In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
» Openaccess proceedings » Eighth International Network Conference (INC 2010)
 | Eighth International Network Conference (INC 2010) |
Title: Improving the Performance of IP Filtering using a Hybrid Approach to ACLs
Author(s): John N Davies, Vic Grout, Rich Picking
Reference: pp85-95
Keywords: Access Control Lists, IP filtering, Iptables, Firewall Filtering, ACL Optimization
Abstract: With the use of policy based security being implemented in Access Control Lists (ACLs) at the distribution layer and the increased speed of interfaces the delays introduced into networks by routers are becoming significant. This paper investigates the size of the problem that is encountered in a typical network installation. Additionally since specialized hardware is not always available a hybrid approach to optimizing the order of rules in an ACL is put forward. This approach is based on the off-line pre-processing of lists to enable them to be re-ordered dynamically based on the type of traffic being processed by the router.
Download count: 1332
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.