On Tue, Mar 6, 2012 at 11:47 PM, Andrew Miehs <[email protected]> wrote: > On 07/03/2012, at 1:55 PM, Zach Williams wrote: >> I'm having a tough time finding best-practices information on the use of >> PBR and was wondering what cisco-nsp thought of this setup. > > I wouldn't use it at all - other than perhaps for a short term migration > issue. > 6 months later, debugging will be a nightmare as no one will remember exactly > what was configured. > > Does PBR still cause the performance issues it did in the past, forcing every > packet through the CPU? > > Andrew
I think it varies by platform. IIRC, PBR can usually be done in hardware, except if denies are used in the ACL's. We use PBR quite a bit to route return traffic back through our load balancers. That's a bit different situation than the poster mentioned though. We've run into issues with it periodically on our Nexus 7k's though due to the buggy version of NX-OS we're on. Oliver _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
