Acl limits issues – Brocade Network OS Administrator’s Guide v4.1.1 User Manual

Page 676

Advertising
background image

For the flow control solution, enable flow control either on the ports receiving the traffic from end-
devices (servers or personal computers) and the connected end-device itself, or enable flow control on
the port-channel as shown in the following example.

switch(conf-if-te-1/0/24)# interface port-channel 100

switch(config-Port-channel-100)# qos flowcontrol tx on rx on

Once flow control is enabled, enter the show qos rcv-queue interface tengigabitethernet command
again and check the output. It should no longer be reporting packet drops. If the packet drops continue
or the ingress rate is considerably lower than expected, contact your switch support provider for further
investigation.

We recommend enabling asymmetric flow control with Brocade VDX switches. For any two adjacent
devices, one device should have Rx ON and Tx OFF, while the other device should have Rx OFF and
Tx ON.

Refer to

Congestion control and queuing

on page 344 for further details about congestion control.

ACL limits issues

If you keep within the supported limits of ACL usage as shown in the table below, you are unlikely to
run into system limits issues. ACLs should instantiate quickly and correctly.

ACL limits per switch in VCS mode

TABLE 100

Feature

Limit

Number of standard or extended ACLs created but not applied

512

Number of Layer 3 standard or extended ACLs created but not applied

512

Number of rules per standard or extended ACL

2048

Maximum number of Layer 2 or Layer 3 standard or extended ACL rules

100k

Number of physical interfaces on which an ACL is applied concurrently

48(60 in standalone mode)

Number of VLAN interfaces on which ACL is applied concurrently

100

Number of ACL counters

252

Number of TCAM table entries

1000

Number of ACL rules

6000

Number of applied, co-existing standard and extended ACLs

50

In addition, up 30,720 MAC addresses are supported.

As you approach or exceed combinations of these limits, it is possible you might encounter slow
instantiation of ACL rules, process exceptions, or ACL failure due to MAC learning issues.

Delays of several minutes can occur in the instantiation of ACL rules and counters if the number of
ACLs or VLANs is excessive. The L2SYS process message queue can become full, or CPU context
switching and process scheduling can increase to the point that ACL instantiation proceeds slowly.
Periodic monitoring with the show statistics access-list mac command will show not more than 252
ACL rules with a nonzero and incrementing frame count for rules that are correctly instantiated and
have hardware counters allocated.

ACL limits issues

676

Network OS Administrator’s Guide

53-1003225-04

Advertising
See also other documents in the category Brocade Computer Accessories: