Note
Outbound ACLs that are applied to router interfaces do not filter traffic that originates from the router.
Direction of the ACL
The terms in, out, source, and destination are used as referenced by the device in the context of the flow of the
traffic. As an analogy, traffic on the router can be compared to a passenger flying from Sydney to San
Francisco. If the immigration department wants to stop this passenger traveling from Sydney (source) to San
Francisco (destination), there are two possibilities for interception:
The passenger could be stopped at the Sydney airport at the immigration control (out) departing
outbound.
The passenger could be stopped at the San Francisco airport at the immigration control (in) arriving
inbound.
When referring to a device where an ACL is applied, these terms are defined as follows:
Out: Traffic that has already been processed through the router and is exiting the router interface (also
called egress traffic). The source is where the traffic originated (on the other side of the router), and the
destination is where it is going (beyond this router).
In: Traffic that arrives on the router interface (also called ingress traffic) and will be processed by the
router for its destination traversing through this router.
Pages:
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86