Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
997
Views
0
Helpful
1
Replies

limitations to ACL list length

walter baziuk
Level 5
Level 5

‎09-21-2011 08:30 PM - edited ‎03-11-2019 02:28 PM

Hello

I came across this site. I wanted to produce a better incoming ACL at  home and work to prevent known bad sites

Here is their list of the Top 10 Global Spammers is out. The biggest  surprise on the list is Korea, as it takes over the number one global  spammer spot from China. With the improved high speed internet  infrastructure in Korea and ease of network access, who knew Korea would  be on the rise.

Here is the complete Global Spanner Top Ten List for the first quarter

http://www.countryipblocks.net/country-blocks/cisco-acl-format/

Korea

China

India

Russia

Turkey

Viet Nam

Ukraine

Brazil

Venezuela

Pakistan

When I sort the list, it is over 16k lines of ACL!

My question relates to what performance limits I would find.

Can I actually put that many lines in an ACL?

Will the router choke and do any other work

I have attached the sorted ACL list for you to review

Can you let me know if any of the following router lines will accept a  list that large and still run acceptably?

2811

2911

3925

2945

Labels:
114143-ip address to block-ACL.txt.zip
0 Helpful
1 Reply 1

Kureli Sankar
Cisco Employee
Cisco Employee

‎09-24-2011 06:54 PM

I remember reading 2811 with 4000 ACE takes ~60 MB of DRAM. Memory is the only limit.

Pls. reach out to your local Cisco account team and they may be able to get you the numbers that you are looking for.

-KS

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card