Displaying Acl Resource Usage And Configuration Problems - Cisco Catalyst 3550 series Software Configuration Manual
Multilayer switch
Hide thumbs
Also See for Catalyst 3550 series:
- Reference manual (58 pages) ,
- Datasheet (21 pages) ,
- Manual (19 pages)
Table of Contents
Advertisement
Chapter 28
Configuring Network Security with ACLs
This is an example of output from the show vlan filter privileged EXEC command:
Switch# show vlan filter
VLAN Map map_1 is filtering VLANs:
20-22
Displaying ACL Resource Usage and Configuration Problems
The switch feature manager allocates resources to configured ACLs. When there are not enough
hardware resources for a configuration or when there is a configuration conflict, an error message is
generated. If the console is not set to receive error messages, you can use the show fm privileged EXEC
commands to display feature-manager messages and to get more information about the resources
handling ACLs on an interface. You can also use the show tcam privileged EXEC commands to get
status information about the switch ternary content addressable memory (TCAM) capacity.
Table 28-4
Table 28-4 Commands for Displaying VLAN Map Information
Command
show fm vlan vlan-id
or
show fm interface interface-id
show fm vlan-label label-id
or
show fm port-label label-id
show tcam {inacl | outacl} tcam-id {{port-labels
[label-id]} | size |{statistics [entries | hits | labels | masks]}
| {vlan-labels [label-id]}}
Refer to the command reference for this release for more detailed information about these commands.
This section describes how to display this information about these ACL issues:
•
•
•
78-11194-09
lists the privileged EXEC commands that display ACL feature-manager information.
Configuration Conflicts, page 28-44
ACL Configuration Fitting in Hardware, page 28-45
TCAM Usage, page 28-47
Purpose
Display feature-manager information for the interface or the
VLAN, including the hardware port-label or vlan-label
number for the interface and feature-manager problems that
have occurred.
Display information about the identified label, including
which of the configured ACL features fit into hardware.
VLAN labels are used for router ACLs and VLAN maps; port
labels are used for port ACLs. The VLAN label-id range is
from 0 to 255; the port label-id range is from 0 to 127.
Display information about the input or output ACL regions of
TCAM. The TCAM ID range varies from 1 to 3, depending
on the switch model. Other keywords available for the
command are used primarily to display output for use by
Cisco technical support.
Catalyst 3550 Multilayer Switch Software Configuration Guide
Displaying ACL Information
28-43
Advertisement
Table of Contents
Troubleshooting
