[c-nsp] Switching paths
Dave Temkin
dave at ordinaryworld.com
Tue Feb 21 14:48:00 EST 2006
Thanks Ashton!
So does this mean that *anything* matched in that ACL won't be CEF
switched, or just the lines that are set to log?
Thanks,
-Dave
On Tue, 21 Feb 2006, Asbjorn Hojmark - Lists wrote:
> >> Not that I doubt you, but do you know any quick links that
> >> shows that in a document somewhere? I've been fighting
> >> against ACL logging for awhile now and this would be the
> >> perfect ammo I'd need.
>
> > Sorry I'm not aware of one but it's probably referenced deep
> > in some doc on CCO.
>
> Well, IP Application Services Configuration Guide > IP Access
> Lists > Configuring IP Access Lists says: "If you enable CEF and
> then create an access list that uses the log keyword, the packets
> that match the access list are not CEF switched. They are fast
> switched. Logging disables CEF." See http://tinyurl.com/r9sze
>
> However, on the Sup720, one can do Optimized ACL Logging (i.e.
> hardware support for logging). See http://tinyurl.com/bkckn,
> which says: "Unless you configure OAL, packets that require
> logging are processed completely in software on the MSFC3. OAL
> permits or drops packets in hardware on the PFC3 and uses an
> optimized routine to send information to the MSFC3 to generate
> the logging messages."
>
> -A
>
More information about the cisco-nsp
mailing list