- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Comware Based
- >
- Re: acl applying problem in layer 3 switch 4500
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-15-2011 12:26 AM - last edited on тАО09-21-2014 06:27 PM by Lisa198503
тАО02-15-2011 12:26 AM - last edited on тАО09-21-2014 06:27 PM by Lisa198503
acl applying problem in layer 3 switch 4500
[SwRtr_4500-26]packet-filter vlan 4 outbound ip-group 3011
Applying Acl 3011 rule 11 failed! Reason: Resource unavailable!(Ethernet1/0/1)
Applying Acl 3011 rule 11 failed! Reason: Resource unavailable!(Ethernet1/0/19
)
Applying Acl 3011 rule 11 failed! Reason: Resource unavailable!(Ethernet1/0/20
)
Applying Acl 3011 rule 11 failed! Reason: Resource unavailable!(Ethernet1/0/21
)
Applying Acl 3011 rule 11 failed! Reason: Resource unavailable!(Ethernet1/0/22
)
Applying Acl 3011 rule 11 failed! Reason: Resource unavailable!(Ethernet1/0/23
)
Applying Acl 3011 rule 11 failed! Reason: Resource unavailable!(Ethernet1/0/24
)
Applying Acl 3011 rule 11 failed! Reason: Resource unavailable!(GigabitEtherne
t1/0/25)
Applying Acl 3011 rule 8 failed! Reason: Resource unavailable!(GigabitEthernet
1/0/26)
Applying Acl 3011 rule 9 failed! Reason: Resource unavailable!(GigabitEthernet
1/0/26)
Applying Acl 3011 rule 10 failed! Reason: Resource unavailable!(GigabitEtherne
t1/0/26)
Applying Acl 3011 rule 11 failed! Reason: Resource unavailable!(GigabitEtherne
t1/0/26)
P.S. This thread has been moved from ProCurve / ProVision-Based to Comware-Based. -HP Forum Moderator
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-16-2011 02:29 AM
тАО02-16-2011 02:29 AM
Re: acl applying problem in layer 3 switch 4500
display drv-module qacl qacl_resource ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-16-2011 02:57 AM - edited тАО02-16-2011 02:59 AM
тАО02-16-2011 02:57 AM - edited тАО02-16-2011 02:59 AM
Re: acl applying problem in layer 3 switch 4500
[4500]display drv qacl_resource
block used-mask used-rule spare-mask spare-rule
0 16 65 0 191
1 11 56 5 200
2 11 56 5 200
6 10 27 6 101
7 10 27 6 101
8 10 27 6 101
9 10 27 6 101
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-16-2011 04:29 AM
тАО02-16-2011 04:29 AM
Re: acl applying problem in layer 3 switch 4500
Well i am no 3com/HP expert but It seems that your ACL's are using more resources then your switch can handle. As you can see BLOCK 0 has a spare-mask value of 0. How does this work?
Block 0 is used by FE ports 1/0/1 to 1/0/8
Block 1 is used by FE ports 1/0/9 to 1/0/16
Block 2 is used by FE ports 1/0/17 to 1/0/24
Block 6 is used by GE port 1/0/25
Block 7 is used by GE port 1/0/26
Block 8 is used by GE port 1/0/27
Block 9 is used by GE port 1/0/28
This means port 1 to 8 can not be configured by acl's that use mask values (seems you are using one in acl nr 3011 rule11 on e 1/0/1).......well you get the picture for the other error messages..
So what to do ? you can take a look to lower the number of ACL's or you'll have to buy a switch that can handle more acl's (the 5500 also uses 16 masks and 256 rules maximum)..Maybe an HP guy can tell you which one you need
hope it helps
richard
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-16-2011 11:00 PM
тАО02-16-2011 11:00 PM
Re: acl applying problem in layer 3 switch 4500
Could you pls explain with example what is used_mask ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-16-2011 11:26 PM
тАО02-16-2011 11:26 PM
Re: acl applying problem in layer 3 switch 4500
can you post rule 11 of acl 3011 ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2011 12:14 AM
тАО02-17-2011 12:14 AM
Re: acl applying problem in layer 3 switch 4500
rule 11 permit icmp
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2011 01:05 AM
тАО02-17-2011 01:05 AM
Re: acl applying problem in layer 3 switch 4500
rule 11 permit icmp actually converts to rule 11 permit any any
From URL below : The source/source-wildcard of 0.0.0.0/255.255.255.255 means "any".
This is called a mask. You can read more here :
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a.shtml
regards
richard
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2011 01:09 AM
тАО02-17-2011 01:09 AM
Re: acl applying problem in layer 3 switch 4500
you mean to say wild card mask?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2011 01:10 AM
тАО02-17-2011 01:10 AM