show access-list usage acl-slice port

show access-list usage acl-slice port port

Description

Displays the number of ACL slices and rules consumed by the ACLs on the slices that support a particular port.

Syntax Description

port Specifies to display the usage for the slices that support this port.

Default

N/A.

Usage Guidelines

Use this command to display how many slices and how many rules per each slice are currently consumed by the ACLs on the slices that support a particular port. This command also displays which ports share the same slices as the specified port.

The slice support for the BlackDiamond X8 series switches, BlackDiamond 8000 series modules, E4G-200 and E4G-400 switches, and Summit family switches that use this mechanism is as follows:
  • BlackDiamond 8800 eā€‘series modules—Each group of 24 ports has 8 slices with each slice having enough memory for 128 ingress rules and actions.

  • Summit X460 series switches and E4G-200 and E4G-400 switches—
    • Each group of 24 ports has 4 slices with each slice having enough memory for 128 egress rules.

    • Each group of 24 ports has 16 slices with each slice having enough memory for 256 ingress rules.

  • Summit X480 series switches—
    • Each group of 48 ports has 4 slices with each slice having enough memory for 256 egress rules.

    • Each group of 48 ports has 16 internal slices with each slice having enough memory for 512 ingress rules plus the external slice.

  • Summit X670 switches and BlackDiamond X8 series switches—
    • Each group of 48 ports has 4 slices with each slice having enough memory for 256 egress rules.

    • Each group of 48 ports has 10 slices; the first 4 (0-3) slices hold 128 ingress rules each, and the last 6 (4-9) slices hold 256 ingress rules each, which adds up to 2048 ingress rules.

  • BlackDiamond 8000 c- and xl-series modules—
    • 10G1Xc—

      • Its single port has 4 slices with each slice having enough memory for 128 egress rules.

      • Its single port has 16 slices with each slice having enough memory for 256 ingress rules.

    • G8Xc—

      • Its 8 ports have 4 slices with each slice having enough memory for 128 egress rules.

      • Its 8 ports have 16 slices with each slice having enough memory for 256 ingress rules.

    • 10G4Xc/10G8Xc—

      • Each group of 2 ports has 4 slices with each slice having enough memory for 128 egress rules.

      • Each group of 2 ports has 16 slices with each slice having enough memory for 256 ingress rules.

    • 10G24X-c—

      • Each group of 12 ports has 4 slices with each slice having enough memory for 128 egress rules.

      • Each group of 12 ports has 12 slices with each of the first 8 slices having enough memory for 128 ingress rules and each of the last 4 slices having enough memory for 256 ingress rules, which adds up to 2048 ingress rules.

    • G96T-c—

      • Each group of 48 ports has 4 slices with each slice having enough memory for 256 egress rules.

      • Each group of 48 ports has 16 slices with each slice having enough memory for 512 ingress rules.

    • G48Tc/G48Xc/G24Xc—

      • Each group of 24 ports has 4 slices with each slice having enough memory for 128 egress rules.

      • Each group of 24 ports has 16 slices with each slice having enough memory for 256 ingress rules.

    • G48X-xl/G48T-xl—

      • Its 48 ports have 4 slices with each slice having enough memory for 256 egress rules.

      • Its 48 ports have 16 slices with each slice having enough memory for 512 ingress rules.

    • 10G8X-xl—

      • Each group of 4 ports has 4 slices with each slice having enough memory for 256 egress rules.

      • Each group of 4 ports has 16 slices with each slice having enough memory for 512 ingress rules.

    • 40G6X-xm—

      • Each group of 24 ports has 4 slices with each slice having enough memory for 256 egress rules.

      • Each group of 24 ports has 10 slices with each slice having enough memory for 256 ingress rules.

      Note

      Note

      Egress ACLs are supported on BlackDiamond X8 series switches, BlackDiamond 8000 c, xl-, and xm-series modules, E4G-200 and E4G-400 switches, and Summit X460, X480, and X670 series switches only.

Beginning with ExtremeXOS 12.5, you can reserve or allocate a slice for a specific feature such that rules for the feature will not share a slice with other components. A text string has been added at the end of the output for each slice that indicates which feature, if any, is reserving the slice. See the example below.

Example

The following example displays the ACL slice usage on port 8:1:

Switch.3 # show access-list usage acl-slice port 8:1
Ports 8:1-8:12, 8:25-8:36
Slices:          Used: 3 Available: 5
Slice 5 Rules:   Used: 9 Available: 119
Slice 6 Rules:   Used: 1 Available: 127
Slice 7 Rules:   Used: 24 Available: 104
In ExtremeXOS 15.5.1 and onwards, unless there is at least 1 rule in a given slice, the slice is not allocated. Since the slice is not yet allocated, a physical slice is not assigned to a virtual slice. So in this previous example, "used" displays what is used in that particular slice, and "available" shows the remaining rules in that particular used slice.

The following example displays the ACL ingress and egress slice usage on port 4:1:

Switch.4 # show access-list usage acl-slice port 4:1
Ports 4:1-4:48
Stage: INGRESS
Slices:          Used: 2  Available: 14
Slice 0 Rules:   Used: 0  Available: 512
Slice 1 Rules:   Used: 0  Available: 512
Slice 2 Rules:   Used: 0  Available: 512
Slice 3 Rules:   Used: 0  Available: 512
Slice 4 Rules:   Used: 0  Available: 512
Slice 5 Rules:   Used: 0  Available: 512
Slice 6 Rules:   Used: 0  Available: 512
Slice 7 Rules:   Used: 0  Available: 512
Slice 8 Rules:   Used: 0  Available: 512
Slice 9 Rules:   Used: 0  Available: 512
Slice 10 Rules:   Used: 0  Available: 512
Slice 11 Rules:   Used: 0  Available: 512
Slice 12 Rules:   Used: 0  Available: 512
Slice 13 Rules:   Used: 0  Available: 512 For: user/other
Slice 14 Rules:   Used: 1  Available: 511 Reserved for: <feature name>
Slice 15 Rules:   Used: 10  Available: 502 For: system
Stage: EGRESS
Slices:          Used: 1  Available: 3
Slice 0 Rules:   Used: 0  Available: 256
Slice 1 Rules:   Used: 0  Available: 256
Slice 2 Rules:   Used: 0  Available: 256
Slice 3 Rules:   Used: 1  Available: 255 Reserved for: <feature name>
Stage: LOOKUP
Slices:          Used: 1  Available: 3
Slice 0 Rules:   Used: 0  Available: 512
Slice 1 Rules:   Used: 0  Available: 512
Slice 2 Rules:   Used: 0  Available: 512
Slice 3 Rules:   Used: 49  Available: 463
Stage: EXTERNAL
Slices:          Used: 0  Available: 0
In this example, selected slices are allocated or reserved as follows:
  • For: user/other—The slice is used by user ACLs and/or other switch features.

  • Reserved for: feature name—The slice is reserved for the named feature, for instance VLAN statistics. Rules for this feature may not share a slice with other features or user ACLs.

  • For: system—The slice contains only rules used for certain specific switch features. User ACLs may not share a slice with a system slice.

History

This command was first available in ExtremeXOS 11.5.

Platform Availability

This command is available only on BlackDiamond X8 series switches, BlackDiamond 8000 series modules, E4G-200 and E4G-400 switches, and Summit family switches, whether or not included in a SummitStack.