Print this pagePrint this page

Email this topicEmail this topic

View PDFView PDF

Download EPUBDownload EPUB

ACL Slices and Rules

The Summit and ExtremeSwitching series switches use a mechanism different from the earlier Summit series to implement ACL (Access Control List)s. The same architecture and guidelines apply to both platforms.

Instead of the per port masks used in earlier switches, these platforms use slices that can apply to any of the supported ports. An ACL applied to a port may be supported by any of the slices.

The slice support is as follows:
  • Summit X450-G2 switches—
    • Each group of 48 ports has 4 slices with each slice having enough memory for 256 egress rules, which adds up to 1024 rules.
    • Each group of 48 ports has 16 slices with each slice having enough memory for 256 ingress rules, which adds up to 4,096 ingress rules.
  • Summit X460-G2 switches—
    • Each group of 48 ports has 4 slices with each slice having enough memory for 256 egress rules, which adds up to 1,024 rules.
    • Each group of 48 ports has 16 slices with each slice having enough memory for 256 ingress rules , which adds up to 4,096 ingress rules.
  • Summit X670-G2 switches—
    • Each group of 48 ports has 4 slices with each slice having enough memory for 256 egress rules, which adds up to 1,024 rules.
    • Each group of 48 ports has 12 slices; the first 4 (0–3) slices hold 512 ingress rules each, and the last 8 (4–11) slices hold 256 ingress rules each, which adds up to 4,096 ingress rules.
  • Summit X770 switches—
    • Each group of 104 ports has 4 slices with each slice having enough memory for 256 egress rules.
    • Each group of 104 ports has 12 slices; the first 4 (0–3) slices hold 512 ingress rules each, and the last 8 (4–11) slices hold 256 ingress rules each, which adds up to 4,096 ingress rules.
  • ExtremeSwitching X440-G2 switches—
    • Each group of 24 ports has 4 slices with each slice having enough memory for 128 egress rules, which adds up to 512 rules.
    • Each group of 24 ports has 8 slices with each slice having enough memory for 256 ingress rules, which adds up to 2,048 ingress rules.
  • ExtremeSwitching X620 switches—
    • Each group of 10/16 ports has 4 slices with each slice having enough memory for 128 egress rules, which adds up to 512 rules.
    • Each group of 10/16 ports has 8 slices with each slice having enough memory for 256 ingress rules, which adds up to 2,048 ingress rules.
  • ExtremeSwitching X870 switches—
    • Four slices with each slice having enough memory for 256 egress rules, which adds up to 1,024 rules.
    • There are four eight-port groups (known as pipes) that each have 6K (12 slices) of memory for a total of 24K of ingress rules ACL capacity. Installing rules with greater match criteria reduces the effective scale capacity.
  • ExtremeSwitching X690 switches—
    • Four slices of 256 egress rules, for a total of 1,024 rules.
    • Each group of 48 ports has up to 12 slices with a total capacity of 8K single-wide rules ingress rules.
  • ExtremeSwitching X590 switches—
    • Four slices of 256 egress rules, for a total of 1,024 rules.
    • Each group of 48 ports has up to 12 slices with a total capacity of 8K single-wide rules ingress rules.
Published March 2020prev | next

Email this topicEmail this topic

Print this pagePrint this page