How does netflow interact with ACL configs?
Access control lists (ACLs) on Cisco routers enable packet filtering based on source and destination addresses, protocols, and specific interfaces. Normally, every packet is matched against an access list to determine acceptability. With netflow, only the first packet of a flow needs matched; if the first packet passes the filters, an entry is added to the NetFlow cache. Subsequent packets in the same flow are then switched based on this cache entry, without needing to be matched against the complete set of access lists. Specific performance will vary based on the number and complexity of the access lists.
Related Questions
- What can I do if a child rejects my efforts to interact with him and seems more interested in engaging in self-stimulatory behaviors (e.g., patting self or objects)?
- My child dislikes having his hands touched or manipulated. How can we interact with him in a more acceptable way?
- How does netflow interact with ACL configs?