EasyManuals Logo

Cisco Catalyst 2960 Series User Manual

Cisco Catalyst 2960 Series
2288 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1320 background imageLoading...
Page #1320 background image
Note
The ACL Support for Filtering IP Options feature can be used only with named, extended ACLs.
Resource Reservation Protocol (RSVP) Multiprotocol Label Switching Traffic Engineering (MPLS
TE), Internet Group Management Protocol Version 2 (IGMPV2), and other protocols that use IP
options packets may not function in drop or ignore mode if this feature is configured.
On most Cisco devices, a packet with IP options is not switched in hardware, but requires control
plane software processing (primarily because there is a need to process the options and rewrite the
IP header), so all IP packets with IP options will be filtered and switched in software.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
ip access-list extended access-list-name
4.
[sequence-number] deny protocol source source-wildcard destination destination-wildcard [option
option-value] [precedence precedence] [tos tos] [log] [time-range time-range-name] [fragments]
5.
[sequence-number] permit protocol source source-wildcard destination destination-wildcard [option
option-value] [precedence precedence] [tos tos] [log] [time-range time-range-name] [fragments]
6.
Repeat Step 4 or Step 5 as necessary.
7.
end
8.
show ip access-lists access-list-name
DETAILED STEPS
PurposeCommand or Action
Enables privileged EXEC mode.enable
Step 1
Example:
Device> enable
Enter your password if prompted.
Enters global configuration mode.configure terminal
Example:
Device# configure terminal
Step 2
Specifies the IP access list by name and enters named access
list configuration mode.
ip access-list extended access-list-name
Example:
Device(config)# ip access-list extended mylist1
Step 3
(Optional) Specifies a deny statement in named IP access list
mode.
[sequence-number] deny protocol source
source-wildcard destination destination-wildcard
Step 4
[option option-value] [precedence precedence] [tos
tos] [log] [time-range time-range-name] [fragments]
This access list happens to use a denystatement first, but
a permit statement could appear first, depending on the
order of statements you need.
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1238
How to Configure ACL Support for Filtering IP Options

Table of Contents

Other manuals for Cisco Catalyst 2960 Series

Preview: Datasheet
Datasheet21 pages
Preview: Brochure & Specs
Brochure & Specs10 pages
Preview: Product Bulletin
Product Bulletin5 pages
Preview: Specifications
Specifications2 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 2960 Series and is the answer not in the manual?

Cisco Catalyst 2960 Series Specifications

General IconGeneral
LayerLayer 2
Power over Ethernet (PoE)Available on some models
RAM128 MB
Flash Memory32 MB
MAC Address Table Size8000
Operating Temperature0°C to 45°C (32 to 113°F)
Ports24 or 48 x 10/100/1000

Related product manuals