Cisco Cisco IOS Software Release 12.2(27)SBC
Turbo Access Control List Scalability Enhancements
Information About Turbo Access Control List Scalability Enhancements on the NSEs
3
Cisco IOS Release 12.2(31)SB2
How Turbo ACL Scalability Enhancements on the NSEs Improves Overall PXF
Performance
Performance
The memory allocated in PXF for Turbo Access Control Lists (ACLs) on the NSE-100 especially is
limited to the point where even modestly-sized ACL configurations cause a large amount of PXF
memory to be used for Turbo ACL processing. As a result, a large amount of network traffic that should
be processed through the PXF processing path is instead processed through the RP path.
limited to the point where even modestly-sized ACL configurations cause a large amount of PXF
memory to be used for Turbo ACL processing. As a result, a large amount of network traffic that should
be processed through the PXF processing path is instead processed through the RP path.
This enhancement is part of a series of enhancements to improve Turbo ACL functionality on the Cisco
7304 router using the NSE-100. Specifically, this feature keeps the entries for PXF-based Turbo ACL
classification current by more actively removing older entries. The older entries, which are no longer
used for current traffic flows, still consume memory and, therefore, cause traffic that would normally be
PXF-accelerated to instead be punted to the RP. This portion of the feature, which does not require user
configuration, improves overall traffic flow on the Cisco 7304 router using an NSE by allowing more
network traffic to be PXF-accelerated.
7304 router using the NSE-100. Specifically, this feature keeps the entries for PXF-based Turbo ACL
classification current by more actively removing older entries. The older entries, which are no longer
used for current traffic flows, still consume memory and, therefore, cause traffic that would normally be
PXF-accelerated to instead be punted to the RP. This portion of the feature, which does not require user
configuration, improves overall traffic flow on the Cisco 7304 router using an NSE by allowing more
network traffic to be PXF-accelerated.
How Turbo ACL Scalability Enhancements on the NSEs Improves Overall Route
Processing Performance
Processing Performance
These Turbo ACL scalability enhancements also introduce an enhancement that allows users, via
configuration commands, to configure the amount of memory reserved for ACL processing on the RP.
The ability to configure the amount of memory reserved for ACL processing in the RP path gives users
the option either to improve ACL processing performance in the RP path by reserving more memory for
ACL processing, or to improve all other RP path functionality by reserving less memory for ACL
processing.
configuration commands, to configure the amount of memory reserved for ACL processing on the RP.
The ability to configure the amount of memory reserved for ACL processing in the RP path gives users
the option either to improve ACL processing performance in the RP path by reserving more memory for
ACL processing, or to improve all other RP path functionality by reserving less memory for ACL
processing.
In Cisco IOS releases not containing this feature, the amount of memory reserved for RP ACL handling
is fixed.
is fixed.
Understanding Memory Limits for Turbo ACL Processes on the Route Processor
An NSE-150 has 2 GB of DRAM. NSE-100 RAM is user-configurable using an SDRAM SODIMM.
While most NSE-100s have 512 MB of RAM, 256-MB and 128-MB SDRAM SODIMMs for the
NSE-100 exist.
While most NSE-100s have 512 MB of RAM, 256-MB and 128-MB SDRAM SODIMMs for the
NSE-100 exist.
On a Cisco 7304 router using an NSE-150, the default memory limit for Turbo ACL processes (such as
classification, compilation, and table storage) of Layer 3 and Layer 4 data in the RP path is always 256
MB. The default memory limit for Turbo ACL processes for Layer 2 data in the RP path for a Cisco 7304
router using an NSE-150 is always 128 MB.
classification, compilation, and table storage) of Layer 3 and Layer 4 data in the RP path is always 256
MB. The default memory limit for Turbo ACL processes for Layer 2 data in the RP path for a Cisco 7304
router using an NSE-150 is always 128 MB.
On a Cisco 7304 router using an NSE-100, the default amount of memory reserved for Turbo ACL
processes in the RP path is dependant upon the amount of SDRAM configured on the NSE-100. If the
NSE has 512 MB of SDRAM or more, the default memory limit for Turbo ACL processes for Layer 3
and Layer 4 traffic processing is 256 MB. If the processor has less than 512 MB of SDRAM, the default
memory limit for Turbo ACL processes for Layer 3 and Layer 4 traffic is 128 MB.
processes in the RP path is dependant upon the amount of SDRAM configured on the NSE-100. If the
NSE has 512 MB of SDRAM or more, the default memory limit for Turbo ACL processes for Layer 3
and Layer 4 traffic processing is 256 MB. If the processor has less than 512 MB of SDRAM, the default
memory limit for Turbo ACL processes for Layer 3 and Layer 4 traffic is 128 MB.
The default amount of memory reserved for Layer 2 Turbo ACL processes for a Cisco 7304 router using
an NSE-100 is always 128 MB, regardless of the amount of memory configured on the processor.
an NSE-100 is always 128 MB, regardless of the amount of memory configured on the processor.
To see the default amount of memory reserved for Layer 2 or for Layer 3 and Layer 4 Turbo ACL
processing on your Cisco 7304 router, enter the show access-list compiled command. The “Mb default
limit” output, which appears in both the “Compiled ACL statistics for IPv4” and “Compiled ACL
processing on your Cisco 7304 router, enter the show access-list compiled command. The “Mb default
limit” output, which appears in both the “Compiled ACL statistics for IPv4” and “Compiled ACL