Understanding Access Control List Logging

Logging-enabled Access Control Lists (ACLs) provide insight into traffic as it traverses the network or is dropped by network devices. Unfortunately, ACL logging can be CPU intensive and can negatively affect other functions of the network device. There are two primary factors that contribute to the CPU load increase from ACL logging: process switching of packets that match log-enabled Access Control Entries (ACEs) and the generation and transmission of log messages. Using the configuration commands detailed in this paper, administrators can strike a balance between traffic visibility and the corresponding impact on device CPU load.