Hello, everyone.
Happy to be the first one to make a post here 
I am studying about ACLs for my ENCOR exam and the following piece of information is mentioned in my book:
PACLs have a few restrictions that vary from platform to platform. The following are some
of the most common restrictions:
- PACLs only support filtering incoming traffic on an interface (no outbound filtering support)
- PACLs cannot filter Layer 2 control packets, such as CDP, VTP, DTP, PAgP, UDLD, and
> STP.- PACLs are supported only in hardware.
- PACLs do not support ACLs to filter IPv6, ARP, or Multiprotocol Label Switching
(MPLS) traffic
The highlighted restrictions don’t make much sense to me.
From an architectural perspective, what exactly prevents an ACL that is applied to an L2 interface (so a PACL) from being capable of outbound filtering or filtering IPv6? Sometimes it feels as if these restrictions are made up
Also, why can’t the ACL filter CDP, VTP, etc messages?
//Edit: Rene could filter IPv6 packets inbound here which the following text explains - PACLs have a few restrictions that vary from platform to platform.
Thank you.
David