When the router discards packets, some protocols return a special packet to notify the sender that
the destination is unreachable. For the IP protocol, an ACL discard results in a ???Destination
unreachable (U.U.U.)??? response to a ping and an ???Administratively prohibited (!A * !A)???
response to a traceroute.
IP ACLs can classify and differentiate traf?¬?c. Classi?¬?cation enables you to assign special handling
for traf?¬?c that is de?¬?ned in an ACL, such as the following:
?– Identify the type of traf?¬?c to be encrypted across a virtual private network (VPN) connection.
?– Identify the routes that are to be redistributed from one routing protocol to another.
?– Use with route ?¬?ltering to identify which routes are to be included in the routing updates
between routers.
?– Use with policy-based routing to identify the type of traf?¬?c that is to be routed across a
designated link.
?– Use with Network Address Translation (NAT) to identify which addresses are to be translated.
Transmission of Packets on an Interface
Virtual Terminal Line Access (IP)
X
208 Chapter 6: Managing Traffic with Access Control Lists
?– Use with quality of service (QoS) to identify which packets should be scheduled in a given
queue during times of congestion.
Pages:
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317