Manualshelf

CLI Guide

ManualsBrandsDell ManualsAccess PlatformsNetworking S3100 Series
371372373374375376377378379380
You can create an ACL VLAN group and attach the ACL with the VLAN members.
The optimization is applicable only when you create an ACL VLAN group. If you
apply an ACL separately on the VLAN interface, each ACL has a mapping with the
VLAN and increased CAM space utilization occurs.
Attaching an ACL individually to VLAN interfaces is similar to the behavior of ACL-
VLAN mapping storage in CAM prior to the implementation of the ACL VLAN group
functionality.
ip access-group
Apply an egress IP ACL to the ACL VLAN group.
Syntax
ip access-group {group name} out implicit-permit
Parameters
group-name Enter the name of the ACL VLAN group where you want the
egress IP ACLs applied, up to 140 characters.
out Enter the keyword out to apply the ACL to outgoing traffic.
implicit-permit
Enter the keyword implicit-permit to change the
default action of the ACL from implicit-deny to implicit-
permit (that is, if the traffic does not match the filters in the
ACL, the traffic is permitted instead of dropped).
Default None
Command Modes CONFIGURATION (conf-acl-vl-grp)
Command History
This guide is platform-specific. For command information about other platforms,
see the relevant Dell Networking OS Command Line Reference Guide.
Version Description
9.8(2.0) Introduced on the S3100 series.
9.8(0.0P5) Introduced on the S4048-ON.
9.8(0.0P2) Introduced on the S3048-ON.
9.3.(0.0) Introduced on the S4810, S4820T, and Z9000 platforms.
Usage Information You can apply only an egress IP ACL on an ACL VLAN group.
Access Control List (ACL) VLAN Groups and Content Addressable Memory (CAM)
377