l2-multicast limit max-entry

Function

The l2-multicast limit max-entry command sets a multicast group number limit. An ACL rule in which the action is permitted can be used to prevent groups from being counted against the limit.

The undo l2-multicast limit max-entry command cancels the configuration.

By default, the number of multicast groups is not limited.

Format

l2-multicast limit max-entry count [ except { acl-number | acl-name acl-name } ]

undo l2-multicast limit max-entry [ count [ except { acl-number | acl-name acl-name } ] ]

Parameters

Parameter	Description	Value
except acl-number	Specifies the number of an ACL used to prevent groups from being counted against the limit.	The value is an integer ranging from 2000 to 3999.
except acl-name acl-name	Specifies the name of an ACL used to prevent groups from being counted against the limit.	The value is a string of 1 to 64 case-sensitive characters without spaces. The value must start with a letter (a to z or A to Z, case sensitive).
max-entry count	Specifies a multicast group number limit.	The value is an integer ranging from 1 to 16384.

Parameter

Description

Value

except acl-number

Specifies the number of an ACL used to prevent groups from being counted against the limit.

The value is an integer ranging from 2000 to 3999.

except acl-name acl-name

Specifies the name of an ACL used to prevent groups from being counted against the limit.

The value is a string of 1 to 64 case-sensitive characters without spaces. The value must start with a letter (a to z or A to Z, case sensitive).

max-entry count

Specifies a multicast group number limit.

The value is an integer ranging from 1 to 16384.

Views

VSI-AUTO view, VSI-BD view, VSI-DEFAULT view, VSI-STATIC view

Default Level

2: Configuration level

Task Name and Operations

Task Name	Operations
l2mc	write

Usage Guidelines

Usage Scenario

If multicast packets are used to attack the network, devices on the network will be busy processing attack packets and cannot respond to normal network requests. To ensure the multicast service quality, you can configure a multicast group number limit to control generated multicast forwarding entries.

Configuration Impact

If the l2-multicast limit max-entry command is run more than once, all configurations take effect.

Precautions

When using ACL rules for filtering, note the following points:

Basic ACL: (, G) entry-based filtering rules are used. The source address specified in an ACL is G (multicast group address) in a (, G) entry.
Advanced ACL:
In the Any-Source Multicast (ASM) model, (, G) entry-based filtering rules are used. The source address specified in an ACL is G (multicast group address) in a (, G) entry.
In the Source Specific Multicast Mapping (SSM) model, (S, G) entry-based filtering rules are used. The source address specified in an ACL is S (multicast source address) in an (S, G) entry and the destination address specified in the ACL is G (multicast group address) in the (S, G) entry.

Example

# Limit the number of multicast groups in a VSI named vsi1 to 100.

<HUAWEI> system-view
[~HUAWEI] mpls
[*HUAWEI-mpls] quit
[*HUAWEI] mpls l2vpn
[*HUAWEI-l2vpn] quit
[*HUAWEI] vsi vsi1
[*HUAWEI-vsi-vsi1] pwsignal ldp
[*HUAWEI-vsi-vsi1-ldp] vsi-id 200
[*HUAWEI-vsi-vsi1-ldp] quit
[*HUAWEI-vsi-vsi1] l2-multicast limit max-entry 100