[nsp] turboACL
Basil Kruglov
basil at cifnet.com
Tue Oct 7 15:58:35 EDT 2003
On Tue, Oct 07, 2003 at 03:21:49PM -0400, Haesu wrote:
> Is anyone here using TurboACL with successful experience? I've read
> Cisco.com and ISP Essentials docs about TuroACL and its benefits,etc and I
> also did some Google search and found some people where bitten by bugs in
> certain IOS versions, etc.. I'd like to know if there is anyone here on
> this list who's using turboACL w/o problems, and seeing expected
> benefits..
>
> I'm in need of applying a 57 lines long ACL toward a customer interface on
> a 7206VXR/NPE-G1 box, but it doesn't have 'access-list compiled' activated
> yet (since I never had a need to put up an access-list that goes beyond 6
> lines to be beneficial from turboacl, on that box).
I've had quite successful experience running it on VXR/NPE300, it helped *a
bit* on long ACLs + during DoS attacks. I don't know about NPE-G1, but with
NPE300 there was no significant improvement during high pps attacks (of
course this is due to NPE300 architecture). I'm sure your results will vary,
NPE-G1 is way faster than NPE300.
-Basil @ CIFNet
More information about the cisco-nsp
mailing list