Limits network traffic to increase network performance.
ACLs provides traffic flow control by restricting the delivery of routing updates.
It can be used as additional security.
Controls which type of traffic are forwarded or blocked by the router.
Ability to control which areas a client access.ACL Configuration Guidelines Only one ACL per interface, per protocol, per direction is allowed.
ACLs are processed top-down; the most specific statements must go at the top of the list. Once
a packet meets the ACL criteria, the ACL processing stops and the packet is either permitted or
denied.
ACLs are created globally and then applied to interfaces.
An ACL can filter traffic going through the router, or traffic to and from the router.
All ACLs have an implicit “deny all” statement at the end. Therefore, every ACL must have at
least one permit statement to allow any traffic to pass.
Extended ACL
Extended Access Control Lists (ACLs) allow you to permit or deny traffic from specific IP
addresses to a specific destination IP address and port. It also allows you to specify different types
of traffic such as ICMP, TCP, UDP, etc.Extended ACLs were introduced in Cisco IOS Software Release 8.3. Extended ACLs control
traffic by the comparison of the source and destination addresses of the IP packets to the addresses
configured in the ACL. 100 ~ 199, 2000 ~ 2699
Must be near the SOURCE
Port & Protocol specific