[c-nsp] sup720 protection on the 6500/7600
Saku Ytti
saku+cisco-nsp at ytti.fi
Sun Feb 18 02:43:31 EST 2007
On (2007-02-17 17:05 -0600), Charles Spurgeon wrote:
> When it comes to "mls rate-limit" I have a tale of woe to relate
> concerning BugID CSCec44594. This bugid describes how using the
> command "mls rate-limit unicast cef receive <n> <n>" in a Sup720
> causes pre-existing ACL logic to be inverted.
> 1. reversed ACL functions (ingress became egress) due to mls
> rate-limit operations and
Ouch! Does this apply to SVI's only? I've ran CoPP with ingress
and egress ACL for quite long time now and haven't had this issue yet.
But I don't have SVI interfaces, only 'L3' interface, which of
course are internally still mapped to VLANs, but are still
not 100% equal from PFC3 point of view.
--
++ytti
More information about the cisco-nsp
mailing list