Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
9650
Views
0
Helpful
2
Comments

The %EARL_NETFLOW-4-TCAM_THRLD error message is received in Cisco Catalyst 6000 and 6500 series switches running Cisco IOS system software

TCC_2
Level 10
Level 10

‎06-17-2009 10:19 PM - edited ‎03-01-2019 03:38 PM

Core issue

The %EARL_NETFLOW-4-TCAM_THRLD error message indicates that the NetFlow Ternary Content Addressable Memory (TCAM) is almost full, so aggressive aging is temporarily enabled. If the NetFlow mask is changed to FULL mode, the TCAM for NetFlow could overflow due to so many NetFlow entries. This situation can be verified if the show mls netflow ip count command is issued.

The Supervisor Engine 720 checks how full the NetFlow table is every 30 seconds. The Supervisor Engine turns on aggressive aging when the table size reaches almost 90 percent. The idea behind aggressive aging is that the table is nearly full, so there are new active flows which cannot be created. Therefore, it makes sense to aggressively age-out the less active flows (or inactive flows) in the table to make space for more active flows.

The capacity for each policy feature card (PFC) NetFlow table (IPv4), for PFC3a and PFC3b, is 128,000 flows. For the PFC3bXL, the capacity is 256,000 flows.

The NetFlow usage notification feature is disabled by default. The %EARL_NETFLOW-4-TCAM_THRLD error message seen is most likely the result of service internal being present in the configuration and printed when the NetFlow usage reaches 90 percent.

The error message looks similar to

Aug 24 12:30:53: %EARL_NETFLOW-SP-4-TCAM_THRLD: Netflow TCAM threshold exceeded, 
TCAM Utilization [97%]

Resolution

To prevent this problem, issue the no mls flow ip command to disable the FULL NetFlow mode.

Note: Generally, the no mls flow ip command does not affect packet forwarding because TCAM for packet forwarding and TCAM for NetFlow accounting are separate.

Error message

%EARL_NETFLOW-4-TCAM_THRLD

Labels:
0 Helpful
Comments
hdommath
Level 1
Level 1
‎12-01-2010 01:55 PM

I can not disable mls flow ip because I need that for netflow data collection.  Is there an alternative method to fix the Netflow TCAM issue?. Note that I am already using the agreesive age timers.  Here is the config

mls aging fast time 16 threshold 1
mls aging long 64
mls aging normal 64

shgiri
Cisco Employee
Cisco Employee
‎03-24-2011 09:18 AM

In order to recover from this issue, enable MLS fast aging. While you       enable MLS fast aging time, initially set the value to 128 seconds. If the size       of the MLS cache continues to grow over 32 K entries, decrease the setting       until the cache size remaines less than 32 K. If the cache continues to grow       over 32K entries, decrease the normal MLS aging time. Any aging-time value that       is not a multiple of 8 seconds is adjusted to the closest multiple of 8       seconds.

Switch#configure terminal
Switch(config)#mls aging fast threshold 64 time 30

The other workaround would disable service       intrenal in case if you have enabled, and remove mls       flow ip interface-full in case if you do not need full       flow.

Switch(config)#no service internal
Switch(config)#mls flow ip interface-ful

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card