Why does the system generally display the error message "Add rule to chip failed" or "Error:Adding rule failed." when a traffic policy is delivered and an ACL rule contains a TCP or UDP port range

On S series modular switches, the system generally displays an error message when a traffic policy is delivered and an ACL rule contains a TCP or UDP port range. The possible causes of this problem are as follows:
- The traffic policy is applied in the outbound direction (V200R002C00 and earlier versions).
In V200R002C00 and earlier versions, the port range cannot be specified in the outbound direction. If the ACL rule containing a port range and the corresponding traffic policy is applied in the outbound direction, the system displays the preceding error message.
- The number of applied rules that contain port ranges has reached or exceeded the maximum value.
The S series cards support a maximum of 16 TCP or UDP port ranges and the E series cards support a maximum of 32 TCP or UDP port ranges. When the number of rules containing port ranges that are applied in the inbound direction exceeds the maximum, the system displays the preceding error message.

Scroll to top