Service Policies

A service policy is applied to a zone pair. The zone pair represents a unidirectional flow of traffic between two zones. A specific zone pair can have only a single service policy assigned to it. Because the zone pair is unidirectional, the policy map applied to the zone pair (using the service-policy command) applies to traffic initiated in one zone going to the other zone in one direction. If reply traffic is desired, the inspect action in the policy map should be applied, which will allow stateful inspection, and the reply traffic from the servers will be dynamically allowed (because of the stateful database being referenced).

When a router receives a packet, it normally makes a routing decision and then forwards that packet ...

