Director
Be aware of these similar pairs of commands:
•filter discard clears the pending filter list, while filter clear clears the CAM
•filter list shows the pending filter list, while filter running shows the CAM
•filter commit copies the pending filter list to the CAM, while filter sync copies the CAM to the pending filter list
Pending filter list |
|
| CAM | |
Address | Filter | filter commit | Address | Filter |
1 |
| 1 |
| |
|
|
| ||
2 |
| filter sync | 2 |
|
|
|
|
| |
filter discard to clear |
| filter clear to clear | ||
filter list to view contents |
| filter running to view contents | ||
Figure 45: Pairs of similar filter commands
Filter capacity
The capacity of Director's filtering function is roughly 1,000 filter elements per chassis, where a filter element is a port list or a filter parameter. For example, filter add
1.in_ports=n1.1-n1.7
2.ip_proto=6
3.vlan=100
4.redir_ports=m.1-m.5,m.10
Counting filter elements is only a rough gauge of filter utilization, and is not recommended. Instead, examine the pending filter list or CAM contents with filter list and filter running commands. The filter resource utilization is displayed after the filter list.
Warning!______________________________________________________________________________________________
User interactions
When multiple users are logged into Director at the same time, each user has a separate pending filter list in which to create filter configurations. However, there is only one CAM, so any time a user executes a commit or filter commit command, the CAM takes on the filter configuration from that user's pending filter list, and those become the active filters on Director. For this reason, it is a good idea to use a filter sync command to get the current contents of the CAM before adding or modifying filters; that way, the filters that you don't touch remain unaffected after you commit.
________________________________________________________________________________________________________
39