I have unique requirements for access-list on the Meraki switches. Anyone here used the access-list extensively? Please reply.
Solved! Go to solution.
ACL's on all switches are stateless.
Switches usually work in a totally stateless way.
However the functionality I find seriously lacking in the MS line is the ability to use separate ACL's per interface and the very small TCAM space you can use.
Even the lower end Catalyst switch has 1500 ACE's + 1000 QoS entries.
So even when using an access list based of a radius session (Filter-ID) in MS switches you are severely limited in ACE's with L4 information and you even have to share it with QoS rules.
That's why I'm hoping they will change their stance when MS390's or Catalyst switches are in Meraki persona.
I didn't understand your question. If you want to know if the ACLs on MS works well the answer is yes.
https://documentation.meraki.com/MS/Layer_3_Switching/Configuring_ACLs
Yes we are using let us know your question?
One of the big limitations is they can have a maximum of 127 entries. Another is that they are stateless.
ACL's on all switches are stateless.
Switches usually work in a totally stateless way.
However the functionality I find seriously lacking in the MS line is the ability to use separate ACL's per interface and the very small TCAM space you can use.
Even the lower end Catalyst switch has 1500 ACE's + 1000 QoS entries.
So even when using an access list based of a radius session (Filter-ID) in MS switches you are severely limited in ACE's with L4 information and you even have to share it with QoS rules.
That's why I'm hoping they will change their stance when MS390's or Catalyst switches are in Meraki persona.
Thanks for your answer and explanation.
Thanks for the number. Sometimes, I have requirement for more than 127.
Thanks for the number. Sometimes, I have requirement for more than 127.