[c-nsp] Sup720 CoPP, limits on CPU performance
Saku Ytti
saku at ytti.fi
Wed Mar 24 03:55:40 EDT 2010
On (2010-03-23 21:55 +0100), Gert Doering wrote:
> "receive ACL" comes to mind.
>
> I've never understood why this is not available in all platforms.
6500 CoPP is superior to GSR rACL, rACL is done in LC CPU, punt path to LC
CPU is already easily dossable and LC CPU performance pukes out rather
easily. There is no way to make IOS GSR undossable, while with 6500 you can
make it undossable, as long as attacker is not in L2.
--
++ytti
More information about the cisco-nsp
mailing list