[c-nsp] TurboACL on Cisco 12000
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Wed Dec 14 23:32:29 EST 2005
Chen, Qinxue <> wrote on Wednesday, December 14, 2005 8:21 PM:
> Hi,
>
> Do you know the consequences when TurboACL failed to dynamically
> allocate enough memory on the line card for the ACL lookup table?
> Would it fail over to linear search the ACL entries or just fail to
> process the ACL entries in general? Thanks
you can check the current status by issuing "show access-list compiled"
on the linecard. When it says "operational", we still perform Turbo-ACL,
otherwise we do linear search. We can do Turbo-ACL lookup for some ACLs
and linear for others..
It also depends on the type of LC engine as Turbo-ACLs only work in the
slow-path on the LC-CPU, so all hw-based LCs with ACL support
(essentially E1 and higher) will processes the ACLs in hardware.
When do you see the Malloc failure? When you initially configure the
ACLs or enable Turbo-ACL, or when Turbo-ACL tries to optimize it later?
oli
More information about the cisco-nsp
mailing list