max ACLs entries on router support ipv4 & ipv6

chinpohpang851 · ‎01-12-2016

I saw the question on the web asking how many ACLs can be created and applied to router(2 interfaces) that routing both IPv4 & IPv6 traffic. I searched the Internet but found no info about it. The given answer is 8 but I don't know why. Please help.

Mark Malone · ‎01-12-2016

Hey

You can have as many as the acl allows if its standard 1-99 extended 100-199 etc but what you have to remember is the more acls you apply the more cpu you will use and on lower end routers like 800 series apply multiple acls one after another applied under the same issue will probably cause an issue , the likes of a 6500 would be able to handle it better , so there is no real definitive answer as it varies from platform to platform and also what may be currently running on your router and using up processes, from experience I have never see more that 6 applied to an interface and that was due to an irregular setup but other users may have seen more

Peter Paluch · ‎01-12-2016

Hello,

In addition to Mark's response, the question you are referring to looks like a test item focusing on how ACLs can be applied to individual interfaces.

On a given interface for a given direction and a given protocol, exactly one ACL can be applied. So with 2 interfaces, you get:

Interface 1: IPv4 ACL in, IPv4 ACL out, IPv6 ACL in, IPv6 ACL out
Interface 2: IPv4 ACL in, IPv4 ACL out, IPv6 ACL in, IPv6 ACL out

Hence the answer of 8.

Best regards,
Peter