[c-nsp] When are ACLs inserted to TCAM

[mack]

It is best practice to not make changes to an active ACL.
Obviously making changes to a live ACL is at your own risk.

When are extended ACLs actually inserted into TCAM?
Under SXF versions of IOS it seems that the ACL is
not applied until the exit statement is executed.
This would make sense as the ODM is a processor intensive task
and executing it for every statement might not be the best behavior.

However the documentation is not at all clear on this.
And it seems that SXH1 may behave differently.

Does anyone have a definitive answer?

--
LR Mack McBride
Network Administrator
Alpha Red, Inc.