EasyManua.ls Logo

Cisco Catalyst 4500 Series - Page 1415

Cisco Catalyst 4500 Series
1814 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
54-9
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
OL_28731-01
Chapter 54 Configuring Network Security with ACLs
Selecting Mode of Capturing Control Packets
This example shows how to configure a Catalyst 4500 series switch to capture control packets only on
VLANs where features are enabled:
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# access-list hardware capture mode vlan
Switch(config)# end
Switch#
This example shows how to configure a Catalyst 4500 series switch to capture control packets globally
across all VLANs (using static ACL, the default mode):
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# access-list hardware capture mode global
Switch(config)# end
Switch#
When the capture mode changes from global to VLAN, the static CAM entries are invalidated. This
creates a window during which control packets may pass through a Catalyst 4500 series switch without
being intercepted to the CPU. This temporary situation is restored when the new per-VLAN capture
entries are programmed in the hardware.
When you configure per-VLAN capture mode, you should examine the show commands for individual
features to verify the appropriate behavior. In per-VLAN capture mode, the invalidated static CAM
entries will appear as inactive in the output of the show platform hardware acl input entries static
command. For example, the hit count for inactive entries will remain frozen because those entries are
invalidated and applied per-VLAN where the feature is enabled. The following table lists the CamIndex
entry types and the Cam regions.
CamIndex Entry Type Active Hit Count CamRegion
50 PermitSharedStp Y 3344 ControlPktsTwo
51 PermitLoopbackTest Y 0 ControlPktsTwo
52 PermitProtTunnel Y 0 ControlPktsTwo
53 CaptureCgmp N 440 ControlPktsTwo
55 CaptureIgmp N 0 ControlPktsTwo
0 IgmpPimv1ToCpu N N/A 0 (estimate)
0 IgmpGeneralQueryToCpu N N/A 0 (estimate)
2 IgmpToCpu N N/A 0 (estimate)
3 IgmpPimv2ToCpu N N/A 0 (estimate)
2048 Ipv6MldGeneralQueryCopyToCpu N N/A 0 (estimate)
2050 Ipv6MldGeneralQueryCopyToCpu N N/A 0 (estimate)
2052 Ipv6MldQueryOrReportV1ToCpu N N/A 0 (estimate)
2054 Ipv6MldQueryOrReportV1ToCpu N N/A 0 (estimate)
2056 Ipv6MldReportV2ToCpu N N/A 0 (estimate)
2058 Ipv6MldReportV2ToCpu N N/A 0 (estimate)
2060 Ipv6MldDoneToCpu N N/A 0 (estimate)
2064 Ipv6MldPimv2ToCpu N N/A 0 (estimate)

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Software Configuration Guide
Software Configuration Guide2086 pages
Preview: Configuration Guide
Configuration Guide1610 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Message Guide
Message Guide146 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages
Preview: Datasheet
Datasheet11 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Overview
Overview46 pages

Related product manuals