[nsp] ip verify unicast not logging in ACL

Tomas Daniska tomas at tronet.com
Wed Nov 12 08:56:48 EST 2003

hey deeae-aergh :)

> -----Original Message-----
> From: Daniel Roesen [mailto:dr at cluenet.de] 
> Sent: 12. novembra 2003 14:26
> To: Cisco Nsp
> Subject: Re: [nsp] ip verify unicast not logging in ACL
> And yes, I've also run into the "no logging" bug. Cisco claims this
> is a "feature":
>  "The log ACL option is not supported if used in conjunction 
> with uRPF,
>  bug ID: cscdz05440, this bug is to fix the documentation. This is why
>  your ACL is not showing any matches."

acl 'log' line gets the packet out of cef. and - iirc - urpf is a cef
feature. that's why "it's not a bug"
>  "It seems the ACL logging is fixed by bug cscdz05443. I am currently
>  confirming this and will let you know."
did they manage to make acl logging be cef-supported within this ddts or
is it an urpf-specific solution? if the former is the answer, many other
things could work now with acl logging... anyone from cisco to



More information about the cisco-nsp mailing list