Acl-based rate limiting, Using acls to control multicast features – Brocade TurboIron 24X Series Configuration Guide User Manual

Page 959

Advertising
background image

Brocade TurboIron 24X Series Configuration Guide

925

53-1003053-01

ACL-based rate limiting

To configure an ACL that matches on a packet with DSCP value 29, enter a command such as the
following.

TurboIron(config)#access-list 112 permit ip 10.1.1.0 0.0.0.255 10.2.2.x 0.0.0.255

dscp-matching 29

The complete CLI syntax for this feature is shown in

“Configuring extended numbered ACLs”

on

page 905 and

“Configuring extended named ACLs”

on page 911. The following shows the syntax

specific to this feature.

Syntax: ...dscp-matching <0 – 63>

NOTE

For complete syntax information, refer to

“Extended numbered ACL syntax”

on page 906.

ACL-based rate limiting

ACL-based rate limiting provides the facility to limit the rate for IP traffic that matches the permit
conditions in extended IP ACLs. This feature is available in the Layer 2 and Layer 3 code.

For more details, including configuration procedures, refer to

Chapter 29, “Configuring Traffic

Policies”

.

Using ACLs to control multicast features

You can use ACLs to control the following multicast features:

Limit the number of multicast groups that are covered by a static rendezvous point (RP)

Control which multicast groups for which candidate RPs sends advertisement messages to
bootstrap routers

Identify which multicast group packets will be forwarded or blocked on an interface

For configuration procedures, refer to

Chapter 26, “Configuring IP Multicast Protocols”

.

Enabling and viewing hardware usage statistics for an ACL

The number of configured ACL rules can affect the rate at which hardware resources are used. You
can use the show access-list hw-usage on command to enable hardware usage statistics, followed
by the show access-list access-list-id command to determine the hardware usage for an ACL. To
gain more hardware resources, you can modify the ACL rules so that it uses less hardware
resource.

NOTES:

When an ACL is not attached to any port, the show access-list command displays an estimate
of the current TCAM usage, assuming it is attached to one port and one VLAN. Once the ACL is
attached to a port, the show access-list access-list-id) command shows the exact current TCAM
usage by the ACL.

Advertising
Popular Brands
Popular manuals