EasyManuals Logo
Home>Cisco>Switch>AP775A - Nexus Converged Network Switch 5010

Cisco AP775A - Nexus Converged Network Switch 5010 User Manual

Cisco AP775A - Nexus Converged Network Switch 5010
1486 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #892 background imageLoading...
Page #892 background image
Send documentation comments to mdsfeedback-doc@cisco.com
42-10
Cisco MDS 9000 Family Fabric Manager Configuration Guide
OL-17256-03, Cisco MDS NX-OS Release 4.x
Chapter 42 Configuring IPv4 and IPv6 Access Control Lists
Applying an IP-ACL to an Interface
Applying an IP-ACL to an Interface
You can define IP-ACLs without applying them. However, the IP-ACLs will have no effect until they are
applied to an interface on the switch. You can apply IP-ACLs to VSAN interfaces, the management
interface, Gigabit Ethernet interfaces on IPS modules and MPS-14/2 modules, and Ethernet PortChannel
interfaces.
Tip Apply the IP-ACL on the interface closest to the source of the traffic.
When you are trying to block traffic from source to destination, you can apply an inbound IPv4-ACL to
M0 on Switch 1 instead of an outbound filter to M1 on Switch 3 (see
Figure 42-6).
Figure 42-6 Denying Traffic on the Inbound Interface
The access-group option controls access to an interface. Each interface can only be associated with one
IP-ACL per direction. The ingress direction can have a different IP-ACL than the egress direction. The
IP-ACL becomes active when applied to the interface.
Tip Create all conditions in an IP-ACL before applying it to the interface.
Caution If you apply an IP-ACL to an interface before creating it, all packets in that interface are dropped because
the IP-ACL is empty.
The terms in, out, source, and destination are used as referenced by the switch:
• In—Traffic that arrives at the interface and goes through the switch; the source is where it
transmitted from and the destination is where it is transmitted to (on the other side of the router).
Tip The IP-ACL applied to the interface for the ingress traffic affects both local and remote traffic.
• Out—Traffic that has already been through the switch and is leaving the interface; the source is
where it transmitted from and the destination is where it is transmitted to.
Tip The IP-ACL applied to the interface for the egress traffic only affects local traffic.
traffic
source
Switch 1 Switch 2 Switch 3
traffic
destination
M0 M1
120711

Table of Contents

Other manuals for Cisco AP775A - Nexus Converged Network Switch 5010

Preview: Reference
Reference886 pages
Preview: Command Reference
Command Reference792 pages
Preview: Release Note
Release Note26 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco AP775A - Nexus Converged Network Switch 5010 and is the answer not in the manual?

Cisco AP775A - Nexus Converged Network Switch 5010 Specifications

General IconGeneral
BrandCisco
ModelAP775A - Nexus Converged Network Switch 5010
CategorySwitch
LanguageEnglish

Related product manuals