Examples Of Router Acls And Vlan Maps Applied To Vlans; Acls And Switched Packets - Cisco WS-C3550-12G Software Configuration Manual

Chapter 19 Configuring Network Security with ACLs
Note When configuring ACLs on the switch, to allocate maximum hardware resources for ACLs, you can
use the sdm prefer access global configuration command to set the Switch Database Management
feature to the access template. For more information on the SDM templates, see the
System Resources for User-Selected Features" section on page

Examples of Router ACLs and VLAN Maps Applied to VLANs

This section gives examples of applying router ACLs and VLAN maps to a VLAN for switched, bridged,
routed, and multicast packets. Although the following illustrations show packets being forwarded to
their destination, each time the packet's path crosses a line indicating a VLAN map or an ACL, it is also
possible that the packet might be dropped, rather than forwarded.

ACLs and Switched Packets

Figure 19-6
switched within the VLAN without being routed or forwarded by fallback bridging are only subject to
the VLAN map of the input VLAN.
Figure 19-6 Applying ACLs on Switched Packets
Host A
(VLAN 10)
78-11194-03
shows how an ACL is applied on packets that are switched within a VLAN. Packets
VLAN 10
map
Frame
Host C
(VLAN 10)
VLAN 10
6-57.
Catalyst 3550 switch
Input Output
router router VLAN 20
ACL ACL
Routing function or
fallback bridge
Packet
Catalyst 3550 Multilayer Switch Software Configuration Guide
Using VLAN Maps with Router ACLs
"Optimizing
map
VLAN 20
19-39