Example Of Acl Resource Usage; Viewing The Current Rule Usage - HP ProCurve 6120G/XG Manual
Hp procurve series 6120 blade switches access security guide
Hide thumbs
Also See for ProCurve 6120G/XG:
- Configuration manual (662 pages) ,
- Manual (469 pages) ,
- Management manual (222 pages)
Table of Contents
Advertisement
IPv4 Access Control Lists (ACLs)
Planning an ACL Application
3. Determine which of the existing policies you can remove to free up rule
Example of ACL Resource Usage
This example illustrates how to check for current rule availability, and then
how to create and assign an ACL, and then to verify its effect on rule resources.
(For more detailed information on configuring and applying ACLs, refer to the
later sections of this chapter.)
Viewing the Current Rule Usage
The show access-list resources command displays current information about
rules and resources.
ProCurve(config)# show access-list resources
Policy Engine Resource Usage
Group
------------------------+------------+------------+------------+
QoS
CLI-ACL
IDM-ACL
Free
Figure 9-5. Example of Rules Used and Resources Used and Required
Standard ACL Using a Subset of the Switch's Ports. Suppose that
ports 1 - 4 belong to the following VLANs:
■
■
■
9-20
resources for the ACL policy you want to implement. Depending on your
network topology and configuration, you can free up rule resources by
moving some policies to other devices. Another alternative is to inspect
the switch's existing configuration for inefficient applications that could
be removed or revised to achieve the desired policies with less resource
usage. Table 9-2 on page 9-18 and the information displayed by the show
access-list resources command, can help you to determine the resource
usage of ACL policies.
Rules
Allocated
|
0 |
|
0 |
|
256 |
|
128 |
VLAN 1: 10.10.10.1
VLAN 2: 10.10.11.1
VLAN 3: 10.10.12.1
Rules
Group
Used
Number
0 |
1 |
0 |
2 |
126 |
3 |
Hide quick links:
Advertisement
Table of Contents
