Netflow bug on 3-GE cards (Trident) in Cisco GSRs
Andrew C. Ohnstad
andrewo at gblx.net
Mon Jul 23 18:11:36 UTC 2001
On Mon, Jul 23, 2001 at 10:42:26AM -0700, David Sinn wrote:
> I beg to differ.
>
> As a former employee of Cisco, you comments about ACL's on E0 and E1
> cards are totally off base. I'm not sure where you got this
> "information", but it is most certainly not the case.
>
> Standard ACL's & Extended ACL's have been supported by the E0's and E1's
> that were released in 12.0(5)S (most) and 12.0(6)S (2 port OC-12 DPT)
> versions of IOS. This includes the 8 port FE and 1 port GE cards. This
> includes support by the development organization that oversees software
> on the GSR, and by the TAC. (Whether the TAC engineer is capable of
> supporting you is another issue.)
I apologize, I made a couple mistakes in my response. ACLs are not
supported on E0 and E1 Gig/FE cards. You used to be able to do them anyways,
but they didn't work. They were removed in recient releases. They will
be supported by (and re-enabled on) the Engine3 10 port GigE cards under
development.
We found this out the hard way when we upgraded a pair of GSR with GigE
"DMZ" type interfaces behind it. We had to scramble to install a 7xxx
series routers to serve as dedicated DMZ routers and do the ACLs on them.
--
=-=andrewo
More information about the NANOG
mailing list