[c-nsp] More 6500 questions... Optimized ACL Logging
Phil Mayers
p.mayers at imperial.ac.uk
Tue May 8 12:04:28 EDT 2007
Ian MacKinnon wrote:
> Hi All,
>
> More stupid questions to keep you busy.
>
> Cisco Optimized ACL logging, what is it good for?
If you have an ACL ACE with a log action set, with lots of pps hitting
it, the OAL buffer (to my understanding) absorbs duplicate hits in
*hardware* before they are punted to the MSFC.
I have it working on our boxes (though mostly as a precaution - we don't
have logging enabled on ACLs as a rule)
I have:
logging ip access-list cache rate-limit 300
...in the global config which you may need.
>
> I have 6500s with Sup32, so PFC3B as required according to
> http://www.cisco.com/univercd/cc/td/doc/product/metro/me6500/122zu/sg/acl.htm#wp1035490
>
> I have a simple access list
> ip access-list extended testlogging
> permit ip any any
>
Well, there's no "log" statement there. So OAL won't do anything...
More information about the cisco-nsp
mailing list