15-67
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
OL-8978-04
Chapter 15 Configuring Access Control
Configuring and Storing VACLs and QoS ACLs in Flash Memory
Note
If you cannot write the configuration to flash memory, you must copy the configuration to a file, make
additional room available in flash memory, and then try to write the VACL and QoS ACL configuration
to flash memory.
At system startup, if the VACL and QoS ACL configuration location is set to flash memory but either
the CONFIG_FILE variable is not set or none of the files specified exist, this syslog message displays:
1999 Sep 01 17:00:00 %SYS-0-CFG_FLASH_ERR:ACL configuration set to flash but no ACL
configuration file found.
Running with the VACL and QoS ACL Configuration in Flash Memory
After you move the VACL and QoS ACL configuration to flash memory, the QoS ACLs and VACL
commit operations are no longer written to NVRAM. You have to copy the configuration to the flash file
manually as follows:
•
If you use the
set boot config-register auto-config append
option, the configuration from the
auto-config file is appended to the NVRAM configuration. You then only have to copy the VACL
and QoS ACL configuration to this file after the commit operations.
•
If you do not use the
set boot config-register auto-config append
option, the auto-config feature
clears the configuration before executing the auto-config file at system startup. Any changes made
in NVRAM are lost. You should always copy your entire configuration (not just the VACL and QoS
ACL configuration) to the auto-config file when you want to save it.
Moving the VACL and QoS ACL Configuration Back to NVRAM
This example shows how to move the VACL and QoS ACL configuration back to NVRAM:
Console> (enable)
set config acl nvram
ACL configuration copied to NVRAM.
Console> (enable)
Console> (enable)
clear boot auto-config
CONFIG_FILE variable =
Console> (enable)
Redundancy Synchronization Support
The
set boot
commands contain an option to synchronize the auto-config file automatically.
When you enable the
auto-config
option, if the VACL and QoS ACL configuration resides in flash
memory, the auto-config file on the active supervisor engine is automatically synchronized to the
standby supervisor engine whenever a change is made. For example, deleting the auto-config file on the
active supervisor engine causes the file to be deleted on the standby supervisor engine. Similarly, if you
insert a new standby supervisor engine, the active supervisor engine automatically synchronizes the
auto-config file.