Cli command, Optimizing switch performance, Overview – Avaya 580 User Manual

Page 438: Purpose, Terminology, Optimizing switch performance -18, Overview -18

background image

13-18

User Guide for the Avaya P580 and P882 Multiservice Switches, v6.1

Chapter 13

CLI Command

To set the interval for ACL logging, use the following CLI command:

(configure)#

ip acl-logging logging-interval

Optimizing Switch Performance

Overview

* Note: This section provides a detailed discussion of the architecture

and functionality of the Avaya Multiservice switch with respect
to ACLs. This material goes well beyond standard
configuration issues by addressing system performance,
memory management, and optimization.

Purpose

The purpose of this section is to explain the configuration options when
using Access Lists. Deploying an Access List affects the use of hardware
and software resources and may impact system performance. An Access
Control List (ACL), also referred to as an Access List, is a tool for
associating rules (permit, deny, prioritize for Quality of Service (QoS)) with
identified IP traffic through the switch. This section will show how to
monitor performance and adjust configurations to optimize performance.

Terminology

The following terms are used extensively in this section:

5-tuple: The five elements that fully describe the criteria of the
ACL rule: Source IP/ Mask, Destination IP/Mask, Protocol, Source
Port, Destination Port. The masks allow the user to specify a narrow
or wide range of matches. All elements are optional, but the Ports
are only valid if TCP or UDP is the selected protocol and can be
expressed as a single port or range of ports. The protocol ID for
TCP and UDP is 6 and 17 respectively.

Access List/Access Control List (ACL): an ordered list of ACL
Rules.

ACL Rule: An element of an ACL that identifies traffic based upon
a 5-tuple (condition), and specifies a queue (0-7), permit, or deny
action for packets matching the condition.

CPU: The general processor for the P580 and P882 that resides on
the Supervisor module. The CPU determines whether to forward or
filter packets. It identifies Flows by resolving IP-to-MAC
addressing and matching ACL Rules. It updates the F-chip’s
forwarding cache for future Fast Pathing of packets that match this
Flow. The process of examining Flows and updating all of the F-
chips’ forwarding caches is called Slow Path.

This manual is related to the following products: