Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

4506 switch access-list question

I wanted to see what access-lists we had. Does anyone know what these entries are? They don't seem to be applied to an interface.

4506_Core#sh ip access-l

Extended IP access list system-cpp-all-routers-on-subnet

10 permit ip any host 224.0.0.2

Extended IP access list system-cpp-all-systems-on-subnet

10 permit ip any host 224.0.0.1

Extended IP access list system-cpp-dhcp-cs

10 permit udp any eq bootpc any eq bootps

Extended IP access list system-cpp-dhcp-sc

10 permit udp any eq bootps any eq bootpc

Extended IP access list system-cpp-dhcp-ss

10 permit udp any eq bootps any eq bootps

Extended IP access list system-cpp-igmp

10 permit igmp any 224.0.0.0 31.255.255.255

Extended IP access list system-cpp-ip-mcast-linklocal

10 permit ip any 224.0.0.0 0.0.0.255

Extended IP access list system-cpp-ospf

10 permit ospf any 224.0.0.0 0.0.0.255

Extended IP access list system-cpp-pim

10 permit pim any 224.0.0.0 0.0.0.255

Extended IP access list system-cpp-ripv2

10 permit ip any host 224.0.0.9

1 REPLY
Blue

Re: 4506 switch access-list question

Mike:

To use access lists, one first has to create them in global configuration mode and then apply them to a certain interface. That is if you want to use the access lists to filter traffic through that interface.

However, access lists are also used with route maps, QoS implementations and also in other cases. So, before deleting any access lists, make sure they are not being referenced anywhere in the config.

HTH

129
Views
0
Helpful
1
Replies