Improving the Performance of IP Filtering using a Hybrid Approach to ACLs

Davies, John N, Grout, Vic and Picking, Rich (2010) Improving the Performance of IP Filtering using a Hybrid Approach to ACLs. In: UNSPECIFIED.


Download (664kB) | Preview


With the use of policy based security being implemented in Access Control Lists (ACLs) at the distribution layer and the increased speed of interfaces the delays introduced into networks by routers are becoming significant. This paper investigates the size of the problem that is encountered in a typical network installation. Additionally since specialized hardware is not always available a hybrid approach to optimizing the order of rules in an ACL is put forward. This approach is based on the off-line pre-processing of lists to enable them to be reordered dynamically based on the type of traffic being processed by the router.

Item Type: Conference or Workshop Item
Additional Information: This paper was presented at the Eighth International Network Conference INC 2010, July 6-8 2010, which was held in Heidelberg, Germany. It was published by the University of Plymouth and the symposium proceedings will be available at
Keywords: IP packet filtering, access control lists, ACLs, optimization
Divisions: ?? GlyndwrUniversity ??
Depositing User: ULCC Admin
Date Deposited: 05 Oct 2011 09:13
Last Modified: 11 Dec 2017 20:06

Actions (login required)

Edit Item Edit Item