Which statement is true?

Refer to the exhibit.

Which statement is true?

Refer to the exhibit.

Which statement is true?

A.
IP traffic matching access list ABC is forwarded through VLANs 5-10.

B.
IP traffic matching VLAN list 5-10 is forwarded, and all other traffic is dropped.

C.
All VLAN traffic matching VLAN list 5-10 is forwarded, and all traffic matching access list ABC is
dropped.

D.
All VLAN traffic in VLANs 5-10 that match access list ABC is forwarded, and all other traffic is
dropped.

Explanation:
VLAN maps, also known as VLAN ACLs or VACLs, can filter all traffic traversing a switch. VLAN
maps can be configured on the switch to filter all packets that are routed into or out of a VLAN, or
are bridged within a VLAN. VLAN maps are used strictly for security packet filtering. Unlike router
ACLs, VLAN maps are not defined by direction (input or output).
To create a VLAN map and apply it to one or more VLANs, perform these steps:
• Create the standard or extended IP ACLs or named MAC extended ACLs to be applied to the
VLAN. This access-list will select the traffic that will be either forwarded or dropped by the accessmap. Only traffic matching the ‘permit’ condition in an access-list will be passed to the access-map

for further processing.
• Enter the vlan access-map access-map-name [sequence] global configuration command to
create a VLAN ACL map entry. Each access-map can have multiple entries. The order of these
entries is determined by the sequence. If no sequence number is entered, access-map entries are
added with sequence numbers in increments of 10.
• In access map configuration mode, optionally enter an action forward or action drop. The default
is to forward traffic. Also enter the match command to specify an IP packet or a non-IP packet
(with only a known MAC address), and to match the packet against one or more ACLs (standard
or extended).
• Use the vlan filter access-map-name vlan-list vlan-list global configuration command to apply a
VLAN map to one or more VLANs. A single access-map can be used on multiple VLANs.
Reference:
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/guide/vacl.html#wp1061021

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *