I know Cisco has changed the functionality of the code in that the REAL IP ADDRESS must be used in the firewall's ACL.
I also know why is it done (since the packet flow process has changed).
What I need to know, WHY Cisco changed the packet processing in the first place ?
Was the earlier packet processing not optimal ? or does the new packet flow process is more scalable or reliable ? If yes, How ?
Can anybody explain in detail ?