[Agenda] [Examples] [Network Partitioning] [Concepts] [Policy] [Process] [Organization] [HW-SW] [Cases studies] [Conclusion] [Resources]
[first slide] Performance issues associated with Network Partitioning (4/4) [previous slide] [next slide]

* Filters size *


* Pratical solutions are available
o Delete comments
o Compress filters
o Simplify the policy
o Reconsider IP addressing, examples :
- group all web servers on a few subnets instead of a long list of IP addresses
- match domains with subnets

* IP filter size will no longer be an issue tomorrow
o Layer 4 filtering on switches, even in routers
o IP filters programmed in an asic do not care about filter length

*********************************************************************
HSC ® © Hervé Schauer Consultants December 1999 - 142, rue de Rivoli - F-75001 Paris - France
Phone: +33 141 409 700 - Fax: +33 141 409 709 - Email: <secretariat@hsc.fr>
- Page 25 -