[nsp] turboACL

Haesu haesu at towardex.com
Tue Oct 7 19:56:20 EDT 2003


Thanks to all those who replied. I did activate turboACL and looks like no problems at all.

I can't see any difference in CPU usage, but then again this is NPE-G1, where ever since we got it installed, I haven't seen it go more than 5% cpu usage ever in such a farily small amount traffic being pushed right now.

-hc

-- 
Haesu C.
TowardEX Technologies, Inc.
Consulting, colocation, web hosting, network design and implementation
http://www.towardex.com | haesu at towardex.com
Cell: (978)394-2867     | Office: (978)263-3399 Ext. 170
Fax: (978)263-0033      | POC: HAESU-ARIN

On Tue, Oct 07, 2003 at 02:58:35PM -0500, Basil Kruglov wrote:
> On Tue, Oct 07, 2003 at 03:21:49PM -0400, Haesu wrote:
> > Is anyone here using TurboACL with successful experience? I've read
> > Cisco.com and ISP Essentials docs about TuroACL and its benefits,etc and I
> > also did some Google search and found some people where bitten by bugs in
> > certain IOS versions, etc.. I'd like to know if there is anyone here on
> > this list who's using turboACL w/o problems, and seeing expected
> > benefits..
> > 
> > I'm in need of applying a 57 lines long ACL toward a customer interface on
> > a 7206VXR/NPE-G1 box, but it doesn't have 'access-list compiled' activated
> > yet (since I never had a need to put up an access-list that goes beyond 6
> > lines to be beneficial from turboacl, on that box).
> 
> I've had quite successful experience running it on VXR/NPE300, it helped *a
> bit* on long ACLs + during DoS attacks. I don't know about NPE-G1, but with
> NPE300 there was no significant improvement during high pps attacks (of
> course this is due to NPE300 architecture). I'm sure your results will vary,
> NPE-G1 is way faster than NPE300.
> 
> -Basil @ CIFNet
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list