[nsp] ip verify unicast not logging in ACL
Daniel Roesen
dr at cluenet.de
Wed Nov 12 09:39:03 EST 2003
On Wed, Nov 12, 2003 at 02:56:48PM +0100, Tomas Daniska wrote:
> hey deeae-aergh :)
dhie-tschaj!
> acl 'log' line gets the packet out of cef. and - iirc - urpf is a cef
> feature. that's why "it's not a bug"
Well, if you can CONFIGURE it (without a warning in the log or something
like that) and it DOESN'T WORK, then it's IMNSHO a bug. They could make
the fail-ACL punt to-be-logged packets to the CPU, like for many other
features.
> did they manage to make acl logging be cef-supported within this ddts or
> is it an urpf-specific solution?
No idea, the bugID is not visible.
Best regards,
Daniel
More information about the cisco-nsp
mailing list