Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Troubleshooting ACLs.

We are using Catalyst 3750-E with IOS version 12.2(53)SE2.

I’m configuring vlan map with extended IP ACL .

ip access-list extended Allowed-Traffic

permit tcp 10.4.254.0 0.0.1.255 10.4.253.0 0.0.0.255 eq telnet

permit tcp 10.4.253.0 0.0.0.255 eq telnet 10.4.254.0 0.0.1.255

vlan access-map VACL 10

action forward

match ip address Allowed-Traffic

vlan filter VACL vlan-list 253

How can I determine if ACL processing is accomplished in hardware?

From configuration guide.

To determine the specialized hardware resources, enter the show platform layer4 acl map.

If the switch does not have available resources, the output shows that index 0 to index 15 are not available.

Thanks.

Regards.

Andrea

2 REPLIES

Re: Troubleshooting ACLs.

We are using Catalyst 3750-E with IOS version 12.2(53)SE2.

I’m configuring vlan map with extended IP ACL .

ip access-list extended Allowed-Traffic

permit tcp 10.4.254.0 0.0.1.255 10.4.253.0 0.0.0.255 eq telnet

permit tcp 10.4.253.0 0.0.0.255 eq telnet 10.4.254.0 0.0.1.255

vlan access-map VACL 10

action forward

match ip address Allowed-Traffic

vlan filter VACL vlan-list 253

How can I determine if ACL processing is accomplished in hardware?

From configuration guide.

To determine the specialized hardware resources, enter the show platform layer4 acl map.

If the switch does not have available resources, the output shows that index 0 to index 15 are not available.

Thanks.

Regards.

Andrea

Andrea,

ACL processing is primarily accomplished in hardware, but requires forwarding of some traffic flows to the CPU for software processing. The forwarding rate for software-forwarded traffic is substantially less than for hardware-forwarded traffic.

Check out the below link for more information

http://www.ciscosystems.net/en/US/docs/switches/lan/catalyst3550/software/release/12.2_25_see/configuration/guide/swacl.html

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

Community Member

Re: Troubleshooting ACLs.

We  are using Catalyst 3750-E with IOS version 12.2(53)SE2.

I’m  configuring an extended IP ACL on SVI.

How can I determine  if ACL processing is accomplished in hardware?

From configuration guide.

To  determine the specialized hardware resources, enter the show  platform layer4 acl map.

But this command doesn't show anything!

Thanks.

Regards.

Andrea

410
Views
0
Helpful
2
Replies
CreatePlease to create content