Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Turbo ACL's with IPSec VPN Tunnels

I have a 7206VXR-G1 router with SA-VAM2+ being used for VPN termination and internet access.  The routers CPu is starting to run pretty high, reaching over 80% during peak load and I am thinking about enabling turbo ACL's as an option to help decrease CPU load.  I have a total of about 800 ACL's defined with a total of nearly 8000 ACL entries.  Some ACL's have over a hundred lines, others may only have 10 or 20.

I have read here on the forums that turbo ACL's have helped out in certain situations, but I am wondering what kind of impact this will have on my VPN environment.

I read that every time an ACL change is made the router has to recompile the ACL.  How long does this take on an ACL with 20 lines?  How about 100 lines?  How much memory is typicaly used with this many ACL entries?

Do turbo ACL's help performance with ACL's defined for crypto maps the same as they would for interface ACL's?