[c-nsp] Slammer (1434) attack
Rodney Dunn
rodunn at cisco.com
Mon Dec 27 09:36:35 EST 2004
>Now I am unsure whether access-list logging has anything to do with
>the load on the cpu. How is it going to affect the performance of the
>switch. And interestingly, what happens in case of a router like a
>75xx, incase logging is enabled?
You never want packets punted out of the interrupt switching
vector. If you want to log packets that get dropped via
an ACL on a software forwarding platform use Netflow and
match on DST interface of NULL.
How much punting hurts the CPU is just like answering
a scalability question...it depends.
Rodney
More information about the cisco-nsp
mailing list