Refer to the exhibit. What will happen to traffic within VLAN 14 with a source address of
172.16.10.5?
A.
The traffic will be forwarded to the router processor for further processing.
B.
The traffic will be dropped.
C.
The traffic will be forwarded to the TCAM for further processing.
D.
The traffic will be forwarded without further processing.
Explanation:
VLAN maps, also known as VLAN ACLs or VACLs, can filter all traffic traversing a switch.
VLAN maps can be configured on the switch to filter all packets that are routed into or out of
a VLAN, or are bridged within a VLAN. VLAN maps are used strictly for security packet
filtering. Unlike router ACLs, VLAN maps are not defined by direction (input or output).
To create a VLAN map and apply it to one or more VLANs, perform these steps:
Create the standard or extended IP ACLs or named MAC extended ACLs to be applied to
the VLAN. This access-list will select the traffic that will be either forwarded or dropped by
the access-map. Only traffic matching the ‘permit’ condition in an access-list will be passed
to the access-map for further processing.
Enter the vlan access-map access-map-name [sequence] global configuration command to
create a VLAN ACL map entry. Each access-map can have multiple entries. The order of
these entries is determined by the sequence. If no sequence number is entered, access-map
entries are added with sequence numbers in increments of 10.
In access map configuration mode, optionally enter an action forward or action drop. The
default is to forward traffic. Also enter the match command to specify an IP packet or a nonIP packet (with only a known MAC address), and to match the packet against one or more
ACLs (standard or extended).
Use the vlan filter access-map-name vlan-list vlan-list global configuration command to apply
a VLAN map to one or more VLANs. A single access-map can be used on multiple VLANs.