Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3808
Views
0
Helpful
1
Replies

ASR vs. ISR access list output

mbroberson1
Level 3
Level 3

‎03-01-2011 06:41 PM - edited ‎03-04-2019 11:36 AM

Is there a difference (in commands for viewing) with how an ASR router shows the hits on an ACL compred to an ISR such as 3725 or other ISR model?

Have a senario where an ASR is not showing the hits on an ACL, but when labbed up using an ISR model is shows hits on the ACL.

Using the commands "sh ip access-list xxx" and "sh access-list" on both the ASR and ISR to look for hits. The ISR shows hits, but not the ASR.

Regards

Labels:
0 Helpful
1 Reply 1

Mani Ganesan
Level 4
Level 4

‎03-09-2011 07:01 PM

The reason is ASR router is a hardware switching based platform compared to other routers

like 7200,7300, 3800 etc..which are software switching based platforms.

For hardware switched packets, ACL counters will not report any value. If we need to see the matches or

the actual packet details, you may want to put in a 'log' keyword and force the packets to hit the CPU.

we have to be careful if we have huge subnets permitted or denied in the ACL.

HTH,

Mani

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card