Netflow bug on 3-GE cards (Trident) in Cisco GSRs

Andrew C. Ohnstad andrewo at
Mon Jul 23 18:11:36 UTC 2001

On Mon, Jul 23, 2001 at 10:42:26AM -0700, David Sinn wrote:
> I beg to differ.
> As a former employee of Cisco, you comments about ACL's on E0 and E1
> cards are totally off base.  I'm not sure where you got this
> "information", but it is most certainly not the case.
> Standard ACL's & Extended ACL's have been supported by the E0's and E1's
> that were released in 12.0(5)S (most) and 12.0(6)S (2 port OC-12 DPT)
> versions of IOS.  This includes the 8 port FE and 1 port GE cards.  This
> includes support by the development organization that oversees software
> on the GSR, and by the TAC.  (Whether the TAC engineer is capable of
> supporting you is another issue.)

I apologize, I made a couple mistakes in my response.  ACLs are not 
supported on E0 and E1 Gig/FE cards.  You used to be able to do them anyways, 
but they didn't work.  They were removed in recient releases.  They will 
be supported by (and re-enabled on) the Engine3 10 port GigE cards under 

We found this out the hard way when we upgraded a pair of GSR with GigE 
"DMZ" type interfaces behind it.  We had to scramble to install a 7xxx 
series routers to serve as dedicated DMZ routers and do the ACLs on them.

More information about the NANOG mailing list