Chapter 31
Understanding Cisco IOS ACL Support
A more detailed example follows:
ACL1
... (dst port) gt 10 permit
... (dst port) lt 9 deny
... (dst port) gt 11 deny
... (dst port) neq 6 permit
... (src port) neq 6 deny
... (dst port) gt 10 deny
ACL2
... (dst port) gt 20 deny
... (src port) lt 9 deny
... (src port) range 11 13 deny
... (dst port) neq 6 permit
The Layer 4 operations and LOU usage is as follows:
ACL1 Layer 4 operations: 5
•
ACL2 Layer 4 operations: 4
•
LOUs: 4
•
An explanation of the LOU usage follows:
LOU 1 stores "gt 10" and "lt 9"
•
LOU 2 stores "gt 11" and "neq 6"
•
•
LOU 3 stores "gt 20" (with space for one more)
•
LOU 4 stores "range 11 13" (range needs the entire LOU)
OL-11439-03
Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide, Release 12.2ZY
Guidelines and Restrictions for Using Layer 4 Operators in ACLs
31-7