Restrictions for Implementing Access Lists and Prefix Lists
The following restrictions apply to implementing access lists and prefix lists:
-
Layer 2/Layer 3 ACLs are not supported on Layer 2 interfaces.
-
Object group ACLs are not supported.
-
IPv4 ACLs are not supported for loopback and interflex interfaces.
-
IPv6 ACLs are not supported for loopback, interflex and L2 Ethernet Flow Point (EFP) main or subinterfaces.
-
IPv6 ACL configuration on bundle interfaces (Ethernet LAG bundles only) is not supported.
-
If the TCAM utilization is high and large ACLs are modified, then an error may occur. During such instances, do the following to edit an ACL:
Note
-
Remove the ACL from the interface.
-
Reconfigure the ACL.
-
Reapply the ACL to the interface.
Use the show prm server tcam summary all acl all location and show pfilter-ea fea summary location commands to view the TCAM utilization.
-
-
Filtering of MPLS packets through common ACL and interface ACL is not supported.
-
Video Monitoring is not supported through ACLs on IPv6 interfaces.
-
You can configure an ACL name with a maximum of 64 characters.
-
You can configure an ACL name to comprise of only letters and numbers.