beautypg.com

Acls to control multicast features – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 142

background image

-------------------------------------------------

65533: Implicit ND_NA Rule: permit any any

Hit Count: (1Min) 0 (5Sec) 0

(PktCnt) 0 (ByteCnt) 0

-------------------------------------------------

65534: Implicit ND_NS Rule: permit any any

Hit Count: (1Min) 0 (5Sec) 0

(PktCnt) 0 (ByteCnt) 0

-------------------------------------------------

65535: Implicit Rule: deny any any

Hit Count: (1Min) 0 (5Sec) 0

(PktCnt) 0 (ByteCnt) 0

-------------------------------------------------

3. To clear ACL accounting statistics for ACLs configured, choose one of the following options.

• For ACLs configured on a specific interface, use the clear access list accounting command in

the global configuration mode.

• For all ACLs configured in the device, use the clear access list accounting all command in the

global configuration mode.

device(config)#clear access-list accounting ethernet 1/5 in

device(config)#clear access list accounting all

The following example shows how to enable ACL accounting for a numbered
ACL.

device(config)# access-list 10 permit host 10.10.10.1

device(config)# access-list 10 enable-accounting

device(config)# interface ethernet 1/1

device(config-if-1/1)# ip access-group 10 in

The following example shows how to enable ACL accounting for an IPv4 named
ACL.

device(config)# ip access-list standard std

device(config-std-nacl)# permit 10.10.10.0/24

device(config-std-nacl)# deny 20.20.20.0/24

device(config-std-nacl)# enable-accounting

device(config-std-nacl)# interface ve 121

device(config-vif-121)# ip access-group std in

ACLs to control multicast features

You can use ACLs to control the following multicast features:

• Limit the number of multicast groups that are covered by a static rendezvous point (RP)
• Control which multicast groups for which candidate RPs sends advertisement messages to

bootstrap routers

• Identify which multicast group packets will be forwarded or blocked on an interface

For configuration procedures, refer to chapter "IP Multicast Protocols" in the FastIron Ethernet Switch
IP Multicast Configuration Guide .

Enabling and viewing hardware usage statistics for an ACL

The number of configured ACL rules can affect the rate at which hardware resources are used. You
can use the show access-list hw-usage on command to enable hardware usage statistics, followed

ACLs to control multicast features

142

FastIron Ethernet Switch Security Configuration Guide

53-1003088-03

See also other documents in the category Brocade Computer Accessories: