A VACL is an Access Control List (ACL) that is applied to a VLAN rather than an interface. This type of ACL can be used to match traffic, which is forwarded to its destination for capture, and then sent to a monitoring device. VACLs are processed in hardware and applied to packets that are bridged on a VLAN or that enter the VLAN from a Layer 3 process.
VACLs are applied as a VLAN processes a packet, which prevents duplication of intra-VLAN traffic. You can create custom filters for VACLs to limit the traffic that is captured. VACLs are supported on Cisco 6500 and 4500 (IOS only) series switches. Capturing data from a VACL is not supported on the 4500 series switch.
A VACL does not consume a SPAN session
Use VACLs only when everyone involved is aware of the risk of misconfiguration and is committed to avoiding this possibility through peer-review of proposed configurations. If VACLs are not an acceptable risk for your organization, consider implementing filtered port SPAN to VACL a copy of production traffic. Or consider using Multi-Port Monitor or a SPAN aggregation tool available from such vendors as Anue Systems and Gigamon.
Important: Use VACLs to capture traffic only from Layer 3 and Layer 4. VACL capture is not recommended for GigaStor deployments, for which the intent is to capture all traffic, including Layer 2 issues.
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|