244 Chapter 6: Managing Traffic with Access Control Lists
Chapter Summary
Standard and extended Cisco IOS access control lists (ACL) are used to classify IP packets. The
many features of ACLs include security, encryption, policy-based routing, and quality of service
(QoS). These features are applied on router and switch interfaces for speci?¬?c directions (inbound
versus outbound).
Numbered ACLs identify the type of ACL that is being created: standard or extended. They also
allow administrators more ?¬‚exibility when they are modifying the ACL entries.
The following list summarizes the key points that were discussed in this chapter:
?– ACLs can be used to ?¬?lter IP packets or identify traf?¬?c for special handling.
?– ACLs perform top-down processing and can be con?¬?gured for incoming or outgoing traf?¬?c.
?– In a wildcard bit mask, 0 means to match the corresponding address bit, and 1 means to ignore
the corresponding address bit.
?– Standard IPv4 ACLs allow ?¬?ltering based on source address.
?– Extended IPv4 ACLs allow ?¬?ltering based on source and destination addresses, as well as
protocol and port number.
?– IP access list entry sequence numbering allows you to delete individual statements from an
ACL to add statements anywhere in the ACL.
Pages:
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372