What is a characteristic of a VLAN map that does not contain a match clause?

A.
Implicit deny feature at end of list

B.
Implicit forward feature at end of list

C.
Can only be implemented by the input direction within the VLAN

D.
Can only be implemented by the output direction within the VLAN

Show Hint

← Previous question

Next question →

Leave a Reply 6

This is not correct – they have an implicit deny all feature at the end!

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-0SY/configuration/guide/15_0_sy_swcg/vlan_acls.html#wp1149699
VACLs have an implicit deny at the end of the map; a packet is denied if it does not match any ACL entry, and at least one ACL is configured for the packet type.

Pravin

If an empty or undefined ACL is specified in a VACL, any packets will match the ACL, and the associated action is taken.

In A VLAN MAP if you dont have a match clause.

(config)#vlan access-map Test 10
(config-access-map)#action {forward/drop}

so answer B is correct

all addresses are matched and corresponding action {forward/drop} is taken.

richard

Pravin,

the questions is “What is a characteristic of a VLAN map that does not contain a match clause?” it didn’t say empty or undefined.
therefore you are wrong. understand the question, pls.

Hardi

for this question the correct answer is (A).
’cause you don’t have and ACL defined, by then the result will be dropping!

certprepare

VACLs have an implicit deny at the end of the map; a packet is denied if it does not match any ACL entry, provided that the access map contains at least one “match” clause.

If you configure like this:
Switch(config)# vlan access-map test
Switch(config-access-map)#match ip address ABC
Switch(config-access-map)#action forward
Switch(config-access-map)#exit

Then all unmatched traffic will be dropped because of an implicit “deny all” at the end of the VACL.

But if there is NOT A MATCH statement, then the default behavior of the VACL is the forward traffic. If you configure like this:
Switch(config)# vlan access-map test
Switch(config-access-map)#exit

Then “show run” you will find an “action forward” automatically placed under the vlan access-map command -> Answer C is correct.

Tarun

Certprepare — You mean B is correct !! 😛