Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

8212zl layer3 (ACL) performance

SOLVED
Go to solution
lightxx
Frequent Advisor

8212zl layer3 (ACL) performance

ok, i've got a bunch of 8212zl switches here, and i'm considering implementing some ACLs. i've heard terrible stories regarding the performance when switching from layer2 to layer3 packet inspection.

so what i'd like to know is if the performance degradation which WILL occur when enabling ACLs can somehow be anticipated? any tests? any guides? any best practice advises?

thanks,
Tom
7 REPLIES
lightxx
Frequent Advisor

Re: 8212zl layer3 (ACL) performance

not a single procurve guru here? :(
lightxx
Frequent Advisor

Re: 8212zl layer3 (ACL) performance

bump
lightxx
Frequent Advisor

Re: 8212zl layer3 (ACL) performance

sigh .... there gotta be some 8212zl admin using ACLs?????

Re: 8212zl layer3 (ACL) performance

We use them to stop VRRP advertisements ingressing into the distribution/core layer from the edge network.

I've not read any technical white papers regarding them, but they'll almost certainly be implemented at an ASIC level, so I doubt that there'd be any serious performance degradation.

Nothing beats a real world test though :)
Michael_Breuer
Esteemed Contributor
Solution

Re: 8212zl layer3 (ACL) performance

Hi Tom,

on all ProVision ASIC based switches (3500, 5400, 8200, 6200, 6600) the ACL will be handled by the Policy Enforcement Engine. This will be done at wire speed with no performance impact.

Source:
Procurve 5400 Reviewers Guide, Page 40
http://www.hp.com/rnd/pdfs/ProCurve_Switch_5400zl_Series_Reviewers_Guide.pdf

Cheers,

Michael
Ingentive Networks GmbH
lightxx
Frequent Advisor

Re: 8212zl layer3 (ACL) performance

thank you very much guys!

-Tom
lightxx
Frequent Advisor

Re: 8212zl layer3 (ACL) performance

thx!