![]() The log-input option enables logging of the ingress interface and source MAC address in addition to the packet's source and destination IP addresses and ports. The log and log-input options apply to an individual ACE and cause packets that match the ACE to be logged. Using the configuration commands detailed in this document, administrators can strike a balance between traffic visibility and the corresponding impact on device CPU load. There are two primary factors that contribute to the CPU load increase from ACL logging: process switching of packets that match log-enabled access control entries (ACEs) and the generation and transmission of log messages. ![]() Unfortunately, ACL logging can be CPU intensive and can negatively affect other functions of the network device. Logging-enabled access control lists (ACLs) provide insight into traffic as it traverses the network or is dropped by network devices. Limiting ACL Logging–Induced Process Switching The log and log-input Access Control Entry Options
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |