[39766] in North American Network Operators' Group
Re: Netflow bug on 3-GE cards (Trident) in Cisco GSRs
daemon@ATHENA.MIT.EDU (Andrew C. Ohnstad)
Mon Jul 23 14:11:02 2001
Date: Mon, 23 Jul 2001 14:11:36 -0400
From: "Andrew C. Ohnstad" <andrewo@gblx.net>
To: David Sinn <dsinn@microsoft.com>
Cc: Mikael Abrahamsson <swmike@swm.pp.se>, nanog@merit.org
Message-ID: <20010723141136.A9900@gblx.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <AF9E69C4CBFA3C4AA40068F03A2861450327431B@RED-MSG-11.redmond.corp.microsoft.com>; from dsinn@microsoft.com on Mon, Jul 23, 2001 at 10:42:26AM -0700
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, Jul 23, 2001 at 10:42:26AM -0700, David Sinn wrote:
> I beg to differ.
>
> As a former employee of Cisco, you comments about ACL's on E0 and E1
> cards are totally off base. I'm not sure where you got this
> "information", but it is most certainly not the case.
>
> Standard ACL's & Extended ACL's have been supported by the E0's and E1's
> that were released in 12.0(5)S (most) and 12.0(6)S (2 port OC-12 DPT)
> versions of IOS. This includes the 8 port FE and 1 port GE cards. This
> includes support by the development organization that oversees software
> on the GSR, and by the TAC. (Whether the TAC engineer is capable of
> supporting you is another issue.)
I apologize, I made a couple mistakes in my response. ACLs are not
supported on E0 and E1 Gig/FE cards. You used to be able to do them anyways,
but they didn't work. They were removed in recient releases. They will
be supported by (and re-enabled on) the Engine3 10 port GigE cards under
development.
We found this out the hard way when we upgraded a pair of GSR with GigE
"DMZ" type interfaces behind it. We had to scramble to install a 7xxx
series routers to serve as dedicated DMZ routers and do the ACLs on them.
--
=-=andrewo
