cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
50
Views
0
Helpful
1
Replies

Cisco 3750 VLAN Latency/ACL!!!!

I'm experiencing an issue on a single VLAN (Vlan80) where if i have any type of deny before 'permit ip any any' the latency jumps from 1ms to ~150ms for a ping and the network goes to a crawl.

interface Vlan80 description Work Network 172.16.80.0/20 ip address 172.16.80.1 255.255.240.0 ip access-group Work in end

For example the first scenario works no problem as it's allowing access to all.

(Scenario 1) Extended IP access list Work 10 permit ip any any

In the second scenario no matter what it being denied, the network goes to a crawl. Even if the deny is for an IP which doesn't exist on the network.

(Scenario 2) Extended IP access list Work 5 deny ip any host 10.0.10.1 10 permit ip any any

I'm completely out of ideas. Any suggestions are welcome.

1 REPLY 1
Highlighted
Cisco Employee

Re: Cisco 3750 VLAN Latency/ACL!!!!

Might want to see if your CPU is being pegged.

sh proc cpu sort | ex 0.00

show controller cpu-interface   (looking to see if we have stuff built up in sw fowarding queue)

These are two end points pinging each other having the latency? 

 

Kirk...

 

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards
This widget could not be displayed.