[Case share] ACL entry exceeded the warning threshold

Created Dec 21, 2018 17:23:16 144 0 0 0

Problem description:


Customer receive an alarm which indicate that the number of ACL entry exceeded the warning threshold



 Issue Description


Customer receive an alarm which indicate that the number of ACL entry exceeded the warning threshold


Reason 61: 


61: The usage of ACL rule resources exceeds the alarm threshold.



What's strange is that it is a test switch where there is very little traffic and ALCs are used only for SNMP and management traffic. 




 Alarm Information

Dec 11 2018 10:04:33+01:00 swt2-ra9.twr %%01FEI/4/hwBoardResWarningThresholdExceed_active(l):CID=0x807f0430-alarmID=0x095e2029;The number of forwarding resources reaches the alarm threshold. (Slot = 1, Threshold = 75, Reason = 61, Description : the number of UDF exceeded the warning threshold)

Dec 11 2018 10:04:33+01:00 swt2-ra9.twr %%01FEI/4/hwBoardResWarningThresholdExceed_clear(l):CID=0x807f0430-alarmID=0x095e2029-clearType=service_resume;The number of forwarding engine resources is less than the threshold. (Slot = 1, Threshold = 75, Reason = 61, Description : the number of ACL entry exceeded the warning threshold)



 Handling Process


We checked the log, and we found that no ACL failure on this switch, but the ACL UDF resource is used more than 75 percent, the warning is caused by the number of UDF ACL resource exceeded the warning threshold,  the detail is as follows:




Sequence    : 11348    


AlarmId     : 0x95E2029             AlarmName : hwBoardResWarningThresholdExceed                               


AlarmType   : quality_of_service    Severity  : Warning          State : cleared


StartTime   : 2018-12-11 08:04:36+01:00              


Description : The number of forwarding resources reaches the alarm threshold. (Slot = 1, Threshold = 75, Reason = 61, Description : the number of UDF exceeded the warning threshold)


ClearTime   : 2018-12-11 09:04:25+01:00              


ClearType   : verify_clear        


ClearReason : The number of forwarding engine resources is less than the threshold. (Slot = 1, Threshold = 75, Reason = 61, Description : the number of UDF exceeded the warning threshold)


 


We checked other ACL resource and there are enough.  The detail is as follows:




 Root Cause


Actually,  UDF resource is used to match the traffic with tunnel packets,  such as MPLS, TRILL, VxLAN,  GRE etc. the traffic without these tunnel header does not need UDF ACL resource.


Because there is TRILL configuration on the device, UDF is used to match trill traffic, so it will use these UDF resource, the detail is as follows:


Slot: 1


------------------------------------------------------------------------------


Chip  GroupID    Width      Stage          ServiceName                 Count


------------------------------------------------------------------------------


    0        8    Double     Ingress        App-Session                     2


             8    Double     Ingress        CPCAR Ipv4                     49


             8    Double     Ingress        L2 Protocol Tunnel              1


             8    Double     Ingress        TRILL Protocol                  1


            22    Double     Ingress        CPCAR Udf                       6


            22    Double     Ingress        TRILL OAM Expand                2


            22    Double     Ingress        TRILL OAM UC                    1


            22    Double     Ingress        TRILL OSPF MC                   1


            22    Double     Ingress        TRILL VLAN ARP                  2


            22    Double     Ingress        TRILL VLAN UC                   1


------------------------------------------------------------------------------


If we will not deploy new more tunnel service, such as TRILL OSPF, TRILL arp, TRILL MC and etc. it will not use these service, the UDF resource is enough.


 Solution


So we suggest to ignore these warning information, and configure command to ignore these warning information.


undo snmp-agent trap enable feature-name   fei trap-name hwboardreswarningthresholdexceed

info-center filter-id bymodule-alias  fei   hwboardresthresholdexceedresume


  • x
  • convention:

Responses

Reply
You need to log in to reply to the post Login | Register

Notice:To ensure the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but not limited to politically sensitive content, content concerning pornography, gambling, drug abuse and trafficking, content that may disclose or infringe upon others' intellectual properties, including commercial secrets, trade marks, copyrights, and patents, and personal privacy. Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see“ Privacy Policy.”
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Fast reply Scroll to top