Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
1067
Views
0
Helpful
1
Replies

Configure IPV6 port ACL and MAC port ACL on Nexus 31108PC-V

Go to solution
19782401a
Level 1
Level 1

ā€Ž12-24-2018 05:34 AM

Hi,

I'm tryng to configure apply a IPV6 ACL and MAc ACL on a L2 interface (port ACL), but system give me an error "TCAM region is not configured. Please configure TCAM region and retry the command"

TCAM region IPV6 PACL [ipv6-ifacl] and MAC PACL [mac-ifacl] are in effect set to 0.

Wich correct value have I to set? After this configuration, have I necessarily  rebbot the switch? If yes, to minimize outage is empty non-disrupt reload?

Thanks

Gian Luca

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

ā€Ž12-29-2018 04:49 PM

Hi Gian Luca,

You will indeed need to increase the sizes of the ipv6-ifacl and mac-ifacl TCAM regions to a non-zero size; the values need to be multiples of 256, so 256 is the minimum non-zero value. Typically, this will come at the expense of another TCAM region - you will likely need to first decrease the size of some other, potentially unused region, and only then grow the ipv6-ifacl and mac-ifacl regions. What value you should use depends on how many distinct ACLs you plan to use, how many entries they will have, and how complex will those entries be. In a very general way, every ACL entry can take between 1-3 TCAM entries. 

A reload after this change is, sadly, inevitable, and it needs to be a full reload of the chassis.

Changes to TCAM carving are admittedly one of the most annoying configuration changes on the Nexus switch platforms since they always require full reloads and since the configured carving values may need to be repeatedly tweaked.

Best regards,
Peter

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

ā€Ž12-29-2018 04:49 PM

Hi Gian Luca,

You will indeed need to increase the sizes of the ipv6-ifacl and mac-ifacl TCAM regions to a non-zero size; the values need to be multiples of 256, so 256 is the minimum non-zero value. Typically, this will come at the expense of another TCAM region - you will likely need to first decrease the size of some other, potentially unused region, and only then grow the ipv6-ifacl and mac-ifacl regions. What value you should use depends on how many distinct ACLs you plan to use, how many entries they will have, and how complex will those entries be. In a very general way, every ACL entry can take between 1-3 TCAM entries. 

A reload after this change is, sadly, inevitable, and it needs to be a full reload of the chassis.

Changes to TCAM carving are admittedly one of the most annoying configuration changes on the Nexus switch platforms since they always require full reloads and since the configured carving values may need to be repeatedly tweaked.

Best regards,
Peter

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card