Wireless Networks Thread, ACLs slowing traffic. in Technical; I have some simple ACLs that are applied to each Vlan (except default) that allow a Vlan to communicate to ...
26th February 2009, 09:36 AM #1
ACLs slowing traffic.
I have some simple ACLs that are applied to each Vlan (except default) that allow a Vlan to communicate to the other local Vlans. This blocks all other traffic so the only routes from each vlan have to go through the proxy.
The default gateway of each vlan is the IP (X.X.X.1) which is also allocated to a subnet.
With the ACLs on, on non-default vlan I get random ping rates when pinging the default gateway on each vlan (DG=IP of vlan manually set on core switch): 1ms,1ms,756ms,1222ms,1ms,380ms
ACLs off and its fine: 1ms,1ms,1ms etc .... however this, in theory, gets round the proxy.
Our switch is a 5308xl w/11.09 FW.
CPU util is under 5%
26th February 2009, 09:42 AM #2
26th February 2009, 09:45 AM #3
The Memory is at:
26th February 2009, 09:56 AM #4
What network speed is the proxy working at? 100Mbps or 1000Mbps?
26th February 2009, 10:06 AM #5
Cheers Michael. Its on an auto-1000 port. However I dont have access to the LEA proxy for its connection info at the other end.
Originally Posted by Michael
I'm only trying to ping from a Vlaned Ip addres (X.X.16.7) to its DG (X.X.16.1) and this isnt going via the proxy.
26th February 2009, 10:16 AM #6
If it's LA managed, then maybe you should contact them for more information? Something definitely isn't right as ACLs shouldn't create the problems you're describing.
26th February 2009, 10:25 AM #7
I just dont see how the internet is relevent. If I disconnect the network cable to the proxy, pinging the Vlan DG from a vlan'd IP is still slow... remove acl and its fine. I'm not going via the net.... it just so happens that the acls are for stopping net access without a proxy address.
Originally Posted by Michael
26th February 2009, 10:30 AM #8
Are you using the latest firmware for the switch?
26th February 2009, 10:32 AM #9
Originally Posted by Geoff
26th February 2009, 11:02 AM #10
The current firmware release is E 11.10. Additionally, there's never been a public release of E 11.09
Software Summary - HP ProCurve Networking
26th February 2009, 11:38 AM #11
Cheers Geoff, I'll update at lunch if poss and let you know.
Networking install people* gave us 11.09 last week.
* 10g link to a new server room
EDIT: 3 updated to 11.10, no change
Last edited by Theblacksheep; 26th February 2009 at 12:50 PM.
By jcollings in forum Wireless Networks
Last Post: 20th August 2008, 02:53 PM
By localzuk in forum EduGeek.net Site Problems
Last Post: 6th April 2008, 10:40 PM
By CyberNerd in forum *nix
Last Post: 30th May 2007, 02:50 PM
By ITWombat in forum School ICT Policies
Last Post: 17th February 2007, 05:23 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)