Reset Search
 

 

Article

Error "<Domain rule count exceeds max supported on one or more devices.>" when applying policy rules from NetSight Policy Manager

« Go Back

Information

 
TitleError "<Domain rule count exceeds max supported on one or more devices.>" when applying policy rules from NetSight Policy Manager
Symptoms
Environment
  • NetSight: Policy Manager
  • Summit: X440-G2
  • EXOS: All
Cause

The maximum rule count has been exceeded in one or more rule types. See below (in this case IPv4 rules exceed the max allowed).

Device Stats & Info

Specific Error

Event Details
Resolution
Adjust the amount of rules in the rule type that is exceeding the maximum. Additionally, the switch can be upgraded to EXOS version 22.1.x where there is a supported command that will allow reallocation of rule amounts. 

configure policy resource-profile [ default | less-acl [ more-ipv4 | more-ipv4-no-ipv6 | more-ipv4-no-mac-no-ipv6 ] | more-ipv4-no-ipv6 | more-ipv4-no-mac-no-ipv6 | more-mac-no-ipv6 ] {profile-modifier [{ no-mac no_mac} { no-ipv4 no_ipv4 } { no-ipv6 no_ipv6 }]}

Please refer to the Command Reference Guide for additional details on how to utilize this command. 
Additional notes
The X440-G2 supports the following policy rule maximums:

Policy Capabilities

  • Policy Profiles: 63
  • Rules Per Profile: Up to 440
  • Authenticated Policy Users per Switch: Up to 256
  • Authenticated Policy Users per Port: Up to 256
  • Unique Permit/Deny Rules per Switch: 440
  • MAC Rules: N/A
  • IPv4 Rules: 256
  • IPv6 Rules: N/A
  • L2 Rules: 184
  • Rate Limiting: Per Class of Service
For additional information please refer to the Data Sheets

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255