Which statement about the configuration and application of port access control lists is true?

Which statement about the configuration and application of port access control lists is true?

Which statement about the configuration and application of port access control lists is true?

A.
PACLs can be applied in the inbound or outbound direction of a Layer 2 physical interface.

B.
At Layer 2, a MAC address PACL takes precedence over any existing Layer 3 PACL.

C.
When you apply a port ACL to a trunk port, the ACL filters traffic on all VLANs present on the
trunk port.

D.
PACLs are not supported on EtherChannel interfaces.

Explanation:
The PACL feature provides the ability to perform access control on specific Layer 2 ports. A Layer

2 port is a physical LAN or trunk port that belongs to a VLAN. PACLs are applied only on
the ingress traffic. The PACL feature is supported only in hardware (PACLs are not applied to any
packets routed in software). When you create a PACL, an entry is created in the ACL TCAM. You
can use the show tcam counts command to see how much TCAM space is available. The PACL
feature does not affect Layer 2 control packets received on the port.
Reference:
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/vacl.p
df

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *