Remarks that do not have a corresponding rule are incremented as a rule. These two mechanisms allow remarks to retain their originalposition in the list. The following example shows remark 10 corresponding to rule 10 and as such, they have the same number before andafter the command is entered. Remark 4 is incremented as a rule, and all rules have retained their original positions.Dell(config-ext-nacl)# show config!ip access-list extended testremark 4 XYZremark 5 this remark corresponds to permit any host 1.1.1.1seq 5 permit ip any host 1.1.1.1remark 9 ABCremark 10 this remark corresponds to permit ip any host 1.1.1.2seq 10 permit ip any host 1.1.1.2seq 15 permit ip any host 1.1.1.3seq 20 permit ip any host 1.1.1.4Dell# endDell# resequence access-list ipv4 test 2 2Dell# show running-config acl!ip access-list extended testremark 2 XYZremark 4 this remark corresponds to permit any host 1.1.1.1seq 4 permit ip any host 1.1.1.1remark 6 this remark has no corresponding ruleremark 8 this remark corresponds to permit ip any host 1.1.1.2seq 8 permit ip any host 1.1.1.2seq 10 permit ip any host 1.1.1.3seq 12 permit ip any host 1.1.1.4Route MapsAlthough route maps are similar to ACLs and prefix lists in that they consist of a series of commands that contain a matching criterion andan action, route maps can modify parameters in matching packets.Implementation InformationACLs and prefix lists can only drop or forward the packet or traffic. Route maps process routes for route redistribution. For example, a routemap can be called to filter only specific routes and to add a metric.Route maps also have an “implicit deny.” Unlike ACLs and prefix lists; however, where the packet or traffic is dropped, in route maps, if aroute does not match any of the route map conditions, the route is not redistributed.The implementation of route maps allows route maps with the no match or no set commands. When there is no match command, all trafficmatches the route map and the set command applies.Flow-Based Monitoring Support for ACLsFlow-based monitoring conserves bandwidth by monitoring only the specified traffic instead of all traffic on the interface. It is available forLayer 2 and Layer 3 ingress traffic. You can specify traffic using standard or extended access-lists. This mechanism copies incomingpackets that matches the ACL rules applied on the ingress port and forwards (mirrors) them to another port. The source port is themonitored port (MD) and the destination port is the monitoring port (MG).The port mirroring application maintains and performs all the monitoring operations on the chassis. ACL information is sent to the ACLmanager, which in turn notifies the ACL agent to add entries in the CAM area. Duplicate entries in the ACL are not saved.134 Access Control Lists (ACLs)