DELL N3000 User Manual
Configuring Access Control Lists
589
Please note the following additional limitations on ingress and egress ACLs:
• You can configure mirror or redirect attributes for a given ACL rule, but
not both.
• The Dell Networking series switches support a limited number of counter
resources, so it may not be possible to log every ACL rule. You can define
an ACL with any number of logging rules, but the number of rules that are
actually logged cannot be determined until the ACL is applied to an
interface. Furthermore, hardware counters that become available after an
ACL is applied are not retroactively assigned to rules that were unable to
be logged (the ACL must be disassociated from the interface and then re-
associated). Rules that are unable to be logged are still active in the ACL
for purposes of permitting or denying a matching packet. If console logging
is enabled and the severity is set to a numerically lower severity than the
console severity setting, a log entry may appear on the screen.
Table 20-1. ACL Software Limits
Limitation
N2000
N3000
N4000
Maximum Number of ACLs (any
type)
100
100
100
Maximum Number Configurable
Rules per List
1023
1023
1023
Maximum ACL Rules per Interface
and Direction (IPv4/L2)
1024 ing/
512 egr
3072 ing/
1024 egr
2047 ing/
1023 egr
Maximum ACL Rules per Interface
and Direction (IPv6)
512 ing/
256 egr
1021 ing/
512 egr
1021 ing/
512 egr
Maximum ACL Rules (system-
wide)
2048
4096
3072
Maximum VLAN interfaces with
ACLs applied
24
24
24
Maximum ACL Logging Rules
(system-wide)
128
128
128