I need to make sure that on 1 trunk port all DHCP request/responses will not pass. In the documentation for 3750 they say that extended ip ACL can be assigned to L2 port as input ACL, if the port is trunk then traffic for all VLANs will be filtered. To prove it I created following ip extended ACL:
permit udp any eq bootps any
permit ip any any
and I assigned it as ip access-group ACL on L2 trunk port.
However I can not see any match and also permit ip any any hits are far away from all incoming packets counter that interface. Am I missing something?
Thanks and Regards,