Access Control List

An Access Control List (ACL) is a set of rules defined to filter the network traffic. Each ACL is assigned a unique name.

Packet filtering and traffic flow through the network are managed with ACLs, which contain rules that you configure for that purpose. Incoming packets are matched against the entries in ACL. Packets are forwarded or dropped based on criteria specified in ACL. The unique sequence number of each entry indicates the order that the packet will be matched against rules in the ACL. The lower the sequence ID, the earlier the rule will be checked against the packet. Care should be taken when designing the ACLs being used to prevent a lower-sequence ID from matching all the traffic desired for a higher sequence ID.

ACLs are classified as MAC (Layer 2), IPV4 (Layer 3), or IPv6 (Layer 3) access list based on the matching keys. If incoming packets match both Layer 2 and Layer 3 ACLs, Layer 3 ACLs in the same route-map stanza are prioritized and actions associated with L3 ACLs are applied.