Table of Contents
Advertisement
ip access-list extended test
remark 4 XYZ
remark 5 this remark corresponds to permit any host 1.1.1.1
seq 5 permit ip any host 1.1.1.1
remark 9 ABC
remark 10 this remark corresponds to permit ip any host 1.1.1.2
seq 10 permit ip any host 1.1.1.2
seq 15 permit ip any host 1.1.1.3
seq 20 permit ip any host 1.1.1.4
Dell# end
Dell# resequence access-list ipv4 test 2 2
Dell# show running-config acl
!
ip access-list extended test
remark 2 XYZ
remark 4 this remark corresponds to permit any host 1.1.1.1
seq 4 permit ip any host 1.1.1.1
remark 6 this remark has no corresponding rule
remark 8 this remark corresponds to permit ip any host 1.1.1.2
seq 8 permit ip any host 1.1.1.2
seq 10 permit ip any host 1.1.1.3
seq 12 permit ip any host 1.1.1.4
Route Maps
Although route maps are similar to ACLs and prefix lists in that they consist of a series of commands that
contain a matching criterion and an action, route maps can modify parameters in matching packets.
Implementation Information
ACLs and prefix lists can only drop or forward the packet or traffic. Route maps process routes for route
redistribution. For example, a route map can be called to filter only specific routes and to add a metric.
Route maps also have an "implicit deny." Unlike ACLs and prefix lists; however, where the packet or traffic is
dropped, in route maps, if a route does not match any of the route map conditions, the route is not
redistributed.
The implementation of route maps allows route maps with the no match or no set commands. When there is
no match command, all traffic matches the route map and the set command applies.
Logging of ACL Processes
This functionality is supported on the platform.
To assist in the administration and management of traffic that traverses the device after being validated by the
configured ACLs, you can enable the generation of logs for access control list (ACL) processes. Although you
can configure ACLs with the required permit or deny filters to provide access to the incoming packet or
disallow access to a particular user, it is also necessary to monitor and examine the traffic that passes through
the device. To evaluate network traffic that is subjected to ACLs, configure the logs to be triggered for ACL
Access Control Lists (ACLs)
166
Advertisement
Table of Contents
Troubleshooting
