Network OS Administration Guide

Supporting Network OS 6.0.1a

Part Number: 53-1003768-04

Configuring TCAM profiles

The following table describes the available command options (keywords) to optimize TCAM profiles, available under the tcam keyword.
Table 10 Options for optimizing TCAM profiles
Keyword Optimizes resources for . . .
default Basic support for all applications
dyn-arp-insp Dynamic ARP inspection (DAI)
ipv4-v6-mcast Multicast
ipv4-v6-pbr IPv4 and IPv6 ACLs and policy-based routing tables
ipv4-v6-qos IPv4 and IPv6 ACLs and QoS
l2-ipv4-acl Layer 2 and IPv4 ACLs
l2-acl-qos Layer 2 ACLs and QoS
openflow OpenFlow support
With the current release, two new keywords have been added.
  • The dyn-arp-insp keyword allows the user to configure optimized dynamic ARP inspection (DAI).
  • The openflow keyword allows the user to enable or disable support for the OpenFLow feature in the TCAM profile.

The OpenFlow feature requires consistency between the route-table and TCAM profile configurations. This consistency is enforced automatically. When the user selects openflow for a TCAM profile, the route-table profile is set to OpenFlow support, which is enabled on top of the current setting. Similarly, when the user selects any other type of TCAM profile that does not support OpenFlow, the route-table profile is automatically set to disable OpenFLow support. If the user first disables OpenFLow support in the route-table profile, then the TCAM profile is set to the default subtype. To specify a nondefault TCAM subtype, the user must specify that choice in the TCAM menu. If the user first specifies OpenFLow support in the route-table profile, then the TCAM profile is set automatically to support OpenFLow. Status messages report consistency between the two types of profiles, as in the following configuration examples.

device(config-rbridge-id-2)# hardware-profile tcam ?                              
Possible completions:
  [openflow]
  default         		basic support for all applications
  dyn-arp-insp    	optimized for dynamic Arp Inspection
  ipv4-v6-mcast   	optimized for multicast
  ipv4-v6-pbr     	optimized for IPv4 and IPv6 ACL, PBR
  ipv4-v6-qos     	optimized for IPv4 and IPv6 ACL, QOS
  l2-acl-qos      		optimized for L2 ACL, QOS
  l2-ipv4-acl     		optimized for L2 and IPv4 ACL
  openflow        		optimized for openflow support
device(config-rbridge-id-2)# hardware-profile tcam openflow 
%INFO: Openflow is also enabled in route-table profile.
%Warning: To activate the new profile config, please run 'reload system' on the target switch.

device# show running-config rbridge-id hardware-profile 
rbridge-id 2
 hardware-profile tcam openflow
 hardware-profile route-table ipv4-max-arp maximum_paths 8 openflow on
 hardware-profile vlan-classification default
 hardware-profile kap default

device(config-rbridge-id-2)# hardware-profile tcam default 
%INFO: Openflow is also disabled in route-table profile.
%Warning: To activate the new profile config, please run 'reload system' on the target switch
sw0# show running-config rbridge-id hardware-profile 
rbridge-id 2
 hardware-profile tcam default
 hardware-profile route-table ipv4-max-arp maximum_paths 8 openflow off
 hardware-profile vlan-classification default
 hardware-profile kap default

device(config-rbridge-id-2)# hardware-profile route-table ipv4-max-arp ?
Possible completions:
  maximum_paths   Maximum number of load-sharing paths
  openflow               Enable/disable openflow support
  <cr>
device(config-rbridge-id-2)# hardware-profile route-table ipv4-max-arp openflow ?
Possible completions:
  [on]
  off   Disable openflow
  on    Enable openflow
device(config-rbridge-id-2)# hardware-profile route-table ipv4-max-arp openflow on
%INFO: The TCAM profile has been set to openflow.
%Warning: To activate the new profile config, please run 'reload system' on the target switch

device# show running-config rbridge-id hardware-profile 
rbridge-id 2
 hardware-profile tcam openflow
 hardware-profile route-table ipv4-max-arp maximum_paths 8 openflow on
 hardware-profile vlan-classification default
 hardware-profile kap default

device(config-rbridge-id-2)# hardware-profile route-table ipv4-max-arp openflow off 
%INFO: The TCAM profile has been set to default. For more granular TCAM selections, please use the TCAM menu.
%Warning: To activate the new profile config, please run 'reload system' on the target switch.

device# show running-config rbridge-id hardware-profile 
rbridge-id 2
 hardware-profile tcam default
 hardware-profile route-table ipv4-max-arp maximum_paths 8 openflow off
 hardware-profile vlan-classification default
 hardware-profile kap default
The following example illustrates the configuration of optimization for DAI.
switch(config-rbridge-id-2)# hardware-profile ?
Possible completions:
  kap                   	Select KAP profile type
  route-table           	Select route table profile type
  tcam                  	Select TCAM profile type
device(config-rbridge-id-2)# hardware-profile tcam ?
Possible completions:
  [openflow]
  default         		basic support for all applications
  dyn-arp-insp    	 optimized for dynamic Arp Inspection
  ipv4-v6-mcast    	optimized for multicast
  ipv4-v6-pbr      	optimized for IPv4 and IPv6 ACL, PBR
  ipv4-v6-qos    	  optimized for IPv4 and IPv6 ACL, QOS
  l2-acl-qos     	 	optimized for L2 ACL, QOS
  l2-ipv4-acl     		optimized for L2 and IPv4 ACL
  openflow        		optimized for openflow support
device(config-rbridge-id-2)# hardware-profile tcam dyn-arp-insp 
%Warning: To activate the new profile config, please run 'reload system' on the target switch
Note the following additional conditions for TCAM profiles:
  • TCAM profiles affect only ACLs, policy-based routing (PBR), flow-based QoS, and multicast entries, without affecting other features, protocols, or hardware resources.
  • The TCAM profile options (listed in the table) are not customizable or configurable, and they may not be appropriate to all network designs.
  • The following QoS features are optimized by TCAM profiles:
    • Flow-based QoS and flow-based policing for Layer2/Layer 3 ingress and egress
    • System Qos (VLAN-based) for Layer2/Layer 3 ingress and egress
    • Auto NAS
    • Storm control
    • Flow-based SPAN and RSPAN, including VXLAN based
    • Flow-based Sflow, including VXLAN based
  • The following QoS features are not affected by TCAM profiles:
    • All port-based QoS features (RED; PFC and legacy flow control; CoS mutation, DSCP CoS, DSCP traffic class, DSCP mutation; scheduling, shaping, and port-based policing)
    • Port-based SPAN and RSPAN
    • Port-based Sflow