beautypg.com

Ipv6 receive acl prerequisites – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 236

background image

218

Multi-Service IronWare Security Configuration Guide

53-1003035-02

IPv6 receive ACLs

4

After an upgrade to Multi-Service IronWare R05.6.00, the sub-partition size for IPv6 rACL will
be “0”. Refer to

“Specifiying the maximum number of rACLs supported in CAM”

on page 218

for more information about changing the default value.

After a downgrade to a previous release, all configured IPv6 rACLs will be lost.

IPv6 receive ACL prerequisites

Specifiying the maximum number of rACLs supported in CAM

By default, the IPv6 rACL sub-partition in an IPv6 session CAM partition is set to “0”. This must be
resized before using the IPv6 receive ACL feature.

An IPv6 session CAM partition has sub-partitions for:

IPv6 Multicast

Receive ACL

Rule-based ACL

The IPv6 Multicast sub-partition is configured using the system-max ipv6-mcast-cam command.
The Receive ACL sub-partition is configured using the system-max ipv6-receive-cam command. The
number of IPv6 Rule-based ACL entries is normalized after allocating space for IPv6 Multicast and
IPv6 Receive ACL entries i.e. IPv6 Rule-based ACL entries take the remaining space after the
allocation of IPv6 Multicast and IPv6 rACL entries. However, the system ensures that there are a
minimum of 128 IPv6 Rule-based ACL entries.

When you set the size of the Receive ACL sub-partition using the system-max ipv6-receive-cam
command, the size of the Rule-based ACL sub-partition is decreased. The following example shows
how configure the Receive ACL sub-partition assuming that the IPv6 session CAM partition is
initially configured as follows:

Use the following command to set the maximum IPv6 Receive ACL entries to 2048.

Brocade(config)# system-max ipv6-receive-cam 2048

Syntax: [no] system-max ipv6-receive-cam num

The num variable specifies the maximum number of IPv6 Receive ACL entries allowed in CAM.
Acceptable values are powers of 2 in the range from 0 through 8192. The default value is 0. If you
enter a value that is not a power of 2, the system rounds off the entry to a number less than the
input value. For example, if you enter 2044, which is not a power of 2, the system rounds it down to
1024 and shows an appropriate warning.

Brocade(config)# system-max ipv6-receive-cam 2044

Warning – IPv6 Receive ACL CAM size requires power of 2, round down to 1024

Reload required. Please write memory and then reload or power cycle the system.

Failure to reload could cause system instability on failover.

Newly configured system-max will not take effect during hitless-reload.

The no form of the system-max ipv6-receive-cam command restores the default value.

[IPV6 Session] 16384(size), 16384(free), 000.00%(used)

:IPv6 Multicast: 1024(size), 1024(free), 000.00%(used)

:Receive ACL: 0(size), 0(free), 000.00%(used)

:Rule ACL: 15360(size), 15360(free), 000.00%(used)

See also other documents in the category Brocade Computer Accessories: