(cisco, or any) acl *reducers* out there?

• Previous message (by thread): (cisco, or any) acl *reducers* out there?
• Next message (by thread): (cisco, or any) acl *reducers* out there?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 19/08/2010, at 1:00 PM, Randy Bush wrote:

>> something which can take a couple of hundred basic and extended ACLs and tell you
>> these <ten> don't work
>> these <twenty> conflict
>> the remaining <x> have a sequence and can reduce to this basic <x-y> set
> 
> maybe you could go the other direction.  as opposed to trying to digest
> and correct cruft, generate the acls from something reasonable so that
> they are canonic by construction.
> 
> randy


A reasonable call. Its probably where we'll be by default, because there isn't anything there and I think first principles upward is better than paring back.

Thanks for the responses (and Roland!)

I think its clear a tool like I asked doesn't exist, and very probably won't, anytime soon.

cheers

-G

• Previous message (by thread): (cisco, or any) acl *reducers* out there?
• Next message (by thread): (cisco, or any) acl *reducers* out there?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]