Hi all, Have any of you seen performance degradation when using a large access list on a Cisco router (actually layer 3 managed switch)? I am getting connection dropouts under high load to various database servers in a VLAN managed by these ACLs, and want to discount this. Thanks. Andrew.
Absolutely, by large how large do you mean? Several thousand lines?
Remember that ACL processing means you have to process switch in many cases.
I've seen this quite commonly. If your device supports it you can try
enabling acl compilation.
What type of hardware are you experience this on?
----- Original Message -----
From: "Andrew Hodgson"
Hi,
We have around 400 lines on the ACL, using Cat 4500s.
Andrew.
-----Original Message-----
From: blind-sysadmins-bounces@lists.hodgsonfamily.org [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Scott Granados
Sent: 03 May 2010 23:08
To: Blind sysadmins list
Subject: Re: [Blind-sysadmins] ACLS on Cisco routers
Absolutely, by large how large do you mean? Several thousand lines?
Remember that ACL processing means you have to process switch in many cases.
I've seen this quite commonly. If your device supports it you can try
enabling acl compilation.
What type of hardware are you experience this on?
----- Original Message -----
From: "Andrew Hodgson"
If you remove the ACL do things work correctly?
That could be an issue.
----- Original Message -----
From: "Andrew Hodgson"
Hi,
No, we still have the issue :(.
Back to the drawing board :).
Andrew.
-----Original Message-----
From: blind-sysadmins-bounces@lists.hodgsonfamily.org [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Scott Granados
Sent: 04 May 2010 16:02
To: Blind sysadmins list
Subject: Re: [Blind-sysadmins] ACLS on Cisco routers
If you remove the ACL do things work correctly?
That could be an issue.
----- Original Message -----
From: "Andrew Hodgson"
How about the show output from the interfaces involved. You getting a high
number of drops or errors?
----- Original Message -----
From: "Andrew Hodgson"
participants (3)
-
Andrew Hodgson
-
Andrew Hodgson
-
Scott Granados