data interruption on ACL's ?

Unanswered Question
Apr 7th, 2010

We are in the middle of a migration of some services but we need to apply some kind of "basic" security and I was thinking of using ACL's.

But....

Will there be any impact on established connections ( interactive and non-interactive ) when I make changes to the ACL ?

I need to know what the impact will be on active connections when I remove the ACL from the interface ( to make changes )

I need to know what the impact will be on active connections when I apply the ACL on the interface ( after changes are made )

The connections are very sensitive ( SAP, JBOSS, MQ ) and need a reconnection when interrupted which is not an option to end-users...

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Panos Kampanakis Wed, 04/07/2010 - 07:46

If the connections are already established then no.

The ACL checks are done for new connections and existing ones go through the TCP state checks but not through the ACLs.

I hope it helps.

PK

Actions

This Discussion