Enables TCAM sharing for security or policy-based routing (PBR) ACLs applied to multiple interfaces.
TCAM sharing is disabled.
Hardware configuration mode
TCAM sharing is supported only on devices based on the DNX chipset family. For a list of such devices, see "Supported Hardware".
TCAM sharing is supported only on physical interfaces.
TCAM sharing for security ACLs works as follows: TCAM resources are shared if a specific ACL is applied to multiple ports.
TCAM sharing for PBR ACLs works as follows: TCAM resources are shared if a specific ACL—included in one or more route maps—is applied to multiple ports.
Changing the TCAM profile disables TCAM sharing. You can then re-enable sharing, subject to the limitations of the new profile.
TCAM sharing is not supported for ACLs applied for rate limiting.
After you enable TCAM sharing, you need to save the running configuration and then reboot the device.
TCAM profile |
Maximum sharing-flavors |
Layer 2 ACL TCAM-sharing |
IPv4 ACL TCAM-sharing |
IPv4 PBR TCAM-sharing |
IPv6 ACL TCAM-sharing |
IPv6 PBR TCAM-sharing |
---|---|---|---|---|---|---|
default |
0 |
No |
No |
No |
No |
No |
app-telemetry |
0 |
No |
No |
No |
No |
No |
border-routing |
0 |
No |
No |
No |
No |
No |
layer2-ratelimit |
0 |
No |
No |
No |
No |
No |
multicast-profile |
3 |
Yes |
Yes |
Yes |
No |
No |
vxlan-visibility |
4 |
Yes |
Yes |
Yes |
Yes |
Yes |
To disable TCAM sharing, use the no form of this command.
The following example enables TCAM sharing for IPv4 and IPv6 security ACLs applied to ingress traffic.
device# configure terminal device(config)# hardware device(config-hardware)# profile tcam cam-share l3-v4-ingress-acl l3-v6-ingress-acl