beautypg.com

Ipv6 receive acl: basic configuration, Configuring and applying an ipv6 racl – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 239

background image

Multi-Service IronWare Security Configuration Guide

221

53-1003035-02

IPv6 receive ACLs

4

Brocade(config)# system-max ipv6-receive-cam 1024

Reload required. Please write memory and then reload or power cycle the system.

Failure to reload could cause system instability on failover.

Newly configured system-max will not take effect during hitless-reload.

Checking for available space when changing the CAM profile

The system will check if there is enough space for the IPv6 Receive ACL sub-partition before
changing the CAM profile. If there is not enough space, an error message is displayed.

This error message shows that there are 1920 available user entries for IPv6 rACL CAM. In this
case, the CAM profile is “multi-service 2” which supports 1024 IPv6 rACL CAM entries. Refer to

Table 32

for on the maximum supported size of IPv6 Receive ACLs in different CAM profiles. Use

the following command to change the CAM profile to the “multi-service 3” which supports 2048
IPv6 rACLs.

Brocade(config)# cam-partition profile multi-service-3

Reload required. Please write memory and then reload or power cycle the system.

IPv6 receive ACL: basic configuration

Configuring and applying an IPv6 rACL

Configuring IPv6 rACLs requires the following steps:

1.

Configuring an IPv6 rACL sub-partition in the CAM partition

2.

Creating an IPv6 access-list

3.

Creating a policy-map

(if you want to rate limit traffic)

4.

Applying an IPv6 rACL

Configuring an IPv6 rACL sub-partition in the CAM partition
To create an IPv6 rACL sub-partition and set the maximum number of IPv6 rACL entries at 1024,
use the following commands.

Brocade(config)# system-max ipv6-receive-cam 1024

Brocade(config)# write memory

Brocade(config)# reload

Creating an IPv6 access-list
To create an IPv6 access-list named “b1”:

Brocade(config)# ipv6 access-list b1

Brocade(config-ipv6-access-list b1)# permit ipv6 any any

Brocade(config-ipv6-access-list b1)# exit

Brocade(config)# system-max ipv6-receive-cam 2048

Brocade(config)# cam-partition profile multi-service-2

Error - IPV6 Receive ACL CAM (2048) exceeding available CAM resources

Total IPv6 ACL CAM: 16384(Raw Size)

Reserved IPv6 Rule ACL CAM: 1024(Raw Size)

IPv6 Multicast CAM: 0(Raw Size)

Available IPv6 Receive ACL CAM: 15360(Raw Size) 1920(User Size)

See also other documents in the category Brocade Computer Accessories: