AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
If the log-enabled ACE matches another packet with identical characteristics to the packet that generated a log message, the number of packets matched is incremented and then reported at five-minute intervals. There are two scenarios in which subsequent log messages will not be sent immediately. The first packet logged via the log or log-input options will generate a syslog message. The log-input option enables logging of the ingress interface and source MAC address in addition to the packet's source and destination IP addresses and ports. The log and log-input options apply to an individual ACE and cause packets that match the ACE to be logged. Using the configuration commands detailed in this document, administrators can strike a balance between traffic visibility and the corresponding impact on device CPU load. There are two primary factors that contribute to the CPU load increase from ACL logging: process switching of packets that match log-enabled access control entries (ACEs) and the generation and transmission of log messages. Unfortunately, ACL logging can be CPU intensive and can negatively affect other functions of the network device. Logging-enabled access control lists (ACLs) provide insight into traffic as it traverses the network or is dropped by network devices. Limiting ACL Logging–Induced Process Switching The log and log-input Access Control Entry Options
0 Comments
Read More
Leave a Reply. |