08-18-2011 09:41 AM
What is the performance impact of having many addresses to match against? If I have an address group that has hundreds of individual addresses in it (some FQDN), others ip netmask, will it have a noticible impact on performance? We are using a 2050 primarily for URL filtering.
08-22-2011 10:12 AM
We do not have any published numbers for such a test case. If possible try to use a subnet to aggregate groups of devices and minimize the number of "look ups" that have to be made. But I think the impact will not be noticable.
Steve Krall
08-22-2011 10:23 AM
In this case, the addresses cannot be represented by subnets or vlans as they are individual nodes across all our subnets and vlans. I noticed in the config that there is a stated limit of 10,000 under config/devices/platform/limits but I also noticed that in the same area there is a limit of 500 addresses in an address-group. I will take this as the practical limit for us.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
