Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
974
Views
4
Helpful
2
Replies

ACL processing in Cisco 3845

Ahmed Shahzad
Level 1
Level 1

‎06-27-2010 08:49 PM - edited ‎02-20-2020 09:42 PM

Hi,

I would like to know that ACL processing in Cisco 3845 is hardware based or software based?

May I have a list of hardware that support dedicated ASIC for ACL processing?

Thanks and Regards,
Ahmed Shahzad.    

1 person had this problem
Labels:
0 Helpful
2 Replies 2

Ganesh Hariharan
VIP Alumni
VIP Alumni

‎06-27-2010 11:14 PM 

Hi,
I would like to know that ACL processing in Cisco 3845 is hardware based or software based?
May I have a list of hardware that support dedicated ASIC for ACL processing?
Thanks and Regards,
Ahmed Shahzad.    

Ahmed,

ACL processing is primarily accomplished in hardware, but requires forwarding of some traffic flows to the CPU for software processing. The forwarding rate for software-forwarded traffic is substantially less than for hardware-forwarded traffic. When traffic flows are both logged and forwarded, forwarding is done by hardware, but logging must be done by software. Because of the difference in packet handling capacity between hardware and software, if the sum of all flows being logged (both permitted flows and denied flows) is of great enough bandwidth, not all of the packets that are forwarded can be logged.

These factors can cause packets to be sent to the CPU:

•Using the log keyword
•Enabling ICMP unreachables
•Hardware reaching its capacity to store ACL configurations

If ACLs cause large numbers of packets to be sent to the CPU, the switch performance can be negatively affected.

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

Ahmed Shahzad
Level 1
Level 1
In response to Ganesh Hariharan

‎06-27-2010 11:35 PM

Thanks Ganesh.

I am still concerned that Cisco 3845 have a dedicate ASIC for ACL processing? Also may I have a list of Routers support dedicated ASIC for ACL processing?

Best Regards,
Ahmed Shahzad.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents