If the source interface is not grouped to an ACL, the router
checks the routing table to see if the packet is routable. If the packet is not routable, the router
drops the packet. Examples of inbound ACL operations are as follows:
Routing
Table
Entry?
Choose
Outbound
Interface
Inbound
Interface
Packets
Outbound
Interfaces
Packet
S0
Packet
S1
Packet
Discard
Bucket
Discard Packet
Notify Sender
Y
N
N
N
Y
Y
Test
ACL
Statements
Permit?
ACL?
210 Chapter 6: Managing Traffic with Access Control Lists
?– If the inbound interface is S0, which has not been grouped to an inbound ACL, the packet is
processed normally, and the router checks to see whether the packet is routable.
?– If the inbound interface is S1, which has been grouped to an inbound ACL, the packet is not
processed, and the routing table is not consulted until it is tested by the combination of ACL
statements that are associated with that interface. Based on the ACL tests, the packet is
permitted or denied.
For inbound lists, ???to permit??? means to continue to process the packet after receiving it on an
inbound interface, and ???to deny??? means to discard the packet.
Pages:
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320