We try to transfer an ACL from a DFE module (with Advanced Licence) to an 7100 (about 300 entries). We can only enter 180 lines, then we're done.
TOR(rw-cfg-ext-acl-160)->permit tcp host 192.168.60.254 any eq 2222
Apply access-group failed: Insufficient resources to apply access-group
TOR(rw-cfg-ext-acl-160)-><165>Feb 15 03:01:46 0.0.0.0 RtrAcl[1]
Rules Exhausted for IpV4 Egress Acls, interfaces applied 1 Need 2 rules but have only 1, cannot apply
--------------------------------------------------------------------------------------------------------
The "show limits" command displays:
Chassis limits:Application Limit In use Entry size Total Memory
-------------------------------- --------- --------- ------------ ------------
access-lists 256 9 125K 31.3M
access-list-entries 1000 180 160B 156.4K
access-list-entries-per-list 1000 - - -
applied-access-lists 1552 8 110B 165.5K
applied-ipv4-in 256 0 - -
applied-ipv4-out 256 8 - -
applied-ipv6-in 256 0 - -
applied-ipv6-out 256 0 - -
applied-l2-in 256 0 - -
applied-l2-out 256 0 - -
--------------------------------------------------------------------------------------------------------
The "show limits resource-profile -verbose" command displays:
Resource Profile: configured (default), operational (default)
Resource Profile: default
Authenticated Users = 512
MAC Rules = 128
IPV6 Rules = 127
IPV4 Rules = 249
L2 Rules = 175
IPV6 Ingress ACL = 0
IPV6 PBR = 0
IPV4 Ingress ACL = 0
IPV4 PBR = 0
L2 Ingress ACL = 0
IPV6 Egress ACL = 256
IPV4 Egress ACL = 256
L2 Egress ACL = 0
--------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------------
How can we solve the problem (more accepted entries in the ACL)?