Vlan map confusion

Unanswered Question
Sep 15th, 2007
User Badges:
  • Gold, 750 points or more

Hi Guys


i m little bit confused about vlan map's.

as i have read through we need to define a access-list.


Then we apply that access-list as a match critera in the vlan map then we define the action.


But what confuses me is that,in the access list we r using the permit statement while in the map it is droped.


Please explain.


Thanks

Mahmood

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Edison Ortiz Sat, 09/15/2007 - 12:15
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

You are matching the traffic from the ACL. The permit tells the vlan map to process the src/dst networks and the action for that flow is to drop the traffic.


With a deny statement on the ACL, the vlan map will assume that you don't want to process the traffic with the subsequent action.


You will see the same logic on MQC (Modular QoS CLI).


class-map match-all Class-Vlan

match access-group ACL-Vlan


policy-map Policy-Vlan

class Class-Vlan

drop


ip access-list extended ACL-Vlan

permit tcp any any 80



Actions

This Discussion