Cat3550 w/ VACL impedes throughput by 90%

Hello,

I have a Cat3550-24 running 12.2(44)SE6 IPSvcs-k9 IOS.  I have several L2 interfaces in the same VLAN all tied together with an SVI - all devices reside in the same subnet.  CEF is enabled but does not appear to be working properly - at least for some traffic.  

The issue is that when the VACLs are enabled via the "vlan filter" command, the throughput as checked using speedtest.net drops from 85Mbps to 4-8Mbps.  The CPU during this time does increase but never above 35%.  Also, when checking the stats for the VLAN interface, I do not see any drops on ingress or egress.  As soon as I disable the VACLS, throughput jumps right back to 85Mbps.

In reviewing the c3550 datasheet, the model -24 can forward 4.4Gbps and 6.6Mpps @64B packet size.  These numbers far excel anything close to 85Mbps even if the packet size is 64B.  In addition, everything I read clearly states that VACLs are done in hardware so given all this, the 3550 should have no issues so I'm left scratching my head on this one.

Any and all ideas are welcome - and I'm sure you may want some cfg and or captures - let me know what and I will post  straight away.

Thanks in advance for your assistance.

Sign In or Register to comment.