[c-nsp] how ACLs affect the processing of a Cisco 7200 NPE-G2

Steve McCrory smccrory at gcicom.net
Fri Nov 9 07:30:59 EST 2012 

The concept I was working with is true (adding more statements does not
impact performance) but perhaps my exact figures where slightly out,
based on the excerpt from Cisco:

" For ACLs larger than 3 entries, the CPU load required to match the
packet to the pre-determined packet-matching rule is lessened. The CPU
load is fixed, regardless of the size of the ACL, allowing for larger
ACLs without incurring any CPU overhead penalties. The larger the ACL,
the greater the benefit"

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Dobbins, Roland
Sent: 09 November 2012 12:20
To: cisco-nsp NSP
Subject: Re: [c-nsp] how ACLs affect the processing of a Cisco 7200
NPE-G2


On Nov 9, 2012, at 5:48 PM, Steve McCrory wrote:

> This features compiles the ACLs and once enabled the performance
impact of a long list is the same as for 1 statement.

That isn't exactly the case, but it does make ACL processing much more
efficient.  

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton


_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


This email has been swept by Webroot for viruses. Any files transmitted with it are confidential and intended solely for the email recipient. If you are not the intended recipient please delete this email immediately. Be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. If you have received this email in error please notify the system administrator. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses.


GCI Com incorporates the following Group Companies:
GCI Telecom Group Limited Reg. No. 5396496, Edge Telecommunications Ltd Reg. No. 5748740, Edge Telecom Ltd Reg. No. 3101247, IP Infrastructures Ltd Reg. No. 4657026, Invomo Ltd Reg. No. 6267056, NetServices UK Ltd Reg. No. 7118768, WAN Services Ltd Reg. No. 4082862. All Registered in England and Wales, Registered Office: Global House, 2 Crofton Close, Lincoln, LN3 4NT

More information about the cisco-nsp mailing list