Packet flow through a Cisco Router – Simple View

INSIDE-to-OUTSIDE

insideoutside

Complete list from cisco:

  1. If IPSec then check input access list
  2. decryption – for CET (Cisco Encryption Technology) or IPSec
  3. check input access list
  4. check input rate limits
  5. input accounting
  6. redirect to web cache
  7. policy routing
  8. routing
  9. NAT inside to outside (local to global translation)
  10. crypto (check map and mark for encryption)
  11. check output access list
  12. inspect (Context-based Access Control (CBAC))
  13. TCP intercept
  14. encryption
  15. Queueing

 

OUTSIDE-to-INSIDE

outsideinside

Complete list from cisco

  1. If IPSec then check input access list
  2. decryption – for CET or IPSec
  3. check input access list
  4. check input rate limits
  5. input accounting
  6. redirect to web cache
  7. NAT outside to inside (global to local translation)
  8. policy routing
  9. routing
  10. crypto (check map and mark for encryption)
  11. check output access list
  12. inspect CBAC
  13. TCP intercept
  14. encryption
  15. Queueing

These lists is import to know the changes made in the ip headers as it flows through the router. For example you may be expecting a source address in an outbound ACL that has already been natted to something else.

Until next post stay good.

Advertisements

One thought on “Packet flow through a Cisco Router – Simple View

Comments are closed.