ابدأ بالتواصل مع الأشخاص وتبادل معارفك المهنية

أنشئ حسابًا أو سجّل الدخول للانضمام إلى مجتمعك المهني.

متابعة

On what router and on which interface you prefer to configure the ACL(access control list), close to source or destination and in which situation?

user-image
تم إضافة السؤال من قبل Saqib Mehmood , Technical Team Lead/Safety Supervisor , Xchange Technology Group
تاريخ النشر: 2013/12/06
Mostafa Khamies Dakam
من قبل Mostafa Khamies Dakam , Network Specialist , Libyan Fertilizer Company

I Agree with Khaled Omar, it depends on purpose you need, Standard ACLs should be implemented as close as possible to the destination, and Extended ACLs is close to the source to reduce traffic load.

Khaled Omar
من قبل Khaled Omar , Senior Service Delivery Engineer , Dell Technologies

Actually it depends on the type of ACL used, whether it is Standard or Extended.

 

If it is Standard, then you should configure the ACL close to the destination to prevent discarding packets that you don't want to be discarded.

 

If it is Extended, then you should configure the ACL close to the source to discard packets faster. 

Chandrasiri Guanaratna
من قبل Chandrasiri Guanaratna , IT Manager , Computerland International

Access list should be applied closer to the source for OUT BOUND trafic  and therefore inside interface  note  there is a implicit deny ip any any at the end of the ACL ,

However if you need to control IN BOUND  traffic then it must be applied to the outside

both the case command  applying on the interface would be ip access-group101 in

 

 

المزيد من الأسئلة المماثلة