On Jul 18, 2009, at 2:37 PM, Saku Ytti wrote:
I'm guessing point Roland was making (which he likely would have not
made couple moons ago:)
I've made this point for years, quite publicly, actually - even when
it was unpopular for me to do so in certain quarters.
;>
uRPF for 7600/6500 can only be in one mode for the whole box, all
interfaces. This is a major problem in many cases.
The NetFlow issues render flow telemetry unusable in production
situations.
The ACLs work very differently on this platform due to LOU issues, as
you say. Most folks don't know this, and many end up overflowing
their TCAMs and not realizing it until their boxes fall over, heh. If
one has fairly complex ACLs covering various ranges of ports, ACLs on
7600/6500 quickly become very difficult to manage.
EARL8 (Nexus7k) fixes the IPv6/uRPF and IPv6/ACL issue.
And the NetFlow issues.
-----------------------------------------------------------------------
Roland Dobbins <rdobb...@arbor.net> // <http://www.arbornetworks.com>
Unfortunately, inefficiency scales really well.
-- Kevin Lawton
