Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2958
Views
25
Helpful
3
Replies

ACL Hardware Resource Utilization on Nexus 7700

Go to solution
afsharmilad89
Level 1
Level 1

‎12-17-2017 02:29 AM - edited ‎03-08-2019 01:08 PM

Hi,

I need help to understand the exact meaning of "Mac Etype/Proto CAM" in my show hardware capacity forwarding command on Nexus 7700? there are 11 in used but I don't know what are they? The picture of my show command is attached.

Thanks7k.JPG

 

 

2 people had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to afsharmilad89

‎12-18-2017 12:07 AM

Hello,

To see the table of EtherType entries in the EtherType/Proto TCAM region, you would need to execute the show commands from the default VDC - currently, you are in VDC-2.

You can consider the values shown for the EtherType/Proto TCAM region as informative, and you do not need to be concerned about them as long as you do not intend to specify additional non-IP protocols in your CoPP policies.

Best regards,
Peter

View solution in original post

3 Replies 3

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎12-17-2017 01:56 PM

Hi,

One of the ways to see what entries are being stored in the EtherType/Proto TCAM region is to use the show hardware access-list resource entries detail command; another command where the same information is displayed would be show hardware access-list input entries. For example:

N7K# show hardware access-list resource entries detail module 1
[ ... cut ... ]

Index  Mac - Etype Proto  ref_count
-----------------------------------
  11           35092 0      1
  10           35078 0      1
  9            34880 0      1
  8            13313 0      1
  7            34883 0      1
  6            34825 0      1
  5            35136 0      6
  4            34958 0      1
  3            34824 0      1
  2            35061 0      1
  1            35020 0      1
11 mac protocol cam entries are in use
[ ... cut ... ]

Numbers shown in this output are in decimal; converting them to hexa values would produce the following table of protocols:

11 35092 0x8914 FIP Storage Access Protocol
10 35078 0x8906 FCoE
9 34880 0x8840 L2Tunnel across vPC peer-link (BPDUs etc.)
8 13313 0x3401 SDP/SRP
7 34883 0x8843 Cisco Fabric Services over Ethernet (used with vPC)
6 34825 0x8809 LACP
5 35136 0x8940 ECP
4 34958 0x888E 802.1X
3 34824 0x8808 Flow Control
2 35061 0x88F5 MVRP
1 35020 0x88CC LLDP

You would see references to these protocol types in the show hardware access-list input entries detail output, mostly in CoPP entries (if sifting through this output, search again for decimal values).

Best regards,
Peter

Go to solution
afsharmilad89
Level 1
Level 1
In response to Peter Paluch

‎12-17-2017 11:02 PM

Hello again and thanks for your quick response, I would like to know that is it essential to care about this used number(Mac Etype/Proto CAM       11(Used)      3(Free)       78.57(Percent) ) and is it vital or is just for informing ? also the out put of show hardware access-list input entries detail is shown as below:

 

=======================================================

show hardware access-list input entries detail

slot 3
=======

NOT Supported in SUP ACLQOS

slot 4
=======

NOT Supported in SUP ACLQOS

slot 5
=======


Flags: F - Fragment entry E - Port Expansion
D - DSCP Expansion M - ACL Expansion
T - Cross Feature Merge Expansion

VLAN 689 :
=========

INSTANCE 0x0
---------------

Tcam 1 resource usage:
----------------------
Label_b = 0x201
Bank 0
------
IPv4 Class
Policies: PBR(Firewall) [Merged]
Netflow profile: 0
Netflow deny profile: 0
Entries:
[Index] Entry [Stats]
---------------------
[001d:0013:0013] prec 1 permit-routed ip 0.0.0.0/0 224.0.0.0/4 [0]
[001e:0014:0014] prec 1 redirect(0x66)-routed icmp 0.0.0.0/0 0.0.0.0/0 [27471381]
[001f:0015:0015] prec 1 redirect(0x66)-routed udp 0.0.0.0/0 0.0.0.0/0 [1129285680]
[0020:0016:0016] prec 1 permit-routed ip 0.0.0.0/0 0.0.0.0/0 [187549187703]


L4 protocol cam entries usage: none

No mac protocol cam entries are in use

VDC-2 port-channel2 :
====================
no acl related hardware resources found
VDC-2 port-channel9 :
====================
no acl related hardware resources found
VDC-2 Ethernet5/4 :
====================
no acl related hardware resources found
VDC-2 UF-All Ports in VDC 2 :
====================
no acl related hardware resources found

==============================================================

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee
In response to afsharmilad89

‎12-18-2017 12:07 AM

Hello,

To see the table of EtherType entries in the EtherType/Proto TCAM region, you would need to execute the show commands from the default VDC - currently, you are in VDC-2.

You can consider the values shown for the EtherType/Proto TCAM region as informative, and you do not need to be concerned about them as long as you do not intend to specify additional non-IP protocols in your CoPP policies.

Best regards,
Peter

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card