Filter
Top Products
2-621
Catalyst 6500 Series Switch Command Reference—Release 8.4
OL-6244-01
Chapter 2 Catalyst 6500 Series Switch and ROM Monitor Commands
set security acl cram
set security acl cram
To enable a test run of the CRAM feature or to enable the CRAM feature, use the set security acl cram
command.
set security acl cram testrun
set security acl cram {run | {auto [nsec]}}
Syntax Description
Defaults The default time for the CRAM timer is 300 seconds.
Command Types Switch command.
Command Modes Privileged.
Usage Guidelines When the CRAM feature is executed, the new mask ordering is computed and the ACL hardware is
programmed accordingly.
The CRAM feature can be run in two modes. To manually execute the CRAM feature, enter the
set security acl cram run command. To automatically execute the CRAM feature whenever the TCAM
is full, enter the set security acl cram auto command.
The CRAM timer runs CRAM at an interval that you specify even if the TCAM is not full.
Note With software release 8.4(1), the CRAM feature is only supported for security ACLs. The CRAM feature
works for QoS ACLs but you cannot specifically run the feature on QoS ACLs.
Examples This example shows how to execute a test run of the CRAM feature:
Console> (enable) set security acl cram testrun
CRAM execution in progress.
CRAM execution complete.
Current ACL storage mask usage 60.0%
ACL storage mask usage if CRAM is run is 41.0%
Console> (enable)
testrun Tests ACL mask usage if CRAM was executed.
run Manually executes the CRAM feature.
auto Automatically executes the CRAM feature at specified interval.
nsec (Optional) CRAM timer; valid values are 60 to 3600 seconds.