top of page
Search
Writer's picturePASS HOT

ccie r&s dumps Difference between IN and OUT in Cisco ACL

Recommend PASSHOT for everyone, this is a website with a lot of articles about Cisco technology, and if you want to test Cisco CCIE Written exam or Cisco CCIE LAB exam, you can consult here, you can guarantee 100% pass the exam.


In and out are relative, for example: A(s0)-----(s0)B(s1)--------(s1)C Suppose you want to reject A to access C now, and assume that you are required Is to do ACL on B (of course C can also), we replaced this topology with an example: B's s0 port is the front door, s1 port is the back door, the whole B is your living room, the front door is connected to the A, the living room The back door is connected to your home vault (C)

In and out are relative, such as:

A(s0)-----(s0)B(s1)--------(s1)C

Suppose you want to deny A to access C now, and assuming you are asking for an ACL on B (of course C can also be), we replace this topology with an example:

The s0 port of B is the front door, the s1 port is the back door, the whole B is your living room, the front door is connected to A, and the back door of the living room is connected to your treasury (C).

Now to refuse the thief to come in from A, then you have to set up in your living room, there are 2 ways:

1. In your living room (B) front door (B s0) an iron gate (ACL), not let the thief come in (in), so that you can achieve the purpose

2. In the back door of your living room, there is an iron gate (s1 of B). Although the thief enters your living room, you still can't go out from the back door to your treasury (C).

Although these two methods (in / out) can achieve efficiency, but from a performance point of view, there is still a difference, in fact, the best way is to choose method 1, just like the thief did not enter the vault, at least into In your living room (B), dirty the carpet in your living room (B will consume some extra unnecessary treatment)

Suppose you want to install the iron gate (ACL) in C. Should you use in or out?

This question is left to you to answer, hehe

Relative to the router, the router that crosses the router is about to enter

Expand acl, close to the source, standard acl close to the target address

In fact, the application of in and out is very flexible.

(The above information is what I saw on a website about the Internet, including information about CCIE routing and switching, security, wireless, big data, etc., I recommend you to visit)

0 views0 comments

Recent Posts

See All

コメント


文章: Blog2_Post
bottom of page