Which statement about the configuration and application of port access control lists is true?
A.
PACLs can be applied in the inbound or outbound direction of a Layer 2 physical
interface.
B.
At Layer 2, a MAC address PACL takes precedence over any existing Layer 3 PACL.
C.
When you apply a port ACL to a trunk port, the ACL filters traffic on all VLANs present on
the trunk port.
D.
PACLs are not supported on EtherChannel interfaces.
Explanation:
The PACL feature provides the ability to perform access control on specific Layer 2 ports. A
Layer 2 port is a physical LAN or trunk port that belongs to a VLAN. PACLs are applied only
on the ingress traffic. The PACL feature is supported only in hardware (PACLs are not
applied to any packets routed in software). When you create a PACL, an entry is created in
the ACL TCAM. You can use the show tcam counts command to see how much TCAM
space is available. The PACL feature does not affect Layer 2 control packets received on the
port.
Reference:
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/
vacl.pdf