[afnog] Cisco ACL
Mark Tinka
mtinka at globaltransit.net
Thu May 27 16:35:07 UTC 2010
On Friday 28 May 2010 12:09:50 am Alan Whinery wrote:
> Also take special note of the effects of acl logging on
> cpu load; if you put "log" at the end, your fast
> switching scheme (cef, et al) can get bypassed.
Would only generally recommend logging if you're
troubleshooting your service, and keep it off as a default,
otherwise.
Depending on your platform, ACL logging can be done in the
hardware path, i.e., logging does not affect your CPU, but
is instead handled in the data plane. Of course, this is
only supported on a few platforms (usually those that
support hardware-based forwarding).
Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://afnog.org/pipermail/afnog/attachments/20100528/6537d0ba/attachment.pgp>
More information about the afnog
mailing list