Solved: Re: VLAN port limit reached or exceeded: how do I resolve this?

mathew.goddard · ‎02-11-2021

I received the warning in the title when creating a new service profile. When I go to Equipment -> Fabric Interconnect [A/B]-> VLAN Port Count, I see a 'VLAN Port Limit' of 64000 and if I add 'Access VLAN Port Count' and 'Border VLAN Port Count' together I get 63495. So, close but not technically exceeding the max. (My FI's are model 6248UP.)

So, I have two questions and I'm hoping some of you fine, knowledgeable folks can point me in the right direction:

How come it's saying the limit has been reached/exceeded when it seems I'm using less than the 64000 VLANs?
What are my options once that limit has been reached? Is this is a licensing thing? A hardware limitation?

Kirk J · ‎02-12-2021

Greetings.

This is a hardware limitation. If you are getting close to the 64K count then you already have vlan port count optimization turned on.

I have reviewed a few of these type cases with customers over the years, and most of the time, the vlan port count is that high when customers have unintentionally allowed/enabled all of the defined vlans on all their vnics.

When you look through your vnic template or vnics defined in service profile/templates make sure only the vlans you need per vnic are allowed.

Suspect there is some overhead for CIMC/internal mgmt components that may not show up in the totals (not entirely sure).

More details on what contributes to the count: https://community.cisco.com/t5/unified-computing-system/cisco-ucs-environment-vlan-port-count/td-p/3069470

Kirk...

View solution in original post

Kirk J · ‎02-12-2021

Greetings.

This is a hardware limitation. If you are getting close to the 64K count then you already have vlan port count optimization turned on.

I have reviewed a few of these type cases with customers over the years, and most of the time, the vlan port count is that high when customers have unintentionally allowed/enabled all of the defined vlans on all their vnics.

When you look through your vnic template or vnics defined in service profile/templates make sure only the vlans you need per vnic are allowed.

Suspect there is some overhead for CIMC/internal mgmt components that may not show up in the totals (not entirely sure).

More details on what contributes to the count: https://community.cisco.com/t5/unified-computing-system/cisco-ucs-environment-vlan-port-count/td-p/3069470

Kirk...

mathew.goddard · ‎02-18-2021

When you look through your vnic template or vnics defined in service profile/templates make sure only the vlans you need per vnic are allowed.

Thanks, Kirk, I think that's the solution: I have a bunch of VMware hosts in three different clusters and all of them are using the same VNIC templates, in which pretty much all the VLANs are enabled, whether the actual VMs in those clusters need them or not. It looks like that's the reason why the count is so high.

My plan is to create new VNIC templates and move one cluster to those, then enable only the VLANs those VMs need in those templates, so that I can then remove them from the other templates. Does that sound plausible?

mathew.goddard · ‎03-04-2021

[Ignore. Posted in the wrong place and can't figure out how to delete a post.]

mathew.goddard · ‎03-04-2021

Just posting to say that my process worked great: I created a new SP template that linked to a new LAN connection policy with new vNIC templates that only had the specific VLANs checked that were required by the relevant servers. After removing one server from its SP template and binding it to the new one, the overall VLAN count went down by about 1,100 VLANs.

So, once I apply this process to the rest of the servers, the problem should be resolved.

Thanks again!