我有运行 L3 模式的 Cisco Nexus 9396 交换机,我在 Ingress 中配置了一堆 IPv4 访问列表,用于防火墙阻止某些流量。
我正在阅读有关 TCAM 并想了解我应该查看以下输出的内容?
Used列数是否代表 ACL 规则的数量?
# show hardware access-list resource utilization
slot 1
=======
INSTANCE 0x0
-------------
ACL Hardware Resource Utilization (Mod 1)
----------------------------------------------------------
Used Free Percent
Utilization
-------------------------------------------------------------------
Ingress IPv4 PACL 3 509 0.59
Ingress IPv4 Port QoS 4 252 1.56
Ingress IPv4 VACL 2 510 0.39
Ingress IPv4 RACL 226 286 44.14
Egress IPv4 VACL 3 509 0.59
Egress IPv4 RACL 3 253 1.17
SUP COPP 205 51 80.08
SUP COPP Reason Code TCAM 6 122 4.69
Redirect 2 510 0.39
SPAN 21 235 8.20
VPC Convergence 1 255 0.39
LOU 2 22 8.33
Both LOU Operands 2
Single LOU Operands 0
LOU L4 src port: 1
LOU L4 dst port: 1
LOU L3 packet len: 0
LOU IP tos: 0
LOU IP dscp: 0
LOU ip precedence: 0
LOU ip TTL: 0
TCP Flags 0 16 0.00
Protocol CAM 2 244 0.81
Mac Etype/Proto CAM 0 14 0.00
L4 op labels, Tcam 0 0 1023 0.00
L4 op labels, Tcam 2 1 62 1.58
L4 op labels, Tcam 6 0 2047 0.00
Ingress Dest info table 0 512 0.00
Egress Dest info table 0 512 0.00