Why not named access list?

safe · ‎08-27-2004

Why named access list not generally used in configuration instead of number ACL

Thanks

SAM

smif101 · ‎08-27-2004

Well a numbered access-list was used for such a long time that it is still generally used. The named access list didn't come out until 11.3

safe · ‎08-27-2004

Thks for your quick reply smif but is only reason .Not any techanical reason why number ACL leads over number ACL.

Thanks

SAM

glen.grant · ‎08-30-2004

As far as i am concerned named ACL's should be used ,specially in the new codes where you can add and remove lines and put them anywhere you want without having to take the whole ACL off the router to modify. Much more flexibility with named ACL's specially in the 12.2 T trains and above .

vincent-n · ‎08-31-2004

I don't think that you can add lines anywhere you want in a named ACL. I know that you can remove lines anywhere but when it comes to adding, the line added will automatically goes to the bottom (just before the hidden implicit deny all) so ... you'll have to remove the entire ACL, make the addition and then re-add the entire ACL.

thisisshanky · ‎08-31-2004

Named ACLs are definitely a plus when you require a lot of ACL configuration, especially for qos traffic definitions. Imagine a 3000 site hub and spoke network, you would run out of ACL numbers (though there is an expanded range of Numbered ACLs in the 2000 range), you can use the name of the remote site itself rather than using a number to define the traffic for a particular remote site. I prefer using named ACLs in such cases.

With named ACLs, the configuration will look bigger due the extra line added for the name definition and protocol/traffic definition.

People have been so used to using the numbered ACLs that they hardly want to move to a named ACL configuration.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus