[c-nsp] ACL sometimes logging dest_IP sometimes nexthop - why?
Elmar K. Bins
elmi at 4ever.de
Wed Jun 19 03:34:16 EDT 2024
cisco-nsp at puck.nether.net (Gert Doering via cisco-nsp) wrote:
> On Wed, Jun 19, 2024 at 08:44:20AM +0300, Hank Nussbacher via cisco-nsp wrote:
> > RP/0/RSP0/CPU0:2024 Jun 19 05:12:47 : ipv4_acl_mgr[343]:
> > %ACL-IPV4_ACL-6-IPACCESSLOGP : access-list log-traffic (10) permit udp
> > 192.114.102.104(55638) -> 192.0.2.2(53), 1 packet
>
> You might actually have a client sending packets to 192.0.2.2...
Yeah, I'm also pretty sure the ACL logs don't lie, as much as I'd like them to
sometimes. For me, it's usually VRRP and traffic coming from unexpected
directions that sends my brain into a tailspin over ACL logs.
Elmar.
More information about the cisco-nsp
mailing list