l2-multicast limit max-entry (interface view)

Function

The l2-multicast limit max-entry command sets a multicast group number limit. An ACL rule in which the action is permitted can be used to prevent groups from being counted against the limit.

The undo l2-multicast limit max-entry command cancels the configuration.

By default, the number of multicast groups is not limited.

Format

l2-multicast limit max-entry count [ except { acl-number | acl-name acl-name } ]

undo l2-multicast limit max-entry [ count [ except { acl-number | acl-name acl-name } ] ]

Parameters

Parameter	Description	Value
except acl-number	Specifies the number of an ACL used to prevent groups from being counted against the limit.	The value is an integer ranging from 2000 to 3999.
except acl-name acl-name	Specifies the name of an ACL used to prevent groups from being counted against the limit.	The value is a string of 1 to 64 case-sensitive characters without spaces. The value must start with a letter (a to z or A to Z, case sensitive).
max-entry count	Specifies a multicast group number limit.	The value is an integer ranging from 1 to 16384.

Parameter

Description

Value

except acl-number

Specifies the number of an ACL used to prevent groups from being counted against the limit.

The value is an integer ranging from 2000 to 3999.

except acl-name acl-name

Specifies the name of an ACL used to prevent groups from being counted against the limit.

The value is a string of 1 to 64 case-sensitive characters without spaces. The value must start with a letter (a to z or A to Z, case sensitive).

max-entry count

Specifies a multicast group number limit.

The value is an integer ranging from 1 to 16384.

Views

100ge sub-interface view, 100GE interface view, 10GE sub-interface view, 10GE interface view, 200GE sub-interface view, 25GE sub-interface view, 25GE interface view, 400GE sub-interface view, 400GE interface view, 40GE sub-interface view, 40GE interface view, 50GE sub-interface view, 50GE interface view, Eth-Trunk sub-interface view, Eth-Trunk interface view, FlexE interface view, GE optical interface view, GE sub-interface view, GE interface view, GE electrical interface view, Global VE sub-interface view

Default Level

2: Configuration level

Task Name and Operations

Task Name	Operations
l2mc	write

Usage Guidelines

Usage Scenario

If multicast packets are used to attack the network, devices on the network will be busy processing attack packets and cannot respond to normal network requests. To ensure the multicast service quality, you can configure a multicast group number limit to control generated multicast forwarding entries.

Configuration Impact

If the l2-multicast limit max-entry command is run more than once, all configurations take effect.

Precautions

When using ACL rules for filtering, note the following points:

Basic ACL: (, G) entry-based filtering rules are used. The source address specified in an ACL is G (multicast group address) in a (, G) entry.
Advanced ACL:
In the Any-Source Multicast (ASM) model, (, G) entry-based filtering rules are used. The source address specified in an ACL is G (multicast group address) in a (, G) entry.
In the Source Specific Multicast Mapping (SSM) model, (S, G) entry-based filtering rules are used. The source address specified in an ACL is S (multicast source address) in an (S, G) entry and the destination address specified in the ACL is G (multicast group address) in the (S, G) entry.

Example

# Limit the number of multicast groups on an interface to 1000.

<HUAWEI> system-view
[~HUAWEI] interface GigabitEthernet0/1/1
[~HUAWEI-GigabitEthernet0/1/1] l2-multicast limit max-entry 1000