Re: IP ACL --- MPLS/VPLS

Sherif Atef Ahmed Ismail · ‎01-04-2012

Dears

I would like your assistance regarding below plz

when I configure "access-list permit ip any any"

Actually this will permit all IP packets

However what about L2 protocols/packets as MPLS, VPLS, ... etc

Will it match ? According to lab I made, It didnt match but packets were permitted

So this means, If I configured this access-list under any interface

It will only filter IP packets & all other protocols rather than IP (as MPLS, VPLS or even IPX) will not be filtered & will be permitted normally

Am I correct ?

Many Thanks

Sherif Ismail

Edison Ortiz · ‎01-04-2012

MPLS adjancencies will use TCP port 646 for LDP so an IP ACL will affect it.

Jeff Van Houten · ‎01-04-2012

certainly ipx is unaffected. There are separate acls for ipx.

Sent from Cisco Technical Support iPad App

Sherif Atef Ahmed Ismail · ‎01-04-2012

Thanks Edison/Jeff

@ Edison

what about mpls traffic that passes after LDP adjancies are up

So this means my statment is right , correct ?

So this means, If I configured this access-list under any interface It will only filter IP packets & all other protocols rather than IP (as MPLS, VPLS or even IPX) will not be filtered & will be permitted normally

Many Thanks

Sherif Ismail

Edison Ortiz · ‎01-05-2012

MPLS transport itself won't be affected.

Sherif Atef Ahmed Ismail · ‎01-05-2012

Thanks Edison