Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3033
Views
0
Helpful
0
Replies

Nexus 3048 - ERROR: tcam region full

rthakker
Level 1
Level 1

‎04-25-2013 07:30 AM - edited ‎03-07-2019 01:02 PM

Hi,

I am getting following error whilst updating existing COPP policy to restrict NP, SNMP, SSH etc.. It’s new Cisco Nexus 3048 straight out of box and I am trying to create standard build in LAB first. NX-OS version is

kickstart image file is: bootflash:/n3000-uk9-kickstart.5.0.3.U2.2b.bin

system image file is: bootflash:/n3000-uk9.5.0.3.U2.2b.bin

TestlabL2S01#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

TestlabL2S01(config)# ip access-list copp-system-acl-snmp

TestlabL2S01(config-acl)#  211 permit udp any 10.30.128.71/32 eq snmptrap

ERROR: tcam region full

TestlabL2S01(config-acl)#

TESTLABL2S01# sh log last 10

2013 Apr 25 13:25:08 TESTLABL2S01 %ETHPORT-5-IF_RX_FLOW_CONTROL: Interface Ethernet1/52, operational Receive Flow Con

trol state changed to off

2013 Apr 25 13:25:08 TESTLABL2S01 %ETHPORT-5-IF_TX_FLOW_CONTROL: Interface Ethernet1/52, operational Transmit Flow Co

ntrol state changed to off

2013 Apr 25 13:25:08 TESTLABL2S01 %ETHPORT-5-IF_UP: Interface Ethernet1/52 is up in mode access

2013 Apr 25 13:25:24 TESTLABL2S01 %STP-2-BRIDGE_ASSURANCE_BLOCK: Bridge Assurance blocking port Eth1/52 VLAN: 1.

2013 Apr 25 13:25:24 TESTLABL2S01 %STP-2-BRIDGE_ASSURANCE_BLOCK: Bridge Assurance blocking port Eth1/51 VLAN: 1.

2013 Apr 25 13:25:26 TESTLABL2S01 %STP-2-BRIDGE_ASSURANCE_BLOCK: Bridge Assurance blocking port Eth1/50 VLAN: 1.

2013 Apr 25 13:25:28 TESTLABL2S01 %STP-2-BRIDGE_ASSURANCE_BLOCK: Bridge Assurance blocking port Eth1/49 VLAN: 1.

2013 Apr 25 13:27:13 TESTLABL2S01 %VSHD-5-VSHD_SYSLOG_CONFIG_I: Configured from vty by testbed on 192.168.1.1@pts/0

2013 Apr 25 13:27:45 TESTLABL2S01 %ACLMGR-3-ACLMGR_VERIFY_FAIL: Verify failed: client 40000290, tcam region full

2013 Apr 25 13:27:45 TESTLABL2S01 %AFM-3-AFM_VERIFY_FAIL: Access control policy modification at global scope failed

TESTLABL2S01#

TESTLABL2S01#

sh hardware profile tcam region

   sup size =  128

  vacl size =  512

ifacl size =  256

   qos size =  256

rbacl size =    0

  span size =  128

  racl size =  512

e-racl size =  512

e-vacl size =  512

qoslbl size =  512

  ipsg size =  512

arpacl size =  0

TESTLABL2S01#

I tried changing arpacl size from 0 to 128 but i got same error hence reverted back to original as per instructions in

http://www.cisco.com/en/US/docs/switches/datacenter/nexus3000/sw/security/503_u3_1/b_Cisco_n3k_Security_Config_503_u3_1_chapter_01011.html#concept_4377839DC5EC4AA481CD8CEB9B62CE99

Any suggestions how to resolve this issue? 

I really appreciate your help.

Thanks

Ritesh

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card