The source is where it has arrived from (before
this router), and the destination is where it is going (on the other side of the router).
Understanding ACL Processing
This section helps you to understand ACL processing by explaining inbound and outbound ACLs, packet flow
rules, and guidelines for implementing ACLs.
Inbound ACL
Examine the pseudocode that follows to understand packet processing. When an inbound ACL is applied on an
interface, the router checks the received packet against the ACL's statements for a match.
Code View:
if {a match is found} then
if {the action is to permit) then
{router continues to process the packet}
else {the action is to deny} then
{router discards the packet sending an ICMP Unreachable message to the
source address in the packet - assuming this is not disabled}
endif
else {a match is not found} then
{with the default 'implicit deny' statement??”the router discards the packet,
sending an ICMP Unreachable message}
endif
Outbound ACL
Examine the pseudocode that follows to understand packet processing. When an outbound ACL is applied on an
interface, the router first performs a route lookup for the destination address in the routing table to determine
the exit (egress) interface.
Pages:
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87