cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
1321
Views
0
Helpful
2
Replies
Utair Corporation
Participant

ASR 1000 ACL and Object group limits

Hello.

Can someone clarify what limits are for number of ACL entries and number of network object-group entries?

My router is ASR 1002-X and IOS XE 3.13S (15.4.3.S9)

 

Also, should ACLs with object-group entries work on subinterfaces?

 

I have run into trouble that ACL containing object-group with over 80 thousands entries does not filter.

 

2 REPLIES 2
balaji.bandi
VIP Expert

As per ASR Documentation it support maximum of  - 4,000 unique ACLs

 

Suggest to check the Logs, you see some errors while processing this ACL.

 

BB



BB


*** Rate All Helpful Responses ***


@balaji.bandi wrote:

As per ASR Documentation it support maximum of  - 4,000 unique ACLs

 


You did not understand my question.

I need to know what's limit of entries in one access list and one object-group.

I do not need thousands of unique ACLs.

I have a problem that ACL with 76000 entries do work and use 152000 TCAM cells, but if i move entries into single object-group, and then use that object-group in ACL, then that ACL does not work (or work partially) and only 22000 TCAM cells gets used.

 

 

There is nothing in the logs regarding TCAM. (logging is turned on and there is other, non-related messages in it)

Content for Community-Ad