Great Circle Associates Firewalls
(January 1995) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Access-lists and performance
From: Catherine Anne Foulston <cathyf @ is . rice . edu>
Date: Wed, 25 Jan 1995 19:19:38 -0600 (CST)
To: firewalls @ greatcircle . com 
Folks have been mentioning performance loss due to access-lists.
I've never actually been able to observe the performance loss,
even though we have a couple of fairly large access-lists
(ours are on ciscos).  I am not saying it isn't there, just that
either it's so small it doesn't make a difference for us, or else
something else is the bottleneck on that segment anyway.  :-)

Has anyone here actually had noticeable or problematic
performance degradation due to the processing of access-lists?
If so, what platform and how big was the list?  Thanks.

	Cathy
--
Catherine Foulston      cathyf @
 rice .
 edu      Rice University Network Management

Today's pet peeve:  reference to the RCPT command of SMTP as "receipt."  It
means "recipient".  (See ftp://ftp.sesqui.net/pub/rfc/rfc821.txt, page 20.)
Follow-Ups:
Indexed By Date Previous: Re: Router filtering not enough! (Was: Re: CERT advisory )
From: "Brian K. Uechi MIS HNL" <BRIAN_U @ verifone . com>
Next: Re: Firewall and cdrom
From: glenn . w . cantello @ HYDRO . ON . CA (Glenn W Cantello)
Indexed By Thread Previous: End-to-end Encryption and CERT
From: Dave Barrett <barrett @ asgard . cs . Colorado . EDU>
Next: Re: Access-lists and performance
From: Howard Berkowitz <hcb @ clark . net>
Google
 
Search Internet Search www.greatcircle.com