flow setup done before ACLs?

  • 0
  • 2
  • Question
  • Updated 1 year ago
  • Answered
Hi,

S-Series hardware - is the flow setup within the system ASIC done before handling ACLs?
Photo of mp2014

mp2014

  • 1,198 Points 1k badge 2x thumb

Posted 4 years ago

  • 0
  • 2
Photo of ralf.hildebrandt

ralf.hildebrandt

  • 62 Points
From what I've ssen, the ACLs are called last, meaning you can't use an ACL to prevent a flow from being set-up :(
Photo of Daniel Coughlin

Daniel Coughlin, Employee

  • 2,732 Points 2k badge 2x thumb
Flow setup is done by the forwarding engine sending unknown traffic to the cpu.  if there is an ACL that denies the connection the flow should not be allowed.