Displays the number of ACL slices and rules consumed by the ACLs on the slices that support a particular port.
port | Specifies to display the usage for the slices that support this port. |
N/A.
Use this command to display how many slices and how many rules per each slice are currently consumed by the ACLs on the slices that support a particular port. This command also displays which ports share the same slices as the specified port.
BlackDiamond 8800 eāseries modules—Each group of 24 ports has 8 slices with each slice having enough memory for 128 ingress rules and actions.
Each group of 24 ports has 4 slices with each slice having enough memory for 128 egress rules.
Each group of 24 ports has 16 slices with each slice having enough memory for 256 ingress rules.
Each group of 48 ports has 4 slices with each slice having enough memory for 256 egress rules.
Each group of 48 ports has 16 internal slices with each slice having enough memory for 512 ingress rules plus the external slice.
Each group of 48 ports has 4 slices with each slice having enough memory for 256 egress rules.
Each group of 48 ports has 10 slices; the first 4 (0-3) slices hold 128 ingress rules each, and the last 6 (4-9) slices hold 256 ingress rules each, which adds up to 2048 ingress rules.
10G1Xc—
Its single port has 4 slices with each slice having enough memory for 128 egress rules.
Its single port has 16 slices with each slice having enough memory for 256 ingress rules.
G8Xc—
Its 8 ports have 4 slices with each slice having enough memory for 128 egress rules.
Its 8 ports have 16 slices with each slice having enough memory for 256 ingress rules.
10G4Xc/10G8Xc—
Each group of 2 ports has 4 slices with each slice having enough memory for 128 egress rules.
Each group of 2 ports has 16 slices with each slice having enough memory for 256 ingress rules.
10G24X-c—
Each group of 12 ports has 4 slices with each slice having enough memory for 128 egress rules.
Each group of 12 ports has 12 slices with each of the first 8 slices having enough memory for 128 ingress rules and each of the last 4 slices having enough memory for 256 ingress rules, which adds up to 2048 ingress rules.
G96T-c—
Each group of 48 ports has 4 slices with each slice having enough memory for 256 egress rules.
Each group of 48 ports has 16 slices with each slice having enough memory for 512 ingress rules.
G48Tc/G48Xc/G24Xc—
Each group of 24 ports has 4 slices with each slice having enough memory for 128 egress rules.
Each group of 24 ports has 16 slices with each slice having enough memory for 256 ingress rules.
G48X-xl/G48T-xl—
Its 48 ports have 4 slices with each slice having enough memory for 256 egress rules.
Its 48 ports have 16 slices with each slice having enough memory for 512 ingress rules.
10G8X-xl—
Each group of 4 ports has 4 slices with each slice having enough memory for 256 egress rules.
Each group of 4 ports has 16 slices with each slice having enough memory for 512 ingress rules.
40G6X-xm—
Each group of 24 ports has 4 slices with each slice having enough memory for 256 egress rules.
Each group of 24 ports has 10 slices with each slice having enough memory for 256 ingress rules.
Note
Egress ACLs are supported on BlackDiamond X8 series switches, BlackDiamond 8000 c, xl-, and xm-series modules, E4G-200 and E4G-400 switches, and Summit X460, X480, and X670 series switches only.
Beginning with ExtremeXOS 12.5, you can reserve or allocate a slice for a specific feature such that rules for the feature will not share a slice with other components. A text string has been added at the end of the output for each slice that indicates which feature, if any, is reserving the slice. See the example below.
The following example displays the ACL slice usage on port 8:1:
Switch.3 # show access-list usage acl-slice port 8:1 Ports 8:1-8:12, 8:25-8:36 Slices: Used: 3 Available: 5 Slice 5 Rules: Used: 9 Available: 119 Slice 6 Rules: Used: 1 Available: 127 Slice 7 Rules: Used: 24 Available: 104In ExtremeXOS 15.5.1 and onwards, unless there is at least 1 rule in a given slice, the slice is not allocated. Since the slice is not yet allocated, a physical slice is not assigned to a virtual slice. So in this previous example, "used" displays what is used in that particular slice, and "available" shows the remaining rules in that particular used slice.
The following example displays the ACL ingress and egress slice usage on port 4:1:
Switch.4 # show access-list usage acl-slice port 4:1 Ports 4:1-4:48 Stage: INGRESS Slices: Used: 2 Available: 14 Slice 0 Rules: Used: 0 Available: 512 Slice 1 Rules: Used: 0 Available: 512 Slice 2 Rules: Used: 0 Available: 512 Slice 3 Rules: Used: 0 Available: 512 Slice 4 Rules: Used: 0 Available: 512 Slice 5 Rules: Used: 0 Available: 512 Slice 6 Rules: Used: 0 Available: 512 Slice 7 Rules: Used: 0 Available: 512 Slice 8 Rules: Used: 0 Available: 512 Slice 9 Rules: Used: 0 Available: 512 Slice 10 Rules: Used: 0 Available: 512 Slice 11 Rules: Used: 0 Available: 512 Slice 12 Rules: Used: 0 Available: 512 Slice 13 Rules: Used: 0 Available: 512 For: user/other Slice 14 Rules: Used: 1 Available: 511 Reserved for: <feature name> Slice 15 Rules: Used: 10 Available: 502 For: system Stage: EGRESS Slices: Used: 1 Available: 3 Slice 0 Rules: Used: 0 Available: 256 Slice 1 Rules: Used: 0 Available: 256 Slice 2 Rules: Used: 0 Available: 256 Slice 3 Rules: Used: 1 Available: 255 Reserved for: <feature name> Stage: LOOKUP Slices: Used: 1 Available: 3 Slice 0 Rules: Used: 0 Available: 512 Slice 1 Rules: Used: 0 Available: 512 Slice 2 Rules: Used: 0 Available: 512 Slice 3 Rules: Used: 49 Available: 463 Stage: EXTERNAL Slices: Used: 0 Available: 0
For: user/other—The slice is used by user ACLs and/or other switch features.
Reserved for: feature name—The slice is reserved for the named feature, for instance VLAN statistics. Rules for this feature may not share a slice with other features or user ACLs.
For: system—The slice contains only rules used for certain specific switch features. User ACLs may not share a slice with a system slice.
This command was first available in ExtremeXOS 11.5.
This command is available only on BlackDiamond X8 series switches, BlackDiamond 8000 series modules, E4G-200 and E4G-400 switches, and Summit family switches, whether or not included in a SummitStack.