Cisco WS-C6506 Software Manual page 443

Catalyst 6500 series switch

Hide thumbs Also See for WS-C6506:

Manual (110 pages)

Installation manual (336 pages)

Table of Contents

Configuring Access Control

Specifying the ACL-Merge Algorithm

Two ACL-merge algorithms are available — the binary decision diagram (BDD) and the order dependent

merge (ODM). ODM is the enhanced algorithm that was introduced in software release 7.1(1). The BDD

algorithm was used in the releases prior to software release 7.1(1). With ODM, after the merge, the

resultant ACEs are order dependent. With BDD, after the merge, the resultant ACEs are order

independent.

With software release 8.1(1) and later releases, the BDD algorithm is no longer supported on any

platform (PFC, PFC2, or PFC3A/PFC3B/PFC3BXL). The default ACL-merge algorithm is ODM. In

software release 8.1(1) and later releases, the following command changes appear: The set aclmerge

algo and set aclmerge bdd commands have been removed. The show aclmerge {bdd | algo} command

has been reduced to show aclmerge algo.

For examples of the ODM algorithm, see the

Software Releases 7.1(1) or Later Releases" section on page

The default algorithm is ODM. If BDD is disabled, the merge algorithm can only be ODM. When BDD

is enabled, you can choose either the BDD algorithm or the ODM algorithm. You must enable BDD to

change the ACL merge algorithm. Use the set aclmerge bdd command to enable or disable BDD. When

you enable or disable BDD, the change takes effect when your system is restarted.

Enabling BDD on a supervisor engine with 64-MB DRAM could cause memory to run low. To avoid this

situation, upgrade the memory to 128 MB or disable BDD.

The ACL merge algorithm that you select is in effect for all new ACL merges. The ACLs that are already

configured are not modified and use the ACL merge algorithm that was enabled when the ACLs were

To enable or disable BDD, perform this task in privileged mode:

Enable or disable BDD.

Display the current BDD status and whether BDD

will be enabled or disabled at the next system restart.

Displaying a VACL-to-VLAN Mapping, page 15-54

Clearing the Edit Buffer, page 15-55

Removing ACEs from Security ACLs, page 15-55

Clearing the Security ACL Map, page 15-56

Displaying VACL Management Information, page 15-56

Capturing Traffic Flows on Specified Ports, page 15-57

Configuring VACL Logging, page 15-59

"Estimating Merge Results with Supervisor Engine

set aclmerge bdd {enable | disable}

show aclmerge {bdd | algo}

Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7

Configuring VACLs

Show Quick Links

Table of Contents

Troubleshooting

Catalyst 6506 Catalyst 6509 Catalyst 6513

Cisco WS-C6506 Software Manual page 443

Hide quick links:

Troubleshooting

Related Manuals for Cisco WS-C6506

Related Products for Cisco WS-C6506

This manual is also suitable for:

Table of Contents