Acl statistics, Acls to control multicast features – Brocade Communications Systems Brocade ICX 6650 6650 User Manual
Page 138
118
Brocade ICX 6650 Security Configuration Guide
53-1002601-01
ACL statistics
NOTE
Brocade devices support ACL-based rate limiting for inbound traffic. This feature is not supported for
outbound traffic.
For more details, including configuration procedures, refer to
Chapter 5, “ACL-based Rate Limiting”
ACL statistics
ACL statistics is a mechanism for counting the number of packets and the number of bytes per
packet to which ACL filters are applied.
To see the configuration procedures for ACL statistics, refer to
NOTE
The terms ACL statistics and ACL counting are used interchangeably in this guide and mean the
same thing.
ACLs to control multicast features
You can use ACLs to control the following multicast features:
•
Limit the number of multicast groups that are covered by a static rendezvous point (RP)
•
Control which multicast groups for which candidate RPs sends advertisement messages to
bootstrap routers
•
Identify which multicast group packets will be forwarded or blocked on an interface
For configuration procedures, refer to Brocade ICX 6650 IP Multicast Configuration Guide.
Enabling and viewing hardware usage statistics for an ACL
The number of configured ACL rules can affect the rate at which hardware resources are used. You
can use the show access-list hw-usage on command to enable hardware usage statistics, followed
by the show access-list access-list-id command to determine the hardware usage for an ACL. To
gain more hardware resources, you can modify the ACL rules so that it uses less hardware
resource.
NOTE
The hardware usage statistics will only be shown for IPv4 ACLs.
To enable and view hardware usage statistics, enter commands such as the following:
Brocade# show access-list hw-usage on
Brocade# show access-list 100
Extended IP access list 100 (hw usage : 2)
deny ip any any (hw usage : 1
The first command enables hardware usage statistics, and the second command displays the
hardware usage for IP access list 100.