North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Netflow bug on 3-GE cards (Trident) in Cisco GSRs

  • From: Andrew C. Ohnstad
  • Date: Mon Jul 23 14:14:07 2001

On Mon, Jul 23, 2001 at 10:42:26AM -0700, David Sinn wrote:
> I beg to differ.
> 
> As a former employee of Cisco, you comments about ACL's on E0 and E1
> cards are totally off base.  I'm not sure where you got this
> "information", but it is most certainly not the case.
> 
> Standard ACL's & Extended ACL's have been supported by the E0's and E1's
> that were released in 12.0(5)S (most) and 12.0(6)S (2 port OC-12 DPT)
> versions of IOS.  This includes the 8 port FE and 1 port GE cards.  This
> includes support by the development organization that oversees software
> on the GSR, and by the TAC.  (Whether the TAC engineer is capable of
> supporting you is another issue.)

I apologize, I made a couple mistakes in my response.  ACLs are not 
supported on E0 and E1 Gig/FE cards.  You used to be able to do them anyways, 
but they didn't work.  They were removed in recient releases.  They will 
be supported by (and re-enabled on) the Engine3 10 port GigE cards under 
development.

We found this out the hard way when we upgraded a pair of GSR with GigE 
"DMZ" type interfaces behind it.  We had to scramble to install a 7xxx 
series routers to serve as dedicated DMZ routers and do the ACLs on them.
 
-- 
=-=andrewo