- An ACL applied to a VLAN has lower precedence then one applied to a port. Example: As an example of precedence among interface types, suppose a physical port 1:2 is a member port of
the VLAN yellow. ACLs could be configured on the port, either singly or as part of a port list, on the
VLAN yellow, and on all ports in the switch (the wildcard ACL). For all packets crossing this port, the
port-based ACL has highest precedence, followed by the VLAN-based ACL and then the wildcard ACL
ACL Slices(Hardware Resources):
- ACLs applied to a VLAN are actually applied to all ports on the switch, without regard to VLAN membership. That is done so there is no refreshing of the policy or reboot required when changing the configuration of ports in that VLAN(adding/removing ports).