Meraki

Community

ACL Limitations on MS425

jwshoemaker
Comes here often
‎Oct 21 2017 10:07 AM
‎Oct 21 2017 10:07 AM

ACL Limitations on MS425

I am curious if anyone has encountered the 128 ACL entry limit on the MS425.  I was installing a 425 Stack in a Datacenter, replacing a Cisco 3750 stack.   The MS425 stack was sold as a good, cost effective alternative.  When we began to add the ACLs for the 40 VLANS we have, we hit a limit of 128 ACL entries.  We have over 500 entries that need to be entered.  We have been working on consolidation, but this will only help a little.


Has anyone encountered this, or are we unique?  My employer has presence in several datacenters, and this limitation  is affecting our replacement plan.

 

Thanks,

Jim

0 Kudos
5 Replies 5
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Oct 21 2017 12:27 PM
‎Oct 21 2017 12:27 PM

Wow I haven't run into that one.  Considering the biggest MS425 has 32 ports, and you can stack them 8 high, you could end up with 256 ports.

 

It seems crazy you can have more ports than ACL rules.

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Oct 21 2017 12:28 PM
‎Oct 21 2017 12:28 PM

I would check with support and see if this is a "hard" limit, or a limit they can increase "behind the scenes".

0 Kudos
MerakiDave
Meraki Employee
Meraki Employee
‎Oct 21 2017 2:53 PM
‎Oct 21 2017 2:53 PM

Agree with @PhilipDAth to double check this with Support and ask them to confirm with Engineering, I believe the MS350 and MS400 platforms typically scale to 96k MAC entries and 4096 ACL entries.  I think an ACL limit of 128 entries is on the lower end MS120 models.  Perhaps >128 ACLs is a feature gate they need to enable when required, which may also give them the opportunity to catalog such use cases.  Also agree that I've only seen corner cases where 500+ ACL entries are required, usually it's either it's a genuine corner case or perhaps there's a more optimal design.  Dashboard makes it fairly simple to manage ACLs but 500+ is cumbersome no matter what 🙂  Share your use case with your Meraki (or Meraki Partner) sales team as well.

0 Kudos
In response to MerakiDave
jwshoemaker
Comes here often
‎Oct 23 2017 10:58 AM
‎Oct 23 2017 10:58 AM

Thanks guys for the responses... Support has told me that 128 is a hard limit, but that they have sent it to the Developers to look at. If i am able to give them time, they may be able to help.
0 Kudos
In response to jwshoemaker
RobertoBonilla
Just browsing
‎Sep 26 2019 12:55 AM
‎Sep 26 2019 12:55 AM

Hello,

 

I'm having the same problem. I can't add more than 128 ACLs, that's a big problem. 

 

I'm trying to find a solution with meraki support but for the moment is not an option. Someone have been add more ACLs?

This is a big issue on MS425 and a big limitation that I don't understand. There is no information about it on datasheet.

 

Someone have find a solution?

 

Thanks in advance, regards.

 

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.