Hi

Thank you for your time and consideration

I removed some unnecessary ACL rules and then I could add IP addresses to object-groups

I have several ACLs applied on router sub-interfaces and results are shown below:

I have applied one ACL on more than 10 sub-interface for ingress for different purposes.

1-show access-lists ipv4 <acl name> hardware <direction> resource-usage loc <lc> :

Wed Jan 30 15:06:05.340 EST
a)
 NP                     : 0
 Rules (ACE)            : 8
 ACL compression level  : 0
 Fields compressed      : None
 TCAM Entries used      : 2222  ( 24k total)
 TCAM Key Width         : 160 ( 0 total for compressed fields)
 
 ----------------------------------------------------------
 NP                     : 1
 Rules (ACE)            : 8
 ACL compression level  : 0
 Fields compressed      : None
 TCAM Entries used      : 2222  ( 24k total)
 TCAM Key Width         : 160 ( 0 total for compressed fields)
 
 ----------------------------------------------------------
 NP                     : 2
 Rules (ACE)            : 8
 ACL compression level  : 0
 Fields compressed      : None
 TCAM Entries used      : 2222  ( 24k total)
 TCAM Key Width         : 160 ( 0 total for compressed fields)

b)

NP                     : 2
 Rules (ACE)            : 12
 ACL compression level  : 0
 Fields compressed      : None
 TCAM Entries used      : 2260  ( 24k total)
 TCAM Key Width         : 160 ( 0 total for compressed fields)
 
 ----------------------------------------------------------
 NP                     : 3
 Rules (ACE)            : 12
 ACL compression level  : 0
 Fields compressed      : None
 TCAM Entries used      : 2260  ( 24k total)
 TCAM Key Width         : 160 ( 0 total for compressed fields)

c)

NP                     : 2
 Rules (ACE)            : 12
 ACL compression level  : 0
 Fields compressed      : None
 TCAM Entries used      : 2262  ( 24k total)
 TCAM Key Width         : 160 ( 0 total for compressed fields)

d)

NP                     : 1
 Rules (ACE)            : 4
 ACL compression level  : 0
 Fields compressed      : None
 TCAM Entries used      : 122  ( 24k total)
 TCAM Key Width         : 160 ( 0 total for compressed fields)

2-I can not use #show prm  because I got this error

RP/0/RSP0/CPU0:Router#show prm ?                                      
 % Invalid input detected at '^' marker.
RP/0/RSP0/CPU0:Main-Router#show prm

Instead I put result from #show pfilter-ea fea summary location 0/0/CPU0

******** NP Resource Usage Summary ************

Chan #  160-bit TCAM Entries  640-bit TCAM Entries  Stats   SS Hash Entries
========================================================================
  0          2222                   24            17            0
  1          2344                   24            21            0
  2          6736                   24            41            0
  3          2256                    0            12            0
  4             0                    0             0            0
  5             0                    0             0            0
  6             0                    0             0            0
  7             0                    0             0            0

3-show controller np ports all loc <lc> :

Wed Jan 30 15:09:07.401 EST

Node: 0/0/CPU0:
----------------------------------------------------------------

NP Bridge Fia Ports
-- ------ --- ---------------------------------------------------
0 -- 0 TenGigE0/0/0/0 - TenGigE0/0/0/2
1 -- 0 TenGigE0/0/0/3 - TenGigE0/0/0/5
2 -- 1 TenGigE0/0/0/6 - TenGigE0/0/0/8
3 -- 1 TenGigE0/0/0/9 - TenGigE0/0/0/11
4 -- 2 TenGigE0/0/0/12 - TenGigE0/0/0/14
5 -- 2 TenGigE0/0/0/15 - TenGigE0/0/0/17
6 -- 3 TenGigE0/0/0/18 - TenGigE0/0/0/20
7 -- 3 TenGigE0/0/0/21 - TenGigE0/0/0/23

How can I find out the maximum size of TCAM and how to change it for future if it possible?

Thank you