Path: utzoo!utgpu!news-server.csri.toronto.edu!clyde.concordia.ca!uunet!jarthur!usc!cs.utexas.edu!oakhill!guri
From: guri@oakhill.UUCP (Gurvinder Singh Ahluwalia)
Newsgroups: comp.protocols.tcp-ip
Subject: Access Control Lists (ACLs) on cisco
Keywords: cisco, ACLs, authentication, search
Message-ID: <3362@apogee.oakhill.UUCP>
Date: 4 Jun 90 22:14:26 GMT
Organization: Motorola Inc. Austin, Tx
Lines: 18


At what stage is ACL verification done for a session?
[Of course, it is done when a session is established]. 
I wouldn't like to think that every packet has to be 
ACL-verified. Does that sound right? If so, how are
packets decided "go/no-go" across cisco ONCE a session
has been established? How does the cisco relate to 
the concept of a session (for subsequent packets) AFTER 
a session has been authenticated at ACLs? Doing a per
packet ACL-verification sounds like tremendous overhead.

Secondly, what kind of search algorithm is implemented on
ciscos for an optimum and effective ACL search?

Gurvinder Ahluwalia
Phone		: 512/891-3310
Internet	: guri@apogee.sps.mot.com		(PREFERRED)
UUCP		: ...!oakhill!apogee@cs.utexas.edu