[nsp] Compiled Access Lists 7500's
Manolo Hernandez
manolo at dialtone.com
Tue Jan 7 16:31:28 EST 2003
It was a 10 line ACL that when initially added to interface did not
catch an IP address that we knew was coming in on that interface. We
have VIP4-80s with 10-12% CPU so I don't think that was the problem.
On Tue, 2003-01-07 at 16:52, Dmitri Kalintsev wrote:
> What do you mean by "take effect"? Every time you change a compiled ACL, all
> compiled ACLs are recompiled anew, and on 7500 it is done on per-VIP basis,
> so if you have slow VIPs it may take a while for them to do it for large
> number of ACL lines.
>
> On Tue, Jan 07, 2003 at 01:47:48PM -0500, Manolo Hernandez wrote:
> > Is it a known issue that when an Extended access-list that is compiled
> > is removed and modified for the changes to that ACL to take say 5
> > minutes to take effect? I had this strange pop on me today and wanted to
> > know if anyone else had this problem. BTW I am running 12.2.8T5 Service
> > Provider.
> ---end quoted text---
>
> SY,
--
Manolo Hernandez - Network Administrator
Dialtone Interland - Extremely Fast Linux Web Servers
phone://305-717-6650 fax://
mailto:manolo@dialtone.com http://www.dialtone.com
"The only source of knowledge is experience." - A. Einstein
More information about the cisco-nsp
mailing list