Users Guide
You can create up to eight different ACL VLAN groups.
2. Add a description.
ACL-VLAN-GROUP CONFIGURATION (conf-acl-vl-grp) mode
description description
3. Apply an egress IP ACL.
ACL-VLAN-GROUP CONFIGURATION (conf-acl-vl-grp) mode
ip access-group access-list-name out implicit-permit
4. Specify the VLAN members in the ACL VLAN group.
ACL-VLAN-GROUP CONFIGURATION (conf-acl-vl-grp) mode
member vlan vlan-range
5. Verify the currently configured ACL VLAN groups on the switch.
ACL-VLAN-GROUP CONFIGURATION (conf-acl-vl-grp) mode
show acl-vlan-group {group-name | detail}
Dell#show acl-vlan-group detail
Group Name :
TestGroupSeventeenTwenty
Egress IP Acl :
SpecialAccessOnlyExpertsAllowed
Vlan Members :
100,200,300
Group Name :
CustomerNumberIdentificationEleven
Egress IP Acl :
AnyEmployeeCustomerElevenGrantedAccess
Vlan Members :
2-10,99
Group Name :
HostGroup
Egress IP Acl :
Group5
Vlan Members :
1,1000
Dell#
Allocating ACL VLAN CAM
CAM optimization for ACL VLAN groups is not enabled by default. You must allocate blocks of ACL VLAN
CAM to enable ACL CAM optimization by using the
cam-acl-vlan command.
By default, 0 blocks of CAM are allocated for VLAN services in the VLAN Content Aware Processor
(VCAP), an application that modifies VLAN settings before forwarding packets on member interfaces. The
cam-acl-vlan {vlanaclopt | vlaniscsi | vlanopenflow} command allows you to allocate
filter processor (FP) blocks of memory for ACL VLAN services: iSCSI counters, Open Flow, and ACL VLAN
optimization.
You can configure CAM allocation for only two of these VLAN services at a time. You can allocate from 0
to 2 FP blocks for each VLAN service.
Access Control Lists (ACLs)
133