Term heading Description heading
Command Modes ACL-VLAN-GROUP CONFIGURATION
Command History Version Description
9.5(0.1) Introduced on the Z9500.
9.3(0.0) Introduced on the S4810, S4820T, and Z9000.
Usage Information You can configure up to eight different ACL VLAN groups at a time on the switch.
When you configure an ACL VLAN group, you enter ACL VLAN Group configuration
mode.
To avoid the problem of excessive consumption of CAM area, you can configure
ACL VLAN groups that combines all the VLANs that are applied with the same ACL
in a single group. A unique identifier for each of ACL attached to the VLAN is used
as a handle or locator in the CAM area instead of the VLAN id. This method of
processing significantly reduces the number of entries in the CAM area and saves
memory space in CAM.
You can create an ACL VLAN group and attach the ACL with the VLAN members.
Optimization is applicable only when you create an ACL VLAN group. If you apply
an ACL separately on the VLAN interface, each ACL maps with the VLAN and
increased CAM space utilization occurs.
Attaching an ACL individually to VLAN interfaces is similar to the behavior of ACL-
VLAN mapping storage in CAM prior to the implementation of the ACL VLAN group
functionality.
cam-acl-vlanConfigure the number of flow processor (FP) blocks of CAM allocated to ACL VLAN services on the
switch.
Syntax cam-acl-vlan {default | vlanopenflow <0-2> | vlaniscsi <0-2> |
vlanaclopt <0-2>}
Parameters default Reset the number of FP blocks to the default value. By
default, 0 FP blocks of CAM are allocated for ACL VLAN
services, such as iSCSI counters, Open Flow, and ACL VLAN
optimization.
NOTE: CAM optimization for ACL VLAN groups is not
enabled by default. You must allocate FP blocks of ACL
VLAN CAM to enable ACL CAM optimization.
vlanopenflow
<0-2>
Allocate a number FP blocks of CAM for VLAN Open Flow
operations.
vlaniscsi <0-2> Allocate a number FP blocks of CAM for VLAN iSCSI
counters.
264 Access Control Lists (ACL)