[c-nsp] Question about SVI interface acl counters + way of working
Phil Mayers
p.mayers at imperial.ac.uk
Wed Mar 20 12:07:21 EDT 2013
On 20/03/13 15:12, Gert Doering wrote:
> Hi,
>
> On Wed, Mar 20, 2013 at 03:42:09PM +0100, "Rolf Hanßen" wrote:
>> Does that ACL not filter all traffic passing the interface or why does the
>> delta of ACL hits not match the number of incoming pps ?
>
> The ACL only counts (and lots) packets punted to the RP, and not
> "all of it". At least on Sup720... no idea about Sup2T.
Worth noting that Sup720 also has OAL, which can log "all" packets. We
used it briefly for various purposes, but the caveats it comes with
(interferes with VACL) and fading importance led us to remove it from
our standard config.
More information about the cisco-nsp
mailing list