Hi I'm looking for a good documentation or description of extended acls. Specifically
the following aspects-
if I deny tcp any any
then permit ip any any
what happens to udp traffic..? denied or permitted
How about if I create a new extended acl, then permit pim any any. What happens to
the other protocols like ip,tcp,igmp,... are they implicitly denied?
R5(config)#access-list 101 permit ?
<0-255> An IP protocol number
ahp Authentication Header Protocol
eigrp Cisco's EIGRP routing protocol
esp Encapsulation Security Payload
gre Cisco's GRE tunneling
icmp Internet Control Message Protocol
igmp Internet Gateway Message Protocol
ip Any Internet Protocol
ipinip IP in IP tunneling
nos KA9Q NOS compatible IP over IP tunneling
ospf OSPF routing protocol
pcp Payload Compression Protocol
pim Protocol Independent Multicast
tcp Transmission Control Protocol
udp User Datagram Protocol
If you only permit PIM, then only PIM will be permitted. If you permit IP, then all IP would be permitted. As you said, IP is a parent protocol of any other payload protocol (0-255). It just happens that we call some of these protocol numbers by name like ahp, icmp, eigrp, tcp and so on.