Acl-based rate limiting, Using acls to control multicast features – Brocade TurboIron 24X Series Configuration Guide User Manual
Page 959

Brocade TurboIron 24X Series Configuration Guide
925
53-1003053-01
ACL-based rate limiting
To configure an ACL that matches on a packet with DSCP value 29, enter a command such as the
following.
TurboIron(config)#access-list 112 permit ip 10.1.1.0 0.0.0.255 10.2.2.x 0.0.0.255
dscp-matching 29
The complete CLI syntax for this feature is shown in
“Configuring extended numbered ACLs”
“Configuring extended named ACLs”
on page 911. The following shows the syntax
specific to this feature.
Syntax: ...dscp-matching <0 – 63>
NOTE
For complete syntax information, refer to
“Extended numbered ACL syntax”
ACL-based rate limiting
ACL-based rate limiting provides the facility to limit the rate for IP traffic that matches the permit
conditions in extended IP ACLs. This feature is available in the Layer 2 and Layer 3 code.
For more details, including configuration procedures, refer to
Chapter 29, “Configuring Traffic
Using ACLs to control multicast features
You can use ACLs to control the following multicast features:
•
Limit the number of multicast groups that are covered by a static rendezvous point (RP)
•
Control which multicast groups for which candidate RPs sends advertisement messages to
bootstrap routers
•
Identify which multicast group packets will be forwarded or blocked on an interface
For configuration procedures, refer to
Chapter 26, “Configuring IP Multicast Protocols”
Enabling and viewing hardware usage statistics for an ACL
The number of configured ACL rules can affect the rate at which hardware resources are used. You
can use the show access-list hw-usage on command to enable hardware usage statistics, followed
by the show access-list access-list-id command to determine the hardware usage for an ACL. To
gain more hardware resources, you can modify the ACL rules so that it uses less hardware
resource.
NOTES:
•
When an ACL is not attached to any port, the show access-list command displays an estimate
of the current TCAM usage, assuming it is attached to one port and one VLAN. Once the ACL is
attached to a port, the show access-list access-list-id) command shows the exact current TCAM
usage by the ACL.