seq 10 permit ip any host 1.1.1.3seq 12 permit ip any host 1.1.1.4Route MapsAlthough route maps are similar to ACLs and prefix lists in that they consist of a series of commands thatcontain a matching criterion and an action, route maps can modify parameters in matching packets.Implementation InformationACLs and prefix lists can only drop or forward the packet or traffic. Route maps process routes for routeredistribution. For example, a route map can be called to filter only specific routes and to add a metric.Route maps also have an “implicit deny.” Unlike ACLs and prefix lists; however, where the packet or trafficis dropped, in route maps, if a route does not match any of the route map conditions, the route is notredistributed.The implementation of route maps allows route maps with the no match or no set commands. Whenthere is no match command, all traffic matches the route map and the set command applies.Flow-Based Monitoring Support for ACLsFlow-based monitoring is supported on the platform.Flow-based monitoring conserves bandwidth by monitoring only the specified traffic instead of all trafficon the interface. It is available for Layer 2 and Layer 3 ingress traffic. You can specify traffic using standardor extended access-lists. This mechanism copies incoming packets that matches the ACL rules appliedon the ingress port and forwards (mirrors) them to another port. The source port is the monitored port(MD) and the destination port is the monitoring port (MG).The port mirroring application maintains and performs all the monitoring operations on the chassis. ACLinformation is sent to the ACL manager, which in turn notifies the ACL agent to add entries in the CAMarea. Duplicate entries in the ACL are not saved.When a packet arrives at a port that is being monitored, the packet is validated against the configuredACL rules. If the packet matches an ACL rule, the system examines the corresponding flow processor toperform the action specified for that port. If the mirroring action is set in the flow processor entry, thedestination port details, to which the mirrored information must be sent, are sent to the destination port.When a stack unit is reset or a stack unit undergoes a failure, the ACL agent registers with the portmirroring application. The port mirroring utility downloads the monitoring configuration to the ACLagent. The interface manager notifies the port mirroring application about the removal of an interfacewhen an ACL entry associated with that interface to is deleted.Behavior of Flow-Based MonitoringActivate flow-based monitoring for a monitoring session by entering the flow-based enablecommand in the Monitor Session mode. When you enable this capability, traffic with particular flows thatare traversing through the ingress interfaces are examined, and appropriate ACLs can be applied in theingress direction. By default, flow-based monitoring is not enabled.Access Control Lists (ACLs) 123