• Next message: Daniel Valle: "Re: CBAC vs. Reflexive ACL"
• Previous message: Eggert, Scott: "RE: EIGRP variance load sharing help"
• Maybe in reply to: wael sabry: "CBAC vs. Reflexive ACL"
• Next in thread: Daniel Valle: "Re: CBAC vs. Reflexive ACL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

CBAC also adds a component of stateful inspection to the ACL function, which
RACLs don't do. If the question asks you simply to allow return traffic
then a RACL should do it but if the question leads you towards intelligent
or stateful filtering (possibly with keywords, such as Internet, hackers,
etc.) then you could consider CBAC.

Rik

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of wael
sabry
Sent: Tuesday, February 12, 2008 7:25 AM
To: ccielab@groupstudy.com
Subject: CBAC vs. Reflexive ACL

Hello,

Is there any advice about when to use CBAC and when use Reflexive ACL, many
tasks in IE that need to permit locally traffic (tcp/udp/icmp) to be
returned back most of these Tasks have been solved by Reflexive ACL and then
needed to add route-map to match locally generated traffic of the router .
My Question why not to use CBAC with router-traffic key word.

For Example Task 8-1 in Lab 5.

Regards,

Wael Sabry

• Next message: Daniel Valle: "Re: CBAC vs. Reflexive ACL"
• Previous message: Eggert, Scott: "RE: EIGRP variance load sharing help"
• Maybe in reply to: wael sabry: "CBAC vs. Reflexive ACL"
• Next in thread: Daniel Valle: "Re: CBAC vs. Reflexive ACL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Mar 01 2008 - 16:54:48 ARST