Manualshelf

Reference Guide

ManualsBrandsDell ManualsComputer equipmentForce10 Z9000
81828384858687888990
NOTE: Hot lock ACLs are supported for Ingress ACLs only.
CAM Usage
The following section describes CAM allocation and CAM optimization.
User Configurable CAM Allocation
CAM Optimization
User Configurable CAM Allocation
User configurable CAM allocations are supported on the Z9000 platform.
Allocate space for IPV6 ACLs by using the cam-acl command in CONFIGURATION mode.
The CAM space is allotted in filter processor (FP) blocks. The total space allocated must equal 13 FP blocks. (There are
16 FP blocks, but System Flow requires three blocks that cannot be reallocated.)
Enter the ipv6acl allocation as a factor of 2 (2, 4, 6, 8, 10). All other profile allocations can use either even or odd
numbered ranges.
Save the new CAM settings to the startup-config (use write-mem or copy run start) then reload the system for
the new settings to take effect.
CAM Optimization
The CAM optimization command is supported on the Z9000 platform.
When you enable this command, if a policy map containing classification rules (ACL and/or dscp/ ip-precedence rules)
is applied to more than one physical interface on the same port-pipe, only a single copy of the policy is written (only one
FP entry is used). When you disable this command, the system behaves as described in this chapter.
Test CAM Usage
The test cam-usage command is supported on the Z9000 platforms.
This command applies to both IPv4 and IPv6 CAM profiles, but is best used when verifying QoS optimization for IPv6
ACLs.
To determine whether sufficient ACL CAM space is available to enable a service-policy, use this command. To verify the
actual CAM space required, create a class map with all the required ACL rules, then execute the test cam-usage
command in Privilege mode. The following example shows the output when executing this command. The status column
indicates whether you can enable the policy.
Example of the
test cam-usage
Command
FTOS#test cam-usage service-policy input TestPolicy linecard all
Linecard|Portpipe|CAM Partition|Available CAM|Estimated CAM per Port|Status
--------------------------------------------------------------------------
2| 1| IPv4Flow| 232| 0|Allowed
2| 1| IPv6Flow| 0| 0|Allowed
4| 0| IPv4Flow| 232| 0|Allowed
4| 0| IPv6Flow| 0| 0|Allowed
FTOS#
Implementing ACLs on FTOS
You can assign one IP ACL per interface with FTOS. If you do not assign an IP ACL to an interface, it is not used by the
software in any other capacity.
The number of entries allowed per ACL is hardware-dependent. For detailed specification on entries allowed per ACL,
refer to your line card documentation.
84