Mailing List Archive

this feature is also supported in 12.0(21)S3.

cheers
.siva

On Mon, 23 Sep 2002, Hassan, Shehzad wrote:

> IP Receive ACL
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120
> limit/120s/120s22/ft_ipacl.htm
> <http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/12
> 0limit/120s/120s22/ft_ipacl.htm>
>
> Does anyone know how effective this feature is in reality ? Is it worth-it
> to even consider moving codes around i.e. 22S, not sure how well this code
> is doing.
>
> New Features in Release 12.0(22)S
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120
> limit/120s/120s22/
> <http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/12
> 0limit/120s/120s22/>
>
>
> Thanks
>
> -SH
>

> IP Receive ACL
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120
> limit/120s/120s22/ft_ipacl.htm
> <http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/12
> 0limit/120s/120s22/ft_ipacl.htm>
>
> Does anyone know how effective this feature is in reality ? Is it worth-it
> to even consider moving codes around i.e. 22S, not sure how well this code
> is doing.

If you're thinking about 22S you definitely want 22S1 - lots of bugs
fixed.

The receive ACL will save you the work of configuring different ACLs
for every interface to protect the route processor.

Also note that it's only available on GSRs so far.

Steinar Haug, Nethelp consulting, sthaug@nethelp.no

>
> The receive ACL will save you the work of configuring different ACLs
> for every interface to protect the route processor.

Any way to rate-limit the flow of packets that hit the GRP ?

>
> Also note that it's only available on GSRs so far.
>
> Steinar Haug, Nethelp consulting, sthaug@nethelp.no
> _______________________________________________
> cisco-nsp mailing list real_name)s@puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

> > The receive ACL will save you the work of configuring different ACLs
> > for every interface to protect the route processor.
>
> Any way to rate-limit the flow of packets that hit the GRP ?

I asked about that too, from the Cisco person who told me about
the IP receive ACL. The impression I got was that they are looking
at it, but it's not available yet.

Steinar Haug, Nethelp consulting, sthaug@nethelp.no

sthaug@nethelp.no (sthaug@nethelp.no) wrote:
> > IP Receive ACL
> > http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120
> > limit/120s/120s22/ft_ipacl.htm
> > <http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/12
> > 0limit/120s/120s22/ft_ipacl.htm>
> >
> > Does anyone know how effective this feature is in reality ? Is it worth-it
> > to even consider moving codes around i.e. 22S, not sure how well this code
> > is doing.
>
> If you're thinking about 22S you definitely want 22S1 - lots of bugs
> fixed.
>

i am also seeing 120-22.4.s in the wild :-)

but my question is different: where is a mpls vpn + ipv6 capable image
(12.0-XXXX-S) for the 7206vxr platform ?


--jan


--
Jan Ahrent Czmok - Senior Network Engineer - Access Networks
Global Access Telecommunications, Inc. - Stephanstr. 3 - 60313 Frankfurt
voice: +49 69 299896-35 - fax: +49 69 299896-66 - email: czmok@gatel.de

hi,

On Tue, Sep 24, 2002 at 12:48:35PM +0200, Jan Czmok wrote:
> but my question is different: where is a mpls vpn + ipv6 capable image
> (12.0-XXXX-S) for the 7206vxr platform ?

No IPv6 for 7200 in 12.0S (yet).

gert,
waiting for 12.2S

--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert@greenie.muc.de
fax: +49-89-35655025 gert.doering@physik.tu-muenchen.de

> > > The receive ACL will save you the work of configuring
> different ACLs
> > > for every interface to protect the route processor.
> >
> > Any way to rate-limit the flow of packets that hit the GRP ?
>
> I asked about that too, from the Cisco person who told me about
> the IP receive ACL. The impression I got was that they are looking
> at it, but it's not available yet.

Just in case you weren't aware... Packets sent to the GRP are already
rate-limited -- it's just not configurable.

Thanks,

Chris

>
> Steinar Haug, Nethelp consulting, sthaug@nethelp.no
> _______________________________________________
> cisco-nsp mailing list real_name)s@puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>