An argument for simple embedded ACL optimisation
Davies, John N
- Publisher: Glyndŵr University Research Online
Optimisation | ACLs | Packet latency | Access Control Lists | Computer Engineering
The difficulty of efficiently reordering the rules in an Access Control List is considered and the essential optimisation problem formulated. The complexity of exact and sophisticated heuristics is noted along with their unsuitability for real time implementation embedded in the hardware of the network device. A simple alternative is proposed, in which a very limited rule reordering is considered following the processing of each packet. Simulation results are given from a range of traffic types. The method is shown to achieve savings that make its use worthwhile for lists longer than a given number of rules. This number is dependent on traffic characteristics but generally around 25 for typical network conditions.
views in local repository
downloads in local repository
The information is available from the following content providers: