Manualshelf

Technical data

ManualsBrandsApplication Systems ManualsComputer equipmentADX-64
51525354555657585960
46 ServerIron ADX NAT64 Configuration Guide
53-1002288-02
Configuring numbered and named ACLs
4
DRAFT: BROCADE CONFIDENTIAL
Make sure you specify a maximum that is equal to or greater than the largest number of entries
required by an ACL applied to any of the ports managed by the same IPC or IGC. For example, if port
1 will have an ACL that requires 250 entries, make sure 250 is the lowest number of entries you
specify for any port on IPC 1 (the IPC that manages ports 1 – 24).
To specify the maximum number of CAM entries the device can allocate for rule-based ACLs, enter
commands such as the following.
ServerIronADX(config)# interface ethernet 1/1
ServerIronADX(config-if-1/1)# ip access-group max-l4-cam 50
This command allows up to 50 ACL entries on each port managed by the IPC or IGC that manages
port 1/1.
Syntax: [no] ip access-group max-l4-cam <num>
The <num> parameter specifies the number of CAM entries and can be from 10 – 2048. The
default depends on the device.
The command is valid at the interface configuration level. However, the device applies the change
to all ports managed by the same IPC or IGC. Regardless of the port number, when you save the
change to the startup-config file, the CLI applies the command to the first port managed by the IPC
or IGC. For example, if you enter the command on port 3, when you save the configuration change,
the CLI enters the ip access-group max-l4-cam command under port 1 in the startup-config file.
NOTE
If you enter the command on more than one port managed by the same IPC or IGC, the CLI uses the
value entered with the most-recent command for all the ports on the ICP or IGC.
Configuring numbered and named ACLs
When you configure ACLs, you can refer to the ACL by a numeric ID or by an alphanumeric name.
The commands to configure numbered ACLs are different from the commands for named ACLs:
If you refer to the ACL by a numeric ID, you can use 1 – 99 for a standard ACL or 100 – 199 for
an extended ACL. This document refers to this ACL as numbered ACL.
If you refer to the ACL by a name, you specify whether the ACL is a standard ACL or an extended
ACL, then specify the name. This document refers to this ACL type as named ACL.
You can configure up to 100 standard numbered IP ACLs and 100 extended numbered IP ACLs. You
also can configure up to 100 standard named ACLs and 100 extended named ACLs by number.
Regardless of how many ACLs you have, the device can have a maximum of 1024 ACL entries,
associated with the ACLs in any combination. (On ServerIron Chassis devices with Management 2
or Management 3 modules, the maximum is 2048.)
Configuring standard numbered ACLs
This section describes how to configure standard numbered ACLs with numeric IDs:
For configuration information on named ACLs, refer to “Configuring standard or extended
named ACLs” on page 54.
For configuration information on extended ACLs, refer to “Configuring extended numbered
ACLs on page 48.