C
HAPTER
13
| Security Measures
Access Control Lists
– 323 –
COMMAND USAGE
The following restrictions apply to ACLs:
◆ The maximum number of ACLs is 64.
◆ The maximum number of rules per system is 512 rules.
◆ An ACL can have up to 32 rules. However, due to resource restrictions,
the average number of rules bound to the ports should not exceed 20.
SHOWING TCAM
UTILIZATION
Use the Security > ACL (Configure ACL - Show TCAM) page to show
utilization parameters for TCAM (Ternary Content Addressable Memory),
including the number policy control entries in use, the number of free
entries, and the overall percentage of TCAM in use.
CLI REFERENCES
◆ "show access-list tcam-utilization" on page 539
COMMAND USAGE
Policy control entries (PCEs) are used by various system functions which
rely on rule-based searches, including Access Control Lists (ACLs), IP
Source Guard filter rules, Quality of Service (QoS) processes, or traps.
For example, when binding an ACL to a port, each rule in an ACL will use
two PCEs; and when setting an IP Source Guard filter rule for a port, the
system will also use two PCEs.
PARAMETERS
These parameters are displayed in the web interface:
◆ Total Policy Control Entries – The number policy control entries in
use.
◆ Free Policy Control Entries – The number of policy control entries
available for use.
◆ Entries Used by System – The number of policy control entries used
by the operating system.
◆ Entries Used by User – The number of policy control entries used by
configuration settings, such as access control lists.
◆ TCAM Utilization – The overall percentage of TCAM in use.
To Next Page
Loading...
