Header Only - DO NOT REMOVE - Extreme Networks

Sending flow data from a switch direct to ExtremeAnalytics (without a flowcollector engine)


Userlevel 1
Hello everybody

I would like to configure the Extreme Switches (x440-G2, with version 22.4) to sending sflow/netflow data direct to the Extreme Analytics. I heard this is now possible without having a flowcollector enginge like PV FC-180 installed. Is this true? Because I couldn't find any referenced documentation to this. Thank you very much for your feedback.

Best regards, Yves

37 replies

Userlevel 6
Hello, I have made this working in my lab using Analytics 8.1.1EA2 and it is possible,. Some manual actions are needed on XMC but after that it can work. You could run into problems due to ACL limitations on the X440G2 but it can work.
Userlevel 1
Hi Oskar, I have the same Analytics version running. Do you have a configuration example or a documentation of this? Thank you.
Userlevel 6
Ok, some file editing is needed now to make it work.
On XMC, copy sflow,pol.
cp /usr/local/Extreme_Networks/NetSight/appdata/Purview/Fingerprints/sflow.pol /tftpboot/

On Analytics, edit file /opt/appid/conf/appidconfig.xml and change interfaces to be like:
[i]

[i]



Restart analytics or appid after this.

On XMC go to analytics, configuration and on your engine add an application telemetry source (the switch) and enforce.
Userlevel 1
OscarK wrote:

Ok, some file editing is needed now to make it work.
On XMC, copy sflow,pol.
cp /usr/local/Extreme_Networks/NetSight/appdata/Purview/Fingerprints/sflow.pol /tftpboot/

On Analytics, edit file /opt/appid/conf/appidconfig.xml and change interfaces to be like:
[i]

[i]



Restart analytics or appid after this.

On XMC go to analytics, configuration and on your engine add an application telemetry source (the switch) and enforce.

Hi Oskar, it's me again. Are we talking here about sflow+ ? Because my workmate said, it has to run with sflow+ and not only with sflow.
Userlevel 6
OscarK wrote:

Ok, some file editing is needed now to make it work.
On XMC, copy sflow,pol.
cp /usr/local/Extreme_Networks/NetSight/appdata/Purview/Fingerprints/sflow.pol /tftpboot/

On Analytics, edit file /opt/appid/conf/appidconfig.xml and change interfaces to be like:
[i]

[i]



Restart analytics or appid after this.

On XMC go to analytics, configuration and on your engine add an application telemetry source (the switch) and enforce.

sflow together with a mirror config.

TestAnalytics.1 # sh sflow
SFLOW Global Configuration
Global Status: enabled
Polling interval: 60
Sampling rate: 1024
Maximum cpu sample limit: 2000
SFLOW Configured Agent IP: 10.116.3.89 Operational Agent IP: 10.116.3.89
Collectors
Collector IP 10.116.2.209, Port 6343, VR "VR-Default"

SFLOW Port Configuration
Port Status Sample-rate Subsampling Sflow-type
Config / Actual factor Ingress / Egress
1 enabled 1024 / 1024 1 enabled / disabled
2 enabled 1024 / 1024 1 enabled / disabled
TestAnalytics.2 # sh mirror

DefaultMirror (Disabled)
Description: Default Mirror Instance, created automatically
Mirror to port: -

EAN (Enabled)
Description:
Mirror to remote IP: 10.116.2.209 VR : VR-Default
From IP : 10.116.3.89 Ping check: Off
Status : Up

Mirrors defined: 2
Mirrors enabled: 1 (Maximum 4)
HW filter instances used: 0 (Maximum 128)
Userlevel 1
OscarK wrote:

Ok, some file editing is needed now to make it work.
On XMC, copy sflow,pol.
cp /usr/local/Extreme_Networks/NetSight/appdata/Purview/Fingerprints/sflow.pol /tftpboot/

On Analytics, edit file /opt/appid/conf/appidconfig.xml and change interfaces to be like:
[i]

[i]



Restart analytics or appid after this.

On XMC go to analytics, configuration and on your engine add an application telemetry source (the switch) and enforce.

Okay, I see. What is the recommendation for the flow source.
For my example: I have a 52-port switch.
Port 48 is the uplink
Do I have to take as source Port 1-47 and as destination Port 48?
Should I enabling tunneling?

Userlevel 1
I don't have a sflow.pol file.
And how/where can I add a "application telemetry source"?

What do I have to configure on the switch side?

Thank you
Userlevel 6
You add the app telemetry source under flow sources.
Maybe the sflow.pol file is only created once you do a first enforce.
On the switch I think all should be configured by Analytics.
Userlevel 1
Okay, found it, thx.
I did an enforce (without adding a telemetry source) but the file isn't there yet.

I guess I have to test it first in the lab, before I add a switch to the Analytics on customer site. Because I have no idea how business critical this is.
Userlevel 1
I tried it with "Application Telemetry Source" (I guess this is for SFlow+).
But I got the following errors when I add the source Switch.

-> if {! $OverallResult} {
2018-03-02 15:51:52,183 INFO [stdout] Script failed : configure access-list sflow.pol any ingress
2018-03-02 15:51:52,185 INFO [stdout] .
2018-03-02 15:51:52,185 INFO [stdout] Error: ACL install operation failed - filter hardware full for vlan *, port *
2018-03-02 15:51:52,185 INFO [stdout] * switchname.14 #
2018-03-02 15:51:52,188 ERROR [com.enterasys.netsight.appid.server.webapps.monitor.AppIdDwr] Error in step 2 of enabling SFlow+ source for 10.37.1.52
2018-03-02 15:51:52,192 ERROR [com.enterasys.netsight.appid.server.webapps.monitor.AppIdDwr] javax.script.ScriptException:
*** Script Error ***
Die command issued: Script failed : configure access-list sflow.pol any ingress
.
Error: ACL install operation failed - filter hardware full for vlan *, port *
* switchname.14 #

--> I've already run this command: "configure access-list vlan-acl-precedence shared" and rebooted the switch.

The configuration is a default setup.
Userlevel 1
Have the same problem on X440-G2:
Error: ACL install operation failed - filter hardware full for vlan *, port *
Userlevel 7
Bernhard Gruenwald wrote:

Have the same problem on X440-G2:
Error: ACL install operation failed - filter hardware full for vlan *, port *

this is a known CR, that will be fixed (if not already)
Userlevel 6
Try to configure the access-list width to double.
The command to do this is:

configure access-list width double
Hi Oscar,

I've also test this, but gets the same error as Yves & Bernhard. I've used 22.4.1.4-patch1-2, but we're also working with Policy enabled. So couldn't run the command:

configure access-list width double slot 1

WARNING: Configuration of double width access-list is not supported when Policy is enabled. Slots will remain in Single width mode.
Userlevel 1
Hello everybody: I got the following information: To use an ExtremeSwitching X440-G2 switch as an Application Telemetry source for ExtremeAnalytics, install firmware version 22.4.1.4-patch2-5 or higher.
Hi Yves,

Ok thanks for the information. The firmware 22.4.1.4-patch2-5 isn't yet available at the partner portal of Extreme Networks?

Kind Regards,
Kevin.
Userlevel 6
Hello Kevin, 22.4.1.4-patch2-5 is a private patch and is not publically available. You can get this patch by opening a case.
22.5 will also contain the fix once it is available (expected end of May).
Hi Oscar,

Ok thanks for the information, I will contact Extreme GTAC.

Kind Regards,
Kevin.
Userlevel 5
Hi,

Just to let you know I'm running into this same problem using firmware version:

22.5.1.7

EMC = 8.1.3.65

Error is:

An error has occurred while adding a flow source to the selected engine. See details below for more information.

javax.script.ScriptException: *** Script Error *** Die command issued: Script failed : * POC.17 # configure access-list telemetry.pol any ingress . Error: ACL install operation failed - filter hardware full for vlan *, port * * POC.18 # -> if {! $OverallResult}

Am also running policy on this X440G2 switch, so setting the double width I get the following message:

* POC.1 # configure access-list width double
WARNING: Configuration of double width access-list is not supported when Policy is enabled. Slots will remain in Single width mode.

If I disable policy I can then run the access-list width double command, but when I re-enable policy I then get the following error:

* POC.4 # enable policy
Warning: Enabling Policy will cause some Netlogin settings (such as VLANs and dynamically created VLANs) to be cleared.
ERROR: Hardware resources could not be reserved for Policy (count 0).
Note that Policy cannot be enabled when double width access-list is configured or operational.

Previously upgraded from version 22.4.1.4-patch1-2

Post mentions this being fixed in version 22.5, so not sure what I am doing wrong or how to fix / get this working?

Seen this command that could be used to adjust ACL usage, but not sure exactly the syntax to use that would help:

configure policy resource-profile default profile-modifier [no-mac|no-ipv4|no-ipv6] enable

I've tried removing no-ipv6, but no difference?

Many thanks.
Userlevel 7
Martin Flammia wrote:

Hi,

Just to let you know I'm running into this same problem using firmware version:

22.5.1.7

EMC = 8.1.3.65

Error is:

An error has occurred while adding a flow source to the selected engine. See details below for more information.

javax.script.ScriptException: *** Script Error *** Die command issued: Script failed : * POC.17 # configure access-list telemetry.pol any ingress . Error: ACL install operation failed - filter hardware full for vlan *, port * * POC.18 # -> if {! $OverallResult}

Am also running policy on this X440G2 switch, so setting the double width I get the following message:

* POC.1 # configure access-list width double
WARNING: Configuration of double width access-list is not supported when Policy is enabled. Slots will remain in Single width mode.

If I disable policy I can then run the access-list width double command, but when I re-enable policy I then get the following error:

* POC.4 # enable policy
Warning: Enabling Policy will cause some Netlogin settings (such as VLANs and dynamically created VLANs) to be cleared.
ERROR: Hardware resources could not be reserved for Policy (count 0).
Note that Policy cannot be enabled when double width access-list is configured or operational.

Previously upgraded from version 22.4.1.4-patch1-2

Post mentions this being fixed in version 22.5, so not sure what I am doing wrong or how to fix / get this working?

Seen this command that could be used to adjust ACL usage, but not sure exactly the syntax to use that would help:

configure policy resource-profile default profile-modifier [no-mac|no-ipv4|no-ipv6] enable

I've tried removing no-ipv6, but no difference?

Many thanks.

Hi,
can you show the output of "show sflow hardware-utilization"?
Userlevel 5
Martin Flammia wrote:

Hi,

Just to let you know I'm running into this same problem using firmware version:

22.5.1.7

EMC = 8.1.3.65

Error is:

An error has occurred while adding a flow source to the selected engine. See details below for more information.

javax.script.ScriptException: *** Script Error *** Die command issued: Script failed : * POC.17 # configure access-list telemetry.pol any ingress . Error: ACL install operation failed - filter hardware full for vlan *, port * * POC.18 # -> if {! $OverallResult}

Am also running policy on this X440G2 switch, so setting the double width I get the following message:

* POC.1 # configure access-list width double
WARNING: Configuration of double width access-list is not supported when Policy is enabled. Slots will remain in Single width mode.

If I disable policy I can then run the access-list width double command, but when I re-enable policy I then get the following error:

* POC.4 # enable policy
Warning: Enabling Policy will cause some Netlogin settings (such as VLANs and dynamically created VLANs) to be cleared.
ERROR: Hardware resources could not be reserved for Policy (count 0).
Note that Policy cannot be enabled when double width access-list is configured or operational.

Previously upgraded from version 22.4.1.4-patch1-2

Post mentions this being fixed in version 22.5, so not sure what I am doing wrong or how to fix / get this working?

Seen this command that could be used to adjust ACL usage, but not sure exactly the syntax to use that would help:

configure policy resource-profile default profile-modifier [no-mac|no-ipv4|no-ipv6] enable

I've tried removing no-ipv6, but no difference?

Many thanks.

Hi Stephane,

See output below:

POC.4 # show sflow hardware-utilization
sFlow Hardware Table Utilization Statistics
Resource Type Current Maximum % Util.
-------------------- ------- ------- -------
MAC Entries 11 16383 0
Host Entries 0 4096 0
IPv4 Entries 0 4096 0
IPv6 Entries 0 2048 0
Long IPv6 Entries 0 2048 0
Total Routes 16 512 3
IPv4 Neighbors 5 N/A N/A
IPv6 Neighbors 0 N/A N/A
IPv4 Routes 16 N/A N/A
IPv6 Routes 0 N/A N/A
ECMP Next Hops 0 N/A N/A
ACL Ingress Entries 86 2048 4
ACL Ingress Counters 34 1024 3
ACL Ingress Meters 0 2048 0
ACL Ingress Slices 7 8 87
ACL Egress Entries 0 512 0
ACL Egress Counters 0 512 0
ACL Egress Meters 0 512 0
ACL Egress Slices 0 4 0

Thanks
Userlevel 7
Martin Flammia wrote:

Hi,

Just to let you know I'm running into this same problem using firmware version:

22.5.1.7

EMC = 8.1.3.65

Error is:

An error has occurred while adding a flow source to the selected engine. See details below for more information.

javax.script.ScriptException: *** Script Error *** Die command issued: Script failed : * POC.17 # configure access-list telemetry.pol any ingress . Error: ACL install operation failed - filter hardware full for vlan *, port * * POC.18 # -> if {! $OverallResult}

Am also running policy on this X440G2 switch, so setting the double width I get the following message:

* POC.1 # configure access-list width double
WARNING: Configuration of double width access-list is not supported when Policy is enabled. Slots will remain in Single width mode.

If I disable policy I can then run the access-list width double command, but when I re-enable policy I then get the following error:

* POC.4 # enable policy
Warning: Enabling Policy will cause some Netlogin settings (such as VLANs and dynamically created VLANs) to be cleared.
ERROR: Hardware resources could not be reserved for Policy (count 0).
Note that Policy cannot be enabled when double width access-list is configured or operational.

Previously upgraded from version 22.4.1.4-patch1-2

Post mentions this being fixed in version 22.5, so not sure what I am doing wrong or how to fix / get this working?

Seen this command that could be used to adjust ACL usage, but not sure exactly the syntax to use that would help:

configure policy resource-profile default profile-modifier [no-mac|no-ipv4|no-ipv6] enable

I've tried removing no-ipv6, but no difference?

Many thanks.

you use 87% of the ACL Ingress Slices, so you may be using too much resources. You could see more info with that command:

sh access-list usage acl-slice port 1:1
Userlevel 5
Martin Flammia wrote:

Hi,

Just to let you know I'm running into this same problem using firmware version:

22.5.1.7

EMC = 8.1.3.65

Error is:

An error has occurred while adding a flow source to the selected engine. See details below for more information.

javax.script.ScriptException: *** Script Error *** Die command issued: Script failed : * POC.17 # configure access-list telemetry.pol any ingress . Error: ACL install operation failed - filter hardware full for vlan *, port * * POC.18 # -> if {! $OverallResult}

Am also running policy on this X440G2 switch, so setting the double width I get the following message:

* POC.1 # configure access-list width double
WARNING: Configuration of double width access-list is not supported when Policy is enabled. Slots will remain in Single width mode.

If I disable policy I can then run the access-list width double command, but when I re-enable policy I then get the following error:

* POC.4 # enable policy
Warning: Enabling Policy will cause some Netlogin settings (such as VLANs and dynamically created VLANs) to be cleared.
ERROR: Hardware resources could not be reserved for Policy (count 0).
Note that Policy cannot be enabled when double width access-list is configured or operational.

Previously upgraded from version 22.4.1.4-patch1-2

Post mentions this being fixed in version 22.5, so not sure what I am doing wrong or how to fix / get this working?

Seen this command that could be used to adjust ACL usage, but not sure exactly the syntax to use that would help:

configure policy resource-profile default profile-modifier [no-mac|no-ipv4|no-ipv6] enable

I've tried removing no-ipv6, but no difference?

Many thanks.

Hi Stephane,

Thanks for posting back. I've currently disabled policy and re-run the Telemetry configuration via EMC, just to see it would take, which it did.

Problem is I can't enable Policy again because its out of resource. So least I know it works with one or the other but never both.

Here is were it stands at the moment with sflow telemetry enabled and policy disabled:

POC.2 # sh access-list usage acl-slice port 1
Ports 1-24, 51, 52
Stage: INGRESS
Slices: Used: 4 Available: 4
Virtual Slice * (physical slice 0) Rules: Used: 0 Available: 256
Virtual Slice * (physical slice 1) Rules: Used: 0 Available: 256
Virtual Slice * (physical slice 2) Rules: Used: 0 Available: 256
Virtual Slice * (physical slice 3) Rules: Used: 0 Available: 256
Virtual Slice 4 (physical slice 4) Rules: Used: 12 Available: 244 system
Virtual Slice 5 (physical slice 5) Rules: Used: 2 Available: 254 system
Virtual Slice 6 (physical slice 6) Rules: Used: 123 Available: 133 user/other
Virtual Slice 7 (physical slice 7) Rules: Used: 71 Available: 185 user/other
Stage: EGRESS
Slices: Used: 1 Available: 3
Virtual Slice * (physical slice 0) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 1) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 2) Rules: Used: 0 Available: 128
Virtual Slice 3 (physical slice 3) Rules: Used: 1 Available: 127 user/other
Stage: LOOKUP
Slices: Used: 0 Available: 4
Virtual Slice * (physical slice 0) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 1) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 2) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 3) Rules: Used: 0 Available: 128
Stage: EXTERNAL
Virtual Slice : (*) Physical slice not allocated to any virtual slice.

If I disable the ACL's for telemetry (show config acl)

configure meter ingmeter2 committed-rate 1024 Kbps out-actions drop ports "Default (IRL.1)"
configure meter ingmeter3 committed-rate 2048 Kbps out-actions drop ports "Default (IRL.1)"
configure access-list telemetry any ingress
configure access-list telemetryegress any egress

i.e

unconfigure access-list telemetry
unconfigure access-list telemetryegress

and re-enable policy the ACL slices look like the following:

POC.7 # sh access-list usage acl-slice port 1
Ports 1-24, 51, 52
Stage: INGRESS
Reserved slices:
Type Used Available
Policy P/D 0 2
Policy CoS 0 2
Slices: Used: 7 Available: 1
Virtual Slice * (physical slice 0) Rules: Used: 0 Available: 256
Virtual Slice * (physical slice 1) Rules: Used: 0 Available: 256 Policy CoS reserved
Virtual Slice * (physical slice 2) Rules: Used: 0 Available: 256 Policy CoS reserved
Virtual Slice * (physical slice 3) Rules: Used: 0 Available: 256 Policy P/D reserved
Virtual Slice * (physical slice 6) Rules: Used: 0 Available: 256 Policy P/D reserved
Virtual Slice 5 (physical slice 4) Rules: Used: 12 Available: 244 system
Virtual Slice 6 (physical slice 5) Rules: Used: 2 Available: 254 system
Virtual Slice 7 (physical slice 7) Rules: Used: 64 Available: 192 user/other
Stage: EGRESS
Slices: Used: 0 Available: 4
Virtual Slice * (physical slice 0) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 1) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 2) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 3) Rules: Used: 0 Available: 128
Stage: LOOKUP
Reserved slices:
Type Used Available
Policy Profile 0 4
Slices: Used: 4 Available: 0
Virtual Slice * (physical slice 0) Rules: Used: 0 Available: 128 Policy Profile reserved
Virtual Slice * (physical slice 1) Rules: Used: 0 Available: 128 Policy Profile reserved
Virtual Slice * (physical slice 2) Rules: Used: 0 Available: 128 Policy Profile reserved
Virtual Slice * (physical slice 3) Rules: Used: 0 Available: 128 Policy Profile reserved
Stage: EXTERNAL
Virtual Slice : (*) Physical slice not allocated to any virtual slice.

With both policy and telemetry disabled:

* POC.9 # sh access-list usage acl-slice port 1
Ports 1-24, 51, 52
Stage: INGRESS
Slices: Used: 3 Available: 5
Virtual Slice * (physical slice 0) Rules: Used: 0 Available: 256
Virtual Slice * (physical slice 1) Rules: Used: 0 Available: 256
Virtual Slice * (physical slice 2) Rules: Used: 0 Available: 256
Virtual Slice * (physical slice 3) Rules: Used: 0 Available: 256
Virtual Slice * (physical slice 6) Rules: Used: 0 Available: 256
Virtual Slice 5 (physical slice 4) Rules: Used: 12 Available: 244 system
Virtual Slice 6 (physical slice 5) Rules: Used: 2 Available: 254 system
Virtual Slice 7 (physical slice 7) Rules: Used: 64 Available: 192 user/other
Stage: EGRESS
Slices: Used: 0 Available: 4
Virtual Slice * (physical slice 0) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 1) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 2) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 3) Rules: Used: 0 Available: 128
Stage: LOOKUP
Slices: Used: 0 Available: 4
Virtual Slice * (physical slice 0) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 1) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 2) Rules: Used: 0 Available: 128
Virtual Slice * (physical slice 3) Rules: Used: 0 Available: 128
Stage: EXTERNAL
Virtual Slice : (*) Physical slice not allocated to any virtual slice.

Is there anyway to see what's using those 3 slices when both policy and telemetry are disabled, maybe those meters?
Userlevel 7
Martin Flammia wrote:

Hi,

Just to let you know I'm running into this same problem using firmware version:

22.5.1.7

EMC = 8.1.3.65

Error is:

An error has occurred while adding a flow source to the selected engine. See details below for more information.

javax.script.ScriptException: *** Script Error *** Die command issued: Script failed : * POC.17 # configure access-list telemetry.pol any ingress . Error: ACL install operation failed - filter hardware full for vlan *, port * * POC.18 # -> if {! $OverallResult}

Am also running policy on this X440G2 switch, so setting the double width I get the following message:

* POC.1 # configure access-list width double
WARNING: Configuration of double width access-list is not supported when Policy is enabled. Slots will remain in Single width mode.

If I disable policy I can then run the access-list width double command, but when I re-enable policy I then get the following error:

* POC.4 # enable policy
Warning: Enabling Policy will cause some Netlogin settings (such as VLANs and dynamically created VLANs) to be cleared.
ERROR: Hardware resources could not be reserved for Policy (count 0).
Note that Policy cannot be enabled when double width access-list is configured or operational.

Previously upgraded from version 22.4.1.4-patch1-2

Post mentions this being fixed in version 22.5, so not sure what I am doing wrong or how to fix / get this working?

Seen this command that could be used to adjust ACL usage, but not sure exactly the syntax to use that would help:

configure policy resource-profile default profile-modifier [no-mac|no-ipv4|no-ipv6] enable

I've tried removing no-ipv6, but no difference?

Many thanks.

for testing purposes, I'd try to disable the meters, and try to use a light Policy with Telemetry. If possible, can you make sure for your Policy TCI Overwrite is disabled as well as CoS (if not needed, of course)?
Userlevel 5
Martin Flammia wrote:

Hi,

Just to let you know I'm running into this same problem using firmware version:

22.5.1.7

EMC = 8.1.3.65

Error is:

An error has occurred while adding a flow source to the selected engine. See details below for more information.

javax.script.ScriptException: *** Script Error *** Die command issued: Script failed : * POC.17 # configure access-list telemetry.pol any ingress . Error: ACL install operation failed - filter hardware full for vlan *, port * * POC.18 # -> if {! $OverallResult}

Am also running policy on this X440G2 switch, so setting the double width I get the following message:

* POC.1 # configure access-list width double
WARNING: Configuration of double width access-list is not supported when Policy is enabled. Slots will remain in Single width mode.

If I disable policy I can then run the access-list width double command, but when I re-enable policy I then get the following error:

* POC.4 # enable policy
Warning: Enabling Policy will cause some Netlogin settings (such as VLANs and dynamically created VLANs) to be cleared.
ERROR: Hardware resources could not be reserved for Policy (count 0).
Note that Policy cannot be enabled when double width access-list is configured or operational.

Previously upgraded from version 22.4.1.4-patch1-2

Post mentions this being fixed in version 22.5, so not sure what I am doing wrong or how to fix / get this working?

Seen this command that could be used to adjust ACL usage, but not sure exactly the syntax to use that would help:

configure policy resource-profile default profile-modifier [no-mac|no-ipv4|no-ipv6] enable

I've tried removing no-ipv6, but no difference?

Many thanks.

There are no TCi Overwrites configured and removed all the CoS settings, as can been seen in the screenshot below for one example I set the CoS to 'none'



But even after an enforce the cos value stays persistent in the policy configuration on the switch?



So manually removed this but still no difference to amount of ACL slices used.

Reply