[c-nsp] Router ASR1k ACL count question

Mack McBride mack.mcbride at viawest.com
Fri Jul 22 18:46:12 EDT 2016

On the older 3550 and 3560 there were no hardware counters for ACLs.
I am assuming that is true with the 3850 as well.
On the ASR1006, you have a massively parallel software processor that handles all forwarding (the Cisco FP).
So technically it is software but it acts more like reprogrammable hardware.
Each FP has a large number of multi threaded cores.
The ESP 200 has around 248 cores, which can each handle multiple (four each) threads.
This means that you effectively handle 992 threads simultaneously.
That translates to 5+ CPU cycles per bit at 64 byte packets.
Meaning even with minimum sized packets the processors get about 2500 cycles for each packet.

Mack McBride | Senior Network Architect | ViaWest, Inc.
O: 720.891.2502 | C: 303.720.2711 | mack.mcbride at viawest.com | www.viawest.com

-----Original Message-----
From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Satish Patel
Sent: Thursday, July 21, 2016 8:37 AM
To: Cisco Network Service Providers
Subject: Re: [c-nsp] Router ASR1k ACL count question

Any input?

On Wed, Jul 20, 2016 at 11:52 AM, Satish Patel <satish.txt at gmail.com> wrote:
> I have C3850 (L3) switch and Cisco ASR1006 Router, I am running ACL on
> both device but if i rung "show ip access-lists" on both then i can
> see c3850 hit counter not increasing but on ASR1006 router it is
> increasing.
> What does that mean? I heard from people C3850 using hardware ACL
> because of that its counter doesn't increase. Does that means ASR1006
> using software ACL because its counter increasing every single hit.
cisco-nsp mailing list  cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
This message contains information that may be confidential, privileged or otherwise protected by law from disclosure. It is intended for the exclusive use of the addressee(s). Unless you are the addressee or authorized agent of the addressee, you may not review, copy, distribute or disclose to anyone the message or any information contained within. If you have received this message in error, please contact the sender by electronic reply and immediately delete all copies of the message.

More information about the cisco-nsp mailing list