Reset Search
 

 

Article

ACL problems after upgrading to EXOS 15.3 or higher

« Go Back

Information

 
TitleACL problems after upgrading to EXOS 15.3 or higher
Symptoms
Table Full, more ACL-slice usage or misbehaving access-list actions after a switch is upgraded to 15.3 or higher.
 
Environment
  • EXOS 15.3 and higher
  • access-list
Cause
This is caused by a change in the default setting for access-list vlan-acl-precedence.
In 15.2 and lower this was set to shared default. This uses less slices/rules as when it is configured for dedicated.
In 15.3 and higher the vlan-acl-precedence default setting is set to dedicated.
If a switch is upgraded from 15.2 to 15.3 or higher it will start using more acl-slices and rules.

use "show access-list configuration" to see the settings.
sh access-list configuration 
       Access-list Refresh Blackhole: Enabled 
       Access-list configured vlan-acl-precedence mode: Dedicated 
       Access-list operational vlan-acl-precedence mode: Dedicated 
       Access-list Rule-compression Port-counters: Dedicated 

 
Resolution
Change the vlan-acl-precedence back to the setting used before to get the same behavior.
configure access-list vlan-acl-precedence shared
 
Check below solutions for detailed information about other issues related to this.
Additional notes
Log message ACL install operation failed can occur when wrong setting is used after upgrade.
ALC slice usage

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255