Turbo ACLs missing in C2800 12.4(21)?

wojciechowczarek · ‎11-03-2008

Looks like yet another example of mysteriously disappearing features... We have a couple of 28x1's, we have recently upgraded IOS from 12.4(3d) to 12.4(21) on some of them due to a couple of issues, and suddenly I can see:

rtr-site1#show access-lists compiled

Compiled ACLs unavailable

- and the router stopped recognizing the "access-list compiled" directive.

Now when I look at IOS reference, I see that it lists Turbo ACLs as "available on Cisco 7200, 7500 and 12000".

I tried different 12.4(21) feature sets, but still not available - while working fine on 12.4(3d).

Is there a reasonable explanation for this other than a marketing move - the likes of "iPhone VPN is only supported on Cisco PIX and ASA"?

Joseph W. Doherty · ‎11-03-2008

Yup, it was deactivated in the later releases. Wasn't supposted to be there; unsupported. It might not function correctly. (As told by TAC.)

PS:

Seemed to work alright in the releases it was active in (up through 12.4[12]?), but it does seem likely a marketing decision. Makes the low end ISRs too feature like the higher end models.

wojciechowczarek · ‎11-04-2008

- so that you're even more likely to consider buying a higher spec router when yours is starting to struggle with matching... Oh well.

Thanks,

Wojciech

Joseph W. Doherty · ‎11-04-2008

Perhaps, but you can still carefully sequence ACL entries (based on the hit frequencies, and if sequence logic permits). You can also activate flow cache, which I believe no longer requires a separate feature license. Either or both can help mitigate the lost of the ACL compiled feature.