No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
Knowledge Base

ACL entry exceeded the warning threshold

Publication Date:  2018-12-12  |   Views:  786  |   Downloads:  0  |   Author:  a84090745  |   Document ID:  EKB1002047509

Contents

Issue Description

Customer receive an alarm which indicate that the number of ACL entry exceeded the warning threshold

Reason 61: 

61: The usage of ACL rule resources exceeds the alarm threshold.

What's strange is that it is a test switch where there is very little traffic and ALCs are used only for SNMP and management traffic. 



Alarm Information

Dec 11 2018 10:04:33+01:00 swt2-ra9.twr %%01FEI/4/hwBoardResWarningThresholdExceed_active(l):CID=0x807f0430-alarmID=0x095e2029;The number of forwarding resources reaches the alarm threshold. (Slot = 1, Threshold = 75, Reason = 61, Description : the number of UDF exceeded the warning threshold)
Dec 11 2018 10:04:33+01:00 swt2-ra9.twr %%01FEI/4/hwBoardResWarningThresholdExceed_clear(l):CID=0x807f0430-alarmID=0x095e2029-clearType=service_resume;The number of forwarding engine resources is less than the threshold. (Slot = 1, Threshold = 75, Reason = 61, Description : the number of ACL entry exceeded the warning threshold)


Handling Process

We checked the log, and we found that no ACL failure on this switch, but the ACL UDF resource is used more than 75 percent, the warning is caused by the number of UDF ACL resource exceeded the warning threshold,  the detail is as follows:


Sequence    : 11348    

AlarmId     : 0x95E2029             AlarmName : hwBoardResWarningThresholdExceed                               

AlarmType   : quality_of_service    Severity  : Warning          State : cleared

StartTime   : 2018-12-11 08:04:36+01:00              

Description : The number of forwarding resources reaches the alarm threshold. (Slot = 1, Threshold = 75, Reason = 61, Description : the number of UDF exceeded the warning threshold)

ClearTime   : 2018-12-11 09:04:25+01:00              

ClearType   : verify_clear        

ClearReason : The number of forwarding engine resources is less than the threshold. (Slot = 1, Threshold = 75, Reason = 61, Description : the number of UDF exceeded the warning threshold)

 

 

We checked other ACL resource and there are enough.  The detail is as follows:



Root Cause

Actually,  UDF resource is used to match the traffic with tunnel packets,  such as MPLS, TRILL, VxLAN,  GRE etc. the traffic without these tunnel header does not need UDF ACL resource.

Because there is TRILL configuration on the device, UDF is used to match trill traffic, so it will use these UDF resource, the detail is as follows:

Slot: 1

------------------------------------------------------------------------------

Chip  GroupID    Width      Stage          ServiceName                 Count

------------------------------------------------------------------------------

    0        8    Double     Ingress        App-Session                     2

             8    Double     Ingress        CPCAR Ipv4                     49

             8    Double     Ingress        L2 Protocol Tunnel              1

             8    Double     Ingress        TRILL Protocol                  1

            22    Double     Ingress        CPCAR Udf                       6

            22    Double     Ingress        TRILL OAM Expand                2

            22    Double     Ingress        TRILL OAM UC                    1

            22    Double     Ingress        TRILL OSPF MC                   1

            22    Double     Ingress        TRILL VLAN ARP                  2

            22    Double     Ingress        TRILL VLAN UC                   1

------------------------------------------------------------------------------

If we will not deploy new more tunnel service, such as TRILL OSPF, TRILL arp, TRILL MC and etc. it will not use these service, the UDF resource is enough.

Solution

So we suggest to ignore these warning information, and configure command to ignore these warning information.

  • undo snmp-agent trap enable feature-name   fei trap-name hwboardreswarningthresholdexceed
  • info-center filter-id bymodule-alias  fei   hwboardresthresholdexceedresume


Suggestions