04-18-2009 07:54 AM - edited 03-04-2019 04:25 AM
Hi! I would like to know how many lines (or entries) can I enter for an extended or named ACL in a Cisco router (IOS 12.3)
Also: if you enter one line beyond that amount , what is the router's behaviour, does it overwrite the acl from the beginning or does it trigger an error msg?
Thanks!
04-18-2009 09:29 AM
Hi:
I'm not sure there is a limit. If there is, not only have I never read it anywhere before, but I am positive you will never reach it. No one will.
But here is an interesting study on the effects of ACLs on Cisco router performance.
HTH
Victor
04-18-2009 10:02 AM
04-19-2009 11:04 AM
Thanks a lot! I also thought so. The thing is I am not connecting to the router by console, I'm using an automated program so, it may write a lot of acls.
This router is a 800 series...
(I am not a hacker...:) )
If limit is about 10.000, well that's almost infinity, but 1000 or 500. Well 1000 it's still a lot but 500, maybe not so much.
I'll have a loook at the paper, thanks!
04-19-2009 12:02 PM
Hi:
Can I ask what you're using this router for that you are worried that 500 lines of access lists may not be enough to support your application?
Thanks
Victor
04-20-2009 07:09 AM
The program I'm talking about writes as many acls as existing IDS alerts :) , for instance existing alerts in a log file.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: