Packet headers are used to access these tables in a small, fixed number of lookups, independent
of the existing number of ACL entries. This tremendously improves the performance and saves ACLs lookup
cycles.
Note
ACLs configured with time-range or reflexive ACL are not supported and are excluded from Turbo ACL
acceleration.
To enable the Turbo ACL feature, use the access-list compiled command from the global configuration mode
to compile all ACLs. This command should be applied after the normal ACLs have been configured and are ready
to be compiled.
The Turbo ACL feature is disabled by default. When Turbo ACL is not enabled, the normal ACL processing is
enabled, with no occurrence of ACL acceleration.
Use the show access-list and the show access-list compiled commands to verify that the Turbo ACL feature
has taken effect and ACLs have been compiled for acceleration. The ACLs will be flagged as (Compiled),
indicating they are operating as an accelerated ACL.
Receive ACLs (rACL)
Cisco 12000 series Gigabit Switch Routers (GSR) and 7500 platforms support Receive ACL (rACL) to increase
security and thereby protect the router from unnecessary and potentially nefarious traffic. High volumes of data
sent to the GRP can be overwhelming, resulting in an effective denial-of-service (DoS) attack.
Pages:
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104