Support User Manuals

Dell S50V Switch User Manual

Open as PDF

of 1262

Content Addressable Memory | 285

CAM Profiling for ACLs

CAM Profiling for ACLs is supported on platform e

t

only.

Refer to Content Addressable Memory for ExaScale for E-Series ExaScale

e

x

CAM descriptions.

The default CAM profile has 1K Layer 2 ingress ACL entries. If you need more memory for Layer 2

ingress ACLs, select the profile l2-ipv4-inacl.

When budgeting your CAM allocations for ACLs and QoS configurations, remember that ACL and QoS

rules might consume more than one CAM entry depending on complexity. For example, TCP and UDP

rules with port range options might require more than one CAM entry.

The Layer 2 ACL CAM partition has sub-partitions for several types of information. Table 11-4 lists the

sub-partition and the percentage of the Layer 2 ACL CAM partition that FTOS allocates to each by default.

lag-hash-mpls For hashing based on MPLS labels (up to five labels deep). With the default microcode, MPLS

packets are distributed over a port-channel based on the MAC source and destination address. With

the lag-hash-mpls microcode, MPLS packets are distributed across the port-channel based on IP

source and destination address and IP protocol. This is applicable for MPLS packets with up to five

labels. When the IP header is not available after the 5th label, hashing for default load-balance is

based on MPLS labels. For packets with more than 5 labels, hashing is always based on the MAC

source and destination address.

ipv6-extacl Use this microcode when IPv6 is enabled.

acl-group For applications that need 16k egress IPv4 ACLs (for example, the VLAN ACL Group feature,

which permits group VLANs IP egress ACLs.

ipv4-vrf Apply to IPv4 VRF CAM profile.

ipv4-v6-vrf Enable IPv4 and IPv6 CAM profiles for VRF.

l2-switched-pbr E-Series TeraScale only: If you apply a PBR redirect list (using the ip re-direct group command)

to a VLAN interface, Layer 2 traffic is redirected and dropped by default. To avoid having Layer 2

traffic affected by PBR, configure a CAM profile that supports l2-switched-pbr (IPv4-LDA)

microcode. l2-switched-pbr microcode allows only Layer 3 traffic to be redirected while Layer 2

traffic is switched within the VLAN.

Table 11-4. Layer 2 ACL CAM Sub-partition Sizes

Partition % Allocated

Sysflow 6

L2ACL 14

*PVST 50

Table 11-3. Microcode Descriptions

Microcode Description

previous next