© 2004 Cisco Systems, Inc. All rights reserved. Printed in USA.
Presentation_ID.scr
818181
© 2004 Cisco Systems, Inc. All rights reserved.
RST-3508
9805_05_2004_c2
ACL Hardware Programming
• TCAM: Ternary Content Addressable Memory
Value, Mask and Result values are used
Value and Mask used to identify L2/L3/L4 flows of interest
Result can be…permit or deny for security ACL
Result can be…classification or policing for QoS ACL
• Security and QoS ACLs get programmed into
dedicated TCAMs
• TCAM is a finite HW resource
• Advantage: ACLs are implemented in HW, therefore
no performance penalty
828282
© 2004 Cisco Systems, Inc. All rights reserved.
RST-3508
9805_05_2004_c2
Cisco IOS Supervisor ACL TCAM Details
• Security ACLs TCAM is used for RACLs, VACLs, PACLs,
MAC-based ACLs, time of the day ACLs and security
features like DHCP Snooping; Dynamic ARP Inspection and IP
Source Guard
• QoS TCAM is used for QoS functions: Classification,
Service Policies
2 x 1 Banks of TCAM
1 x Used for QoS
1 x Used for Security ACLs
Security
QoS
32000 Patterns
4000 Masks
32000 Patterns
4000 Masks
Supervisor
Engine
IV/V*
*Supervisor Engine II-Plus as of IOS 12.2.18EW has 1/8 the TCAM entries
To Next Page
Loading...
Need help?
General
