Routing TCP/IP, Volume I (CCIE Professional Development)

Calling the Access List

An access list does nothing unless packets are sent to it by a calling command, which defines how the access list is to be used. One such command is:

ip access-group access-list-number {in|out}

This command is configured on an interface to create security or traffic filters and may be applied to incoming or outgoing traffic. If neither the in nor the out keyword is specified, the filter defaults to outgoing. The access list number, of course, is the access list to which this command will send packets. Figure B.9 shows two configurations of this command.

Figure B.9. The ip access-group command uses the specified access list to create a filter on an interface for either incoming or outgoing packets.

Access list 1 in ...

Get Routing TCP/IP, Volume I (CCIE Professional Development) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Routing TCP/IP, Volume I (CCIE Professional Development) by Jeff Doyle

Calling the Access List

Figure B.9. The ip access-group command uses the specified access list to create a filter on an interface for either incoming or outgoing packets.

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly