34-6
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 34 Understanding Cisco IOS ACL Support
Optimized ACL Logging with a PFC3
Configuring OAL
These sections describe how to configure OAL:
• Configuring OAL Global Parameters, page 34-6
• Configuring OAL on an Interface, page 34-7
• Displaying OAL Information, page 34-7
• Clearing Cached OAL Entries, page 34-7
Note • For complete syntax and usage information for the commands used in this section, refer to the Cisco
IOS Master Command List, Release 12.2SX.
• To provide OAL support for denied packets, enter the mls rate-limit unicast ip icmp unreachable
acl-drop 0 command.
Configuring OAL Global Parameters
To configure global OAL parameters, perform this task:
When configuring OAL global parameters, note the following information:
• entries number_of_entries:
–
Sets the maximum number of entries cached.
–
Range: 0–1,048,576 (entered without commas).
–
Default: 8192.
• interval seconds:
–
Sets the maximum time interval before an entry is sent to be logged. Also if the entry is inactive
for this duration it is removed from the cache.
–
Range: 5–86,400 (1440 minutes or 24 hours, entered without commas).
–
Default: 300 seconds (5 minutes).
• rate-limit number_of_packets:
–
Sets the number of packets logged per second in software.
–
Range: 10–1,000,000 (entered without commas).
–
Default: 0 (rate limiting is off and all packets are logged).
Command Purpose
Router(config)# logging ip access-list cache {{entries
number_of_entries
} | {interval
seconds
} | {rate-limit
number_of_packets
} | {threshold
number_of_packets
}}
Sets OAL global parameters.
Router(config)# no logging ip access-list cache {entries |
interval | rate-limit | threshold}
Reverts OAL global parameters to defaults.
To Next Page
Loading...
Need help?
General
