Deployment Guide

Conguring ACL VLAN Groups and Conguring FP

Blocks for VLAN Parameters

This section describes how to optimize the utilization of CAM blocks by conguring ACL VLAN groups that you can attach to VLAN

interfaces and also how to congure FP blocks for dierent VLAN operations.

Conguring ACL VLAN Groups

You can create an ACL VLAN group and attach the ACL with the VLAN members. The optimization is applicable only when you create an

ACL VLAN group. If you apply an ACL separately on the VLAN interface, each ACL has a mapping with the VLAN and increases the CAM

space utilization. Attaching an ACL individually to VLAN interfaces is similar to the behavior of ACL-VLAN mapping storage in CAM prior to

the implementation of the ACL VLAN group functionality.

description description

3 Apply an egress IP ACL to the ACL VLAN group.

CONFIGURATION (conf-acl-vl-grp) mode

ip access-group {group name} out implicit-permit

4 Add VLAN member(s) to an ACL VLAN group.

CONFIGURATION (conf-acl-vl-grp) mode

member vlan {VLAN-range}

5 Display all the ACL VLAN groups or display a specic ACL VLAN group, identied by name.

CONFIGURATION (conf-acl-vl-grp) mode

show acl-vlan-group {group name | detail}

100,200,300

Group Name :

CustomerNumberIdentificationEleven

Egress IP Acl :

AnyEmployeeCustomerElevenGrantedAccess

Vlan Members :

2-10,99