FAQs
| Q1: | I have an ACL with an unusually large amount of entries in it. How many entries should I have in one ACL? |
| A1: | The number of entries that you can define in a single ACL is limited only by the amount of available memory of your device. Other factors that are a result of large ACLs include the processing time used to send a packet, the amount of time that your device takes to load its configuration at bootup or reboot, the ability of someone to comprehend the ACL, and the troubleshooting of a large ACL. |
| Q2: | I want to define an ACL that denies access to a host but allows access to the rest of the subnet. Does it matter what order I place the entries in the ACL? |
| A2: | Yes, ACLs use the first match to determine the disposition of a packet. If you ... |
Get CCIE Practical Studies: Security (CCIE Self-Study) now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
