Arie Vayner wrote: > Another point is to try and aggregate the 500K hosts to larger > prefixes instead of having 500K host routes (which is like holding >3 > times the Internet routing table just for blocking...) Yeah.. is there an ACL optimizer/aggregator around and open? I know there's a ci$cowork$ plugin that I can't afford :-) Jeff