[nsp] Cisco 6500 MSFC goes nuts when access-lists are applied

From: Rubens Kuhl Jr. (rkuhljr@uol.com.br)
Date: Fri Jun 09 2000 - 21:08:20 EDT


Hi.

I'm trying to runge large ACLs on 6500/PFC/MSFC; they are large enough to
overflow the logic processing of the PFC, so they must be software processed
within the MSFC.

The problem is when those large ACLs are applied, the switch tries to map
them to multi-layer switching first; after two minutes of MSFC at 100% it
comes to the right solution of switch ingress/egress traffic directly to the
MSFC. This makes the loading or changing of ACLs almost a downtime... I've
tried to disable MLS at vlan level and globally, with no effect: it always
do the same.

Any experiences on that ? Target scenario is using PFC in VLANs with no or
small ACLs, and forcibly using MSFC to the others.

Rubens Kuhl Jr.



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:13 EDT