My first line of defence is a 3620, and I am using and ACL on the outside interface for incoming traffic, trying to stop some of 'bad' traffic before it continue to my firewall. I know how to design the access-list so the most often received traffic is checked first, and so on, and I know that I should keep it as simple as possible and not creating a huge access-list with 100's of lines.
However, it got me wondering. How much does it slow down the incoming traffic everytime I add a new line to my access-list. This is a very hard question to answer though, because if created well, most traffic should be filtered out before halfway through the access-list, and I guess it also depends on the speed of the processor. If we look at the 3620, it has an 80Mhz RISC processor, so if can someone give me a result here? If we have a full T1 fully loaded with incoming traffic. How long delay would there be per line-to-be-checked in an ingoing extended ACL? Thanks for your comments... Ole ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://www.RouterChief.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Need a Job? http://www.OleDrews.com/job ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=42966&t=42966 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
