Administrator Guide

Access Control List (ACL) VLAN Groups and
Content Addressable Memory (CAM)
member vlan
Add VLAN members to an ACL VLAN group.
Syntax
member vlan {VLAN-range}
Parameters
VLAN-range
Enter the member VLANs using comma-separated VLAN IDs, a range of VLAN IDs, a
single VLAN ID, or a combination. For example:
Comma-separated: 3, 4, 6
Range: 5-10
Combination: 3, 4, 5-10, 8
Default None
Command Modes CONFIGURATION (conf-acl-vl-grp)
Command History
This guide is platform-specific. For command information about other platforms, see the relevant Dell EMC
Networking OS Command Line Reference Guide.
Version Description
9.8(0.0P5) Introduced on the S4048-ON.
9.8(0.0P2) Introduced on the S3048-ON.
9.3.(0.0) Introduced on the S4810, S4820T, and Z9000 platforms.
Usage Information
At a maximum, there can be only 32 VLAN members in all ACL VLAN groups. A VLAN can belong to only one
group at any given time.
You can create an ACL VLAN group and attach the ACL with the VLAN members. The optimization is applicable
only when you create an ACL VLAN group. If you apply an ACL separately on the VLAN interface, each ACL has a
mapping with the VLAN and increased CAM space utilization occurs.
Attaching an ACL individually to VLAN interfaces is similar to the behavior of ACL-VLAN mapping storage in CAM
prior to the implementation of the ACL VLAN group functionality.
ip access-group
Apply an egress IP ACL to the ACL VLAN group.
Syntax
ip access-group {group name} out implicit-permit
Parameters
group-name
Enter the name of the ACL VLAN group where you want the egress IP ACLs applied, up
to 140 characters.
out Enter the keyword out to apply the ACL to outgoing traffic.
implicit-permit
Enter the keyword implicit-permit to change the default action of the ACL from
implicit-deny to implicit-permit (that is, if the traffic does not match the filters in the ACL,
the traffic is permitted instead of dropped).
7
Access Control List (ACL) VLAN Groups and Content Addressable Memory (CAM) 315