From: Pavel Bykov (slidersv@gmail.com)
Date: Tue Mar 24 2009 - 21:53:30 ART
Also, for the "precedence" - they are actually examined in sequence.
There is a "order of operation" document, but it does not cover vlan maps
(at least not the one I have the link to)
So if you would apply vlan-map and access-list, then both would have to be
permit/forward for traffic to pass. The other one does not get ignored when
one result is permit.
On the other hand, if at least on result is DENY, the packet is denied.
On Sat, Mar 21, 2009 at 8:49 AM, Bhuvanesh Rajput <ashu2084@gmail.com>wrote:
> Hi guys,
>
> Please through some light on my doubts.........
>
> a>> on the switch, when/where (l2 interface / vlan) can we use mac
> address-list, ip access-list and vlan map.?
>
> b>>can we apply mac access-list , ip access-list and vlan map
> altogether on a sigle L2 interface /vlan (svi)?
>
> c>>in which direction mac access-list take precedence when ip
> access-list and vlan map also configured on the interface/vlan.
>
> d>> if all three applied on the l2 interface/vlan(svi) then what
> would be the execution sequence??
>
> Cheers!
> Bhuvanesh
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- Pavel Bykov ---------------- Don't forget to help stopping the braindumps, use of which reduces value of your certifications. Sign the petition at http://www.stopbraindumps.com/Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Apr 06 2009 - 06:44:07 ART