Users Guide
• If you do not attach an ACL to any of the ports, the FP entries are deleted. Similarly, when the same ACL is applied on a set
of ports, only one set of entries is installed in the FP, thereby effectively saving CAM space. The optimization is enabled only
if you specify the optimized option with the ip access-group command. This option is not valid for VLAN and LAG
interfaces.
NOTE: Port-based CAM Optimization is supported only on LM/LP front panel interfaces and is not available on PeGigE
interfaces.
Configuring an ACL VLAN Group
Configure an ACL VLAN group to optimize ACL CAM use.
NOTE
: After you configure an ACL VLAN group, you must allocate CAM memory for ACL VLAN services to enable CAM
optimization. See Allocating ACL VLAN CAM for more information.
1 Create an ACL VLAN group
CONFIGURATION mode
acl-vlan-group group-name
You can create up to eight different ACL VLAN groups.
2 Add a description.
ACL-VLAN-GROUP CONFIGURATION (conf-acl-vl-grp) mode
description description
3 Apply an egress IP ACL.
ACL-VLAN-GROUP CONFIGURATION (conf-acl-vl-grp) mode
ip access-group access-list-name out implicit-permit
4 Specify the VLAN members in the ACL VLAN group.
ACL-VLAN-GROUP CONFIGURATION (conf-acl-vl-grp) mode
member vlan vlan-range
5 Verify the currently configured ACL VLAN groups on the switch.
ACL-VLAN-GROUP CONFIGURATION (conf-acl-vl-grp) mode
show acl-vlan-group {group-name | detail}
Dell#show acl-vlan-group detail
Group Name :
TestGroupSeventeenTwenty
Egress IP Acl :
SpecialAccessOnlyExpertsAllowed
Vlan Members :
100,200,300
Group Name :
CustomerNumberIdentificationEleven
Egress IP Acl :
AnyEmployeeCustomerElevenGrantedAccess
Vlan Members :
2-10,99
Group Name :
HostGroup
Egress IP Acl :
Group5
Vlan Members :
Access Control Lists (ACLs) 120