Ok one difference
ip accounting access-violations
will log all violations on the complete access-list
this can be viewed using
sho ip accounting access-violations
whereas you could have an access-list 100 lines long but only want to log
violations for one line
this is where you put log at the end of that line
access-list 123 deny icmp any any log
james
PS- thought of another one - first cant be timestamped second one can !
-----Original Message-----
From: ccie2be [mailto:ccie2be@xxxxxxxxxx]
Sent: 08 December 2004 13:02
To: Group Study
Subject: Tracking packets denied by a ACL
Hi guys,
I'm trying to figure out the difference between using the log keyword at the
end of an acl entry versus
using the interface command, ip accounting access-violations.
They both seem like they do pretty much the same thing, so I'm not that clear
on when I should use one versus the other.
If any of you have some ideas about this, I'd like to hear from you because
I'd hate to lose points on something like this in the lab.
Also, which method do people think is better for a production network?
TIA, Tim
_______________________________________________________________________
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
**********************************************************************
*********** Department of Agriculture and Food ***************
The information contained in this email and in any
attachments is confidential and is designated solely
for the attention and use of the intended recipient(s).
This information may be subject to legal and professional
privilege. If you are not an intended recipient of
this email, you must not use, disclose, copy,
distribute or retain this message or any part of it.
If you have received this email in error, please
notify the sender immediately and delete all copies of
this email from your computer system(s).
**********************************************************************
