Configuring IP ACLs
Feature Name
SPAN filters
SVI counters
Note
BFD, DHCP relay, or DHCPv6 relay
CoPP
This region enables the packet counters for Layer 3
SVI interfaces.
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
ACL TCAM Regions
Region Name
ifacl: For filtering IPv4 traffic on Layer 2
(switch port) source interfaces.
ifacl-udf: For UDFs on IPv4 port ACLs
(Cisco Nexus 3232C and 3264Q switches
only)
ipv6-ifacl: For filtering IPv6 traffic on
Layer 2 (switch port) source interfaces.
mac-ifacl: For filtering Layer 2 traffic on
Layer 2 (switch port) source interfaces.
racl-udf: For UDFs on IPv4 RACLs (Cisco
Nexus 3232C and 3264Q switches only)
vacl: For filtering IPv4 traffic on VLAN
sources.
ipv6-vacl: For filtering IPv6 traffic on
VLAN sources.
mac-vacl: For filtering Layer 2 traffic on
VLAN sources.
racl: For filtering IPv4 traffic on Layer 3
interfaces.
ipv6-racl: For filtering IPv6 traffic on
Layer 3 interfaces.
ing-l2-span-filter: For filtering ingress
Layer 2 SPAN traffic (Cisco Nexus 9200
and 9300-EX Series switches only)
ing-l3-span-filter: For filtering ingress
Layer 3 and VLAN SPAN traffic (Cisco
Nexus 9200 and 9300-EX Series switches
only)
svi
redirect
Note
For Cisco Nexus 9200 Series
switches, BFD uses the ing-sup
region while DHCPv4 relay,
DHCPv4 snooping, and
DHCPv4 client use the
ing-redirect region.
copp
The region size cannot be 0.
Note
227