IP Filtering 101
Filtering the packets being transmitted through a router can be desirable for a number of reasons. Security is usually the first reason that comes to mind. Other reasons to place restrictions on the packets flowing through your routers are protecting your network from malicious denial of service attacks and enforcing your company's routing policies. Access-lists can be defined in one of two ways because the filtering effect has some subtle but important differences. Access-lists can be defined as either enable access, or deny access. Every access-list defined on a Cisco router has an implicit deny any at the end, whether it is configured that way or not. If CPU load on your routers is a concern, you should think a great deal ...
Get Cisco® Router Configuration & Troubleshooting, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.