What's the difference between these two approaches and which one is recommended in what scenarios?
ip access-list extended ICMP
permit icmp any any
match access-group name ICMP
match protocol ICMP
they do the same thing but by using the match protocol you are leveraging either NBAR if you do it for QoS or PAM if you do it for ZBF.with the ACL you could be more granular by specifying the code and subcode.
Don't forget to rate helpful posts.
I am with the similar query in my mind and ultimately reach to this discussion.
But in CCIE R&S LAB, what should be the correct approach?
Again is there ANY technical functionality difference between these two methods.
In the CCIE lab you can use any technology you wish unless there are restrictions. If they wanted you to use ACLs the task could be worded like "Use a feature that uses the least amount of CPU to perform the task". If they wanted NBAR it could be something like "Use a feature that inspects at layer 7 to perform the classification".
Please rate helpful posts.