TCAM utilization on Nexus 9396

Tim Stevenson (tstevens) tstevens at cisco.com
Wed Mar 20 14:07:31 EDT 2019 

Yes, ACL lines consume space in the TCAM. TCAM can be recarved according to the features in use/required. 

As long as the policy fits in the available TCAM space for that feature (software will complain and fail your config if it won't), enforcement is at full rate, no performance penalty for that.

Tim

-----Original Message-----
From: Satish Patel <satish.txt at gmail.com> 
Sent: Wednesday, March 20, 2019 10:46 AM
To: Cisco Network Service Providers <cisco-nsp at puck.nether.net>; Nick Cutting <ncutting at edgetg.com>; Tim Stevenson (tstevens) <tstevens at cisco.com>
Subject: TCAM utilization on Nexus 9396

Folks and ( Tim/Nick )

I have Cisco Nexus 9396 L3 switch and running bunch of ACL ( IPv4
Access-list to block certain traffic )  today i was reading about TCAM
and when i look at switch i found following utilization, so trying to
understand how ACL relationship with TCAM.

- Does number of ACL impact TCAM utilization or traffic ?


# show hardware access-list resource utilization

slot  1
=======



INSTANCE 0x0
-------------


         ACL Hardware Resource Utilization (Mod 1)
         ----------------------------------------------------------
                                        Used    Free    Percent
                                                        Utilization
-------------------------------------------------------------------
Ingress IPv4 PACL                       3       509     0.59
Ingress IPv4 Port QoS                   4       252     1.56
Ingress IPv4 VACL                       2       510     0.39
Ingress IPv4 RACL                       226     286     44.14
Egress IPv4 VACL                        3       509     0.59
Egress IPv4 RACL                        3       253     1.17
SUP COPP                                205     51      80.08
SUP COPP Reason Code TCAM               6       122     4.69
Redirect                                2       510     0.39
SPAN                                    21      235     8.20
VPC Convergence                         1       255     0.39

LOU                                     2       22      8.33
Both LOU Operands                       2
Single LOU Operands                     0
LOU L4 src port:                        1
LOU L4 dst port:                        1
LOU L3 packet len:                      0
LOU IP tos:                             0
LOU IP dscp:                            0
LOU ip precedence:                      0
LOU ip TTL:                             0
TCP Flags                               0       16      0.00

Protocol CAM                            2       244     0.81
Mac Etype/Proto CAM                     0       14      0.00

L4 op labels, Tcam 0                    0       1023    0.00
L4 op labels, Tcam 2                    1       62      1.58
L4 op labels, Tcam 6                    0       2047    0.00

Ingress Dest info table                 0       512     0.00

Egress Dest info table 0 512 0.00

More information about the cisco-nsp mailing list