Service Manual
8
Access Control List (ACL) VLAN Groups and
Content Addressable Memory (CAM)
This chapter describes the access control list (ACL) virtual local area network (VLAN) group and content addressable memory
(CAM) enhancements.
member vlan
Add VLAN members to an ACL VLAN group.
Syntax
member vlan {VLAN-range}
Parameters
VLAN-range
Enter the member VLANs using comma-separated VLAN IDs, a range of VLAN IDs,
a single VLAN ID, or a combination. For example:
Comma-separated: 3, 4, 6
Range: 5-10
Combination: 3, 4, 5-10, 8
Default None
Command Modes CONFIGURATION (conf-acl-vl-grp)
Command History
Version 9.3.(0.0) Introduced on the S4810, S4820T, and Z9000 platforms.
Usage Information At a maximum, there can be only 32 VLAN members in all ACL VLAN groups. A VLAN can belong to only
one group at any given time.
You can create an ACL VLAN group and attach the ACL with the VLAN members. The optimization is
applicable only when you create an ACL VLAN group. If you apply an ACL separately on the VLAN interface,
each ACL has a mapping with the VLAN and increased CAM space utilization occurs.
Attaching an ACL individually to VLAN interfaces is similar to the behavior of ACL-VLAN mapping storage in
CAM prior to the implementation of the ACL VLAN group functionality.
ip access-group
Apply an egress IP ACL to the ACL VLAN group.
Syntax
ip access-group {group name} out implicit-permit
Access Control List (ACL) VLAN Groups and Content Addressable Memory (CAM)
311