Contents
Overview
This guide contains the maximum verified scalability limits for ACI parameters for the Cisco APIC Release 1.2(1i) and Cisco Nexus 9000 Series ACI-Mode Switches, Release 11.2(1i). These values are based on a profile where each feature was scaled to the numbers specified in the tables. These numbers do not represent the theoretically possible ACI fabric scale.
General Scalability Limits
- L2 Fabric: There is no routing, L3 context, nor contract enabled in the L2 fabric profile. A tenant in this profile does not need to be mapped to one dedicated ACI tenant. A tenant can be represented by a set of EPGs instead. To improve the load sharing among APIC controller nodes, you must distribute EPGs and BDs across an ACI tenant.
- L3 Fabric: The ACI L3 fabric solution provides a feature-rich highly scalable solution for public cloud and large enterprise. With this design, almost all supported features are deployed at the same time and are tested as a solution. The scalability numbers listed in this section are multi-dimensional scalability numbers. The fabric scalability numbers represent the overall number of objects created on the fabric. The per-leaf scale numbers are the objects created and presented on an individual leaf switch. The fabric level scalability numbers represent APIC cluster scalability and the tested upper limits. Some of the per-leaf scalability numbers are subject to hardware restrictions. The per-leaf scalability numbers are the maximum limits tested and supported by leaf switch hardware. This does not necessarily mean that every leaf switch in the fabric was tested with maximum scale numbers.
Feature
L2 Fabric
L3 Fabric
Large L3 Fabric
Number of APIC controllers
3
3
5
Number of leafs
80
80
200
Number of spines
6
6
6
Number of FEXs
N/A
12 per leaf, 120 per fabric
N/A
Number of tenants
N/A
1,000
3,000
Number of Layer 3 (L3) contexts
N/A
1,000
3,000
Number of contracts/filters
N/A
Number of endpoint groups (EPGs)
21,000 (500 maximum per tenant)
15,000 (500 maximum per tenant)
15,000 (500 maximum per tenant)
Number of endpoints (EPs)
180,000
180,000
180,000
Number of bridge domains (BDs)
21,000
15,000
15,000
Number of ports, VLANs
per leaf 48 X 3,500 = 168,000
64,000
64,000
Number of IP longest prefix matches (IP LPMs) (for external connection)
Note This limit exists across all protocols/transit scenarios N/A
Number of BGP + number of OSPF sessions + EIGRP (for external connection)
N/A
1,200
1,200
Number of Multicast groups
N/A
8,000
8,000
Number of vCenters
N/A
10
10
Number of Service Chains
N/A
1,000
1,000
Number of L4 - L7 devices
N/A
30 physical, 1,200 virtual (1,200 maximum per fabric)
30 physical, 1,200 virtual (1,500 maximum per fabric)
Number of ESX hosts - VDS
N/A
3,200
3,200
Number of ESX hosts - AVS
N/A
3,200 (Only 1 AVS instance per host)
3,200 (Only 1 AVS instance per host)
Number of VMs
N/A
Depends upon server scale
Depends upon server scale
CLI Scalability Limits
Configurable Option
Scale
Number of tenants
500
Number of Layer 3 (L3) contexts
300
Number of endpoint groups (EPGs)
3,500
Number of endpoints (EPs)
20,000
Number of bridge domains (BDs)
3,500
Number of BGP + number of OSPF sessions + EIGRP (for external connection)
300
Maximum number of vPCs
48
Maximum number of PCs, access ports
48
Maximum number of encaps per access port
1,750
Number of multicast groups
8,000
Maximum number of vzAny provided contracts
16
Maximum number of vzAny consumed contracts
16
Maximum amount of encaps per endpoint group
2 static, 1 dynamic
Security TCAM size
4,000
Number of VRFs
500
Separate-Config-Set
Tenants
100
Endpoint groups
1,000
Bridge domains
500
VRFs
100
SPAN destinations
3
NTP servers
2
Contracts
100
DNS servers
2
Syslog servers
1
Fabric Topology, SPAN, Tenants, Contexts, External EPGs, Bridge Domains, Endpoints, and Contracts Scalability Limits
Configurable Options
Per Leaf Scale
Per Fabric Scale
Fabric Topology
Maximum number of vPCs
320 (hif vPC with FEX)
(Number of leafs /2) X 48
Maximum number of encaps per vPC
1,750 (ports X encap < 64,000)
If the BD is in classic mode, 48 X 3,500 = 168,000 port-VLAN combination is supported in the L2 Fabric mode.
Note With EPG deployed on FEX: port-VLAN combination is restricted to 10,000.
N/A
Maximum number of Member Links per vPC
8
N/A
Maximum number of PCs
48
(Number of leafs) X 48
Maximum number of encaps per PC
1,750 (ports X encap < 64,000)
N/A
Maximum number of Member Links per PC
8
N/A
Maximum number of PCs, access ports
48
(Number of leafs) X 48
Maximum number of encaps per access port
1,750 (ports X encap < 64,000)
N/A
STP
All VLANs
N/A
Maximum number of endpoints (EPs)
180,000
Number of Multicast Groups
8,000
8,000
Number of IPs per MAC
256
256
SPAN
8 fabric sessions per fabric
Number of ports per SPAN session
N/A
Number of source EPG/BDs per SPAN session
280
N/A
Common pervasive gateway
256 virtual IPs per Bridge Domain
N/A
Tenants
Number of Contexts per tenant
8
8
Number of application profiles per tenant (or per Context)
N/A
N/A
Contexts (All numbers applicable to dual stack unless explicitly called out)
Maximum number of Context
200
N/A
Maximum number of BDs per Context
256
N/A
Border Leafs per Context
N/A
4
Maximum number of LPM Prefixes for External EPG Classification
1,000 IPv4
N/A
Maximum number of vzAny Provided Contracts
16 per Ctx
N/A
Maximum number of vzAny Consumed Contracts
16 per Ctx
N/A
Maximum number of L3Outs
400
400
L3 Out per context
--
400
Maximum number of Routed, Routed Sub-interface, or SVIs per L3Out
Maximum number of Dynamic Routing protocol peers for BGP
300
N/A
Maximum number of Dynamic Routing protocol peers for OSPF
100
N/A
Maximum number of Dynamic Routing protocol peers for EIGRP
16
N/A
Maximum number of Static Routes
Maximum number of External Routes
Maximum number of Secondary (VIP) addresses per L3 out
1
1
Maximum number of L3 interfaces per Context (SVIs and sub-interfaces)
Shared L3 out
External EPGs
Number of External EPGs per L3 out
16
N/A
Bridge Domain
Maximum amount of BDs
1,750 ; if legacy mode, 3,500 ;
if Multicast optimized mode then 50
15,000
Maximum number of subnets per BD
16 (cannot be for all BDs)
16 per BD
Maximum number of EPGs per BD
3,499 (cannot exceed 3,500 total)
3499 is supported in hardware but please refer to the per fabric scale for the effective software support for this release.
N/A
Number of L2 Outs per BD
1
1
Number of BDs with Custom MAC Address
1,750 ; if legacy mode, 3500 ;
If Multicast optimized mode is used, then 50
1,750 ; if legacy mode, 3,500 ;
If Multicast optimized mode is used, then 50
Number of Multicast groups
8,000
8,000
Maximum number of L3Outs per BD
4
N/A
Number of DHCP relay labels per BD
2
2
DHCP relay for secondary subnets in a BD
No
No
Number of external EPGs per L2 out
1
1
Endpoint Groups (Under App Profiles)
Maximum amount of EPGs
Normally 1,750 ; if legacy mode 3,500
15,000
Maximum amount of encaps per EPG
1 Static leaf binding, plus 1 Dynamic VMM
N/A
Maximum Path encap binding per EPG
Equals to number of ports on the leaf
N/A
Maximum amount of encaps per EPG per port
One (path or leaf binding)
N/A
Maximum number of domains (physical, L2, L3 or VMM)
2 (1 static (L2, L3, physical), 1 dynamic)
N/A
Maximum amount of native encaps
Applicable to each leaf independently
Maximum amount of 802.1p encaps
Applicable to each leaf independently
Can encap be tagged and untagged?
No
N/A
Maximum number of Static endpoints per EPG
Maximum endpoints
N/A
Maximum number of Subnets for Inter-context access per tenant
8
N/A
Maximum number of Taboo Contracts per EPG
2
N/A
IP-based EPG
4,000
N/A
Contracts
Security TCAM size
Note For TOR to ALE mapping, see the reference table below. N/A
Approximate TCAM calculator given contracts and their use by EPGs
Number of entries in a contract X Number of Consumer EPGs X Number of Provider EPGs X 2
N/A
Maximum number of EPGs providing the same contract
10
10
Maximum number of EPGs consuming the same contract
10
10
FEX VPC
Maximum EPGs behind FEX VPC port
20
N/A
VMM Scalability Limits
Configurable Options
Per Leaf Scale
Per Fabric Scale
VMware
Number of vCenters (vDS)
N/A
10 (Verified with a load of 10 events/minute for each vCenter)
Number of vCenters (AVS)
N/A
5
Datacenters in a vCenter
N/A
2
Combination of (VMM domain, VMM controller (vCenter/vShield)
N/A
10
Number of ESX hosts per AVS
240
N/A
Number of EPGs per vCenter/vDS
N/A
5,000
Number of EPGs to VMware domans/vDS
N/A
5,000
Number of EPGs per vCenter/AVS
N/A
3,500
Number of EPGs to VMware domains/AVS
N/A
3,500
Number of endpoints (EPs) per AVS
10,000
10,000
Number of endpoints per vDS
10,000
10,000
Number of endpoints per vCenter
10,000
10,000
Support RBAC for AVS
N/A
Yes
Support RBAC for vDS
N/A
Yes
Microsegmentation/DFW with AVS
Number of ESX hosts per AVS
100
N/A
Number of Microsegment EPGs
1,000
N/A
Number of DFW flows per vEth
10,000
N/A
Number of DFW flows per ESX host
200,000
N/A
Number of VMM domains per Microsegment EPG
N/A
1
Microsoft
Number of controllers per SCVMM domain
N/A
5
Number of SCVMM domains
N/A
4
VMM domains for Microsoft (in addition to that of VMware)
N/A
5
EPGs per Microsoft VMM domain
N/A
3,000
EPGs per all Microsoft VMM domains
N/A
9,000
EP/VNICs per HyperV host
N/A
100
EP/VNICs per SCVMM
N/A
3,000
Number of logical switch per host
N/A
1
Number of uplinks per logical switch
N/A
4
Number of Windows Azure Pack subscriptions
N/A
1,000
Number of plans per Windows Azure Pack instance
N/A
150
Number of users per plan
N/A
200
Number of subscriptions per user
N/A
3
VM networks per Windows Azure Pack user
N/A
100
VM networks per Windows Azure Pack instance
N/A
3,000
Number of tenant shared services/providers
N/A
40
Number of consumers of shared services
N/A
40
Number of VIPs [in Windows Azure Pack deployment]
N/A
50
Microsoft microsegmentation
1,000
N/A
Layer 4 - Layer 7 Scalability Limits
Configurable Options
(L4-L7 Configurations)
Per Leaf Scale
Per Fabric Scale
Maximum number of L4-L7 logical device clusters
N/A
1,500
Maximum number of graph instances
N/A
1,000
Maximum number of VIPs per graph instance
N/A
1
Maximum number of VIPs per fabric
N/A
1,000
Number of device clusters per tenant
N/A
30
Number of interfaces per device cluster
N/A
Any
Number of graph instances per device cluster
N/A
100
Deployment scenario for ASA (transparent or routed)
N/A
Yes
Deployment scenario for Citrix - One arm with SNAT/etc.
N/A
Yes
Deployment scenario for F5 - One arm with SNAT/etc.
N/A
Yes
AD, TACACS, RBAC Scalability Limits
Configurable Options
Per Leaf Scale
Per Fabric Scale
Number of ACS/AD/LDAP authorization domains
N/A
4 tested (16 maximum /server type)
Number of login domains
N/A
15 (can go beyond)
Number of security domains/APIC
N/A
15 (can go beyond)
Number of security domains in which the tenant resides
N/A
4 (can go beyond)
Number of priority
N/A
4 tested (16 per domain)
Number of shell profiles that can be returned
N/A
4 tested (32 domains total)
Number of users
N/A
8,000 local / 8,000 remote
Number of simultaneous logins
N/A
500 connections / NGNIX simultaneous REST logins
Copyright © 2015, Cisco Systems, Inc. All rights reserved.