Supported Acls; Qos Acls; Cisco Ios Acls - Cisco WS-C6506 Software Manual

Chapter 15 Configuring Access Control
•
The quality of service (QoS) feature set that is supported on your switch is determined by the switching
Note
engine daughter card that is installed on the supervisor engine. See
more information.

Supported ACLs

These sections describe the ACLs that are supported by the Catalyst 6500 series switches:
•
•
•

QoS ACLs

You can configure the QoS ACLs on the switch; see

Cisco IOS ACLs

Cisco IOS ACLs are configured on the MSFC VLAN interfaces. An ACL provides access control and
consists of an ordered set of access control entries (ACEs). Many other features also use ACLs for
specifying flows. For example, Web Cache Redirect (through the Web Cache Coordination Protocol
[WCCP]) uses the ACLs to specify the HTTP flows that can be redirected to a Web cache engine.
Most Cisco IOS features are applied on the interfaces for specific directions (inbound versus outbound).
However, some features use the ACLs globally. For such features, the ACLs are applied on all interfaces
for a given direction. As an example, TCP intercept uses a global ACL that is applied on all outbound
interfaces.
One Cisco IOS ACL can be used with multiple features for a given interface, and one feature can use
multiple ACLs. When a single ACL is used by multiple features, Cisco IOS software examines it
multiple times.
Cisco IOS software examines the ACLs that are associated with the features that are configured on a
given interface and a direction. As the packets enter the router on a given interface, Cisco IOS software
examines the ACLs that are associated with all the inbound features that are configured on that interface
for the following:
•
•
•
•
OL-8978-04
VACLs and QoS ACLs:
Supervisor Engine 1 and PFC
–
Supervisor Engine 2 and PFC2
–
Supervisor Engine 720 and PFC3A/PFC3B/PFC3BXL
–
Supervisor Engine 32 and PFC3B/PFC3BXL
–
QoS ACLs, page 15-3
Cisco IOS ACLs, page 15-3
VACLs, page 15-4
Inbound ACLs (standard, extended, and/or reflexive)
Encryption ACLs (not supported on the MSFC)
Policy routing ACLs
Network Address Translation (NAT) for outside-to-inside translation
Chapter 52, "Configuring QoS."
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
Supported ACLs
Chapter 52, "Configuring QoS" for
15-3