IP Receive access list (RACL) provides hardware-based filtering capability for Layer 3 IPv4 or IPv6 traffic that is destined to the CPU.
RACL can protect the CPU from overloading due to heavy traffic that was sent to an IP interface on the device. Using the RACL, an ACL is applied at the system level to eliminate the need to add an ACL to each interface on the device. For more information about RACL, see the Extreme SLX-OS Security Configuration Guide.
Using policy maps, you can apply rate liming to an RACL on IPv4 and IPv6 traffic destined to the CPU control plane. Policy maps can support maximum of 1,000 class maps. The rate-limited RACL does not have dedicated TCAM space. Instead, it shares the ACL TCAM space. RACL rate limiting for IPv4 and Ipv6 traffic is supported only in the default TCAM profile, which can support 2,048 entries.
Note
The RACL-RL match fields icmp_type, icmp_code, and ip_ttl are added in SLX 20.2.1. The match fields icmp_code and ip_ttl are valid only when icmp_type match is valid.The match fields icmp_type, icmp_code, and ip_ttl are supported only on SLX 9150 and SLX 9250.