Hi,
I have a port-group which contains two VMs ( having a single vNIC each) .
Till now I was applying the ACLs to the port-group and VMs worked as per the ACLs. But then I applied a different ACL to the individual vNIC. I assumed that the traffic will be monitored at two levels, at NIC and then at port-group for outwards access from VM and the reverse way for incoming traffic. But it didnt go that way. I observed that the ACL applied to the vNIC was the only deciding factor for both the in and out traffic to that VM. The question is , "is that the expected behaviour ?" and if it is so then in this scenario when does the port-group ACL come in to picture.
Please provide some insight on this behaviour.
Thanks