Solved: How big can an access-list be?

Tauer Drumond · ‎11-21-2011

Hi all,

I'm creating an access-list that will contain all networks and host that will be redistribute into EIGRP.

Till now, this access-list contains 72 entries but this number can increase anytime.

I'm using a 3750-x layer 3 switch, and I'm wondering how big this access-list can be, regarding CPU and memory utilization and performance.

Thank you all

Tauer

Peter Paluch · ‎11-21-2011

Hello Tauer,

Use the show platform tcam utilization command to see an estimate of the TCAM space occupied by various applications, including the ACLs and prefix lists. In any case, 72 entries is nothing of significance - you can expect the ACL to grow to at least a few hundred entries without impacting performance.

That being said, I would personally vouch to use prefix lists instead of ACLs in routing protocol redistribution - perhaps not specifically because of their spatial efficiency but more because of their intelligibility and easiness of using. I have always found the prefix lists to be more intuitive than ACLs.

Best regards,

Peter

View solution in original post

Peter Paluch · ‎11-21-2011

Hello Tauer,

Use the show platform tcam utilization command to see an estimate of the TCAM space occupied by various applications, including the ACLs and prefix lists. In any case, 72 entries is nothing of significance - you can expect the ACL to grow to at least a few hundred entries without impacting performance.

That being said, I would personally vouch to use prefix lists instead of ACLs in routing protocol redistribution - perhaps not specifically because of their spatial efficiency but more because of their intelligibility and easiness of using. I have always found the prefix lists to be more intuitive than ACLs.

Best regards,

Peter

Tauer Drumond · ‎11-22-2011

Hi Peter,

thank you for answer.

Helps a lot... I'll consider to use prefix list instead access-list

Regards