Running Hybrid mode SUPII/PFCII/MSFCII To my understanding with MLS (PFC 1), the IOS ACL determines the flow mask. And since it is route once switch many, any packets that match a deny statement will be denied and the enable packet will never make it. The full flow entry will not be in the MLS cache.
With CEF (PFC 2) if there is an adjacency for the destination host, to my understanding, that packet will never be routed. It show just be rewritten by the PFC 2 (SP). If all this correct than these are my questions. 1. How does an IOS ACL affect the rewrite on the switch? 2. Where on the switch (SP) can I see that it knows an IOS ACL is there? 3. Is changing the flow mask on PFC 2(SP) just for Netflow stats. Applying an IOS ACL had no effect on the flow mask. Thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63136&t=63136 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]