Thanks for Bob Wong for putting this together:
E-series
|
A-series
|
Cisco
|
|
RACL
|
Applied to vlan interface
controls routed traffic in/out |
Applied to vlan interface or port
Controls routed traffic in/out
|
Applied to vlan interface
controls routed traffic in/out
|
VACL
|
Applied to vlan interface
ip-access group … vlan (implicit deny at end)
controls all traffic within and out VLAN, not in
To create approximation of Cisco VACL, also add outbound
RACL on vlan interface
|
Applied to vlan interface
Packet-filter (implicit permit at end)
Controls all routed traffic in and out of all ports in
the VLAN, not switched
To create approximation of Cisco VACL, use inbound PACL
instead
|
Access-list
Vlan-access map
vlan filter
Controls within, out, routed into the VLAN
from another VLAN
|
PACL
|
Applied to port
Controls traffic in, not out
|
Applied to port
controls traffic in/out |
Applied to port
controls traffic in/out |
No comments:
Post a Comment