This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Limit TCAM ACL ICX 7850

fabios
New Contributor

‎06-13-2025 01:48 PM

I am getting the following error 'Error:ACL filter add failed! (Insufficient Space in TCAM to accomodate this ACL. ' Would it be possible to increase this ACL filter TCAM space?

0 Kudos
3 REPLIES 3

kayal
New Contributor III

‎06-17-2025 08:16 PM - edited ‎06-17-2025 08:18 PM

Hi Fabios,

Thank you for bringing this up.

You're seeing the error:
“Error: ACL filter add failed! (Insufficient Space in TCAM to accommodate this ACL)”,
which typically indicates that the switch’s TCAM used to store ACLs and other hardware-accelerated features — has reached its current configured or physical limit.

  1. Check and Adjust TCAM Allocation (if applicable)

Some ICX models allow reallocation of TCAM resources using the system-max command.

To check the current and maximum values:

#show default values

If the current value of ip-filter-sys is below the max, you can increase it:

#configure terminal
#system-max ip-filter-sys <new_value>

Note: This change requires a switch reboot to take effect.

Refer to the following documentation for detailed guidance:

TCAM Space Configuration:

Allocating TCAM Space:

Hardware Scale for each unit:

  1. Optimize Existing ACL Usage

If increasing ip-filter-sys isn’t an option, or if you've already reached the platform's hardware limit, try:

    • Consolidating or removing unused ACL entries.
    • Preferring VLAN-based ACLs over interface-based ones.
    • Avoiding duplication of ACLs across many interfaces.

Let us know your switch model and ACL use case if you'd like more specific suggestions.

Note: Please feel free to mark the post as ACCEPTED SOLUTIONS if its addressed your query.

Regards,

Kayalvizhi Kannadasan

 

0 Kudos

fabios
New Contributor
In response to kayal

‎06-18-2025 05:43 AM

Thanks for the feedback. I intend to increase the maximum capacity of L2 Ingress TCAM rules per PP device, is it possible?

0 Kudos

kayal
New Contributor III
In response to fabios

‎06-23-2025 05:57 PM

Hi Fabios,

Good question!

On ICX switches, you can’t manually increase TCAM rules PP device. TCAM allocation is done globally using the system-max command, and the switch internally manages how it's distributed across all PPs.

If your switch model supports it, you can increase the global limit but only up to the maximum allowed by hardware. This requires a reboot to take effect.

Regards,

Kayal

0 Kudos
Copyright © 2025 Khoros, LLC