NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

luizluca's avatar
luizluca
Aspirant
May 11, 2018

Error while adding a new ACL rule

Hello,   While trying to attach an IPv6 ACL with 54 identical rules to a VLAN, I got this error:   (switchcore) (Config)#ipv6 traffic-filter acl-with-54-rules vlan 700 out 101 ...
Firmware
Hardware
Troubleshooting
DaneA's avatar
DaneA
NETGEAR Employee Retired
May 17, 2018

Hi luizluca,

 

To isolate the problem, kindly post the ACL configuration.

 

 

Regards,


DaneA

NETGEAR Community Team

  • luizluca's avatar
    luizluca
    Aspirant
    May 17, 2018

    Hi DaneA

     

    It seems that the switch cannot deal with more than 253 IPv6 vlan out rules globally, at least with firmware 11.0.0.31.

     

     

    (switchcore) (Config)#no ipv6 access-list test123-out
(switchcore) (Config)# ipv6 access-list test123-out 
(switchcore) (Config-ipv6-acl)#exit
(switchcore) (Config)#ipv6 traffic-filter test123-out vlan 700 out
(switchcore) (Config)#ipv6 access-list test123-out
(switchcore) (Config-ipv6-acl)#permit ipv6 host 2001:efef:efef:efef:efef:efef:efef:1 any
(switchcore) (Config-ipv6-acl)#permit ipv6 host 2001:efef:efef:efef:efef:efef:efef:2 any
...
(switchcore) (Config-ipv6-acl)#permit ipv6 host 2001:efef:efef:efef:efef:efef:efef:253 any
(switchcore) (Config-ipv6-acl)#permit ipv6 host 2001:efef:efef:efef:efef:efef:efef:254 any

Error! processing ACL.

    After that point I cannot use any new IPv6 or IPv4 vlan out rule (no problem with in rules).

     

    It is way bellow what specs advertises.

     

     

    I openend a suppor case #30125899 about it.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More