Cisco Nexus 7000 Series NX-OS Verified Scalability Guide

This document describes the Cisco NX-OS configuration limits for the Cisco Nexus 7000 Series switches.

New and Changed Information

The table below summarizes the new and changed features for this document and shows the releases in which each feature is supported. Your software release might not support all the features in this document. For the latest caveats and feature information, see the Bug Search Tool at https://tools.cisco.com/bugsearch/ and the release notes for your software release.

Table 1. New and Changed Verified Scalability Values

Date

Description

Changed in Release

July 2, 2018

Added verified scalability values for Cisco NX-OS 8.3(1) release in all the sections.

Cisco NX-OS 8.3(1)

January 30, 2018

Added the verified scalability value for the OSPF LSA in the Configuration Limits for Uniocast Routing section.

Cisco NX-OS 8.1(2)

September 27, 2017

Added verified scalability values per Cisco NX-OS 8.2(1) release to the following sections — Configuration Limits for OTV and Configuration Limits for VXLAN.

Cisco NX-OS 8.2(1)

May 3, 2017

  • Added value for the number of VLANs per Fabric Extender server interface on M3 modules in the "Configuration Limits for Connecting Cisco Nexus 2000 Series Fabric Extenders to Cisco Nexus 7000 Series Switches" section.

  • Added value for the maximum number of multi-hop BFD sessions supported in the "Configuration Limits for Interfaces" section.

Cisco NX-OS 8.1(1)

December 21, 2016

Added verified scalability values per Cisco NX-OS 8.0(1) release to the following sections — Configuration Limits for Unicast Routing, Configuring Limits for MPLS, Configuration Limits for Remote Integrated Service Engine, Configuration Limits for Interfaces, Configuration Limits for FCoE, Configuration Limits for Connecting Cisco Nexus 2000 Series Fabric Extenders to Cisco Nexus 7000 Series Switches, Configuration Limits for Intelligent Traffic Director, Configuration Limits for LISP, Configuration Limits for Multicast Routing, Configuration Limits for OTV, Configuration Limits for System Management, Configuration Limits for Security, and Configuration Limits for VXLAN.

Cisco NX-OS 8.0(1)

September 11, 2016

Added values for ITD scale limits per Cisco NX-OS 7.3(1)D1(1) release to the "Configuration Limits for Intelligent Traffic Director" section.

Cisco NX-OS 7.3(1)D1(1)

May 10, 2016

Added verified scalability values per Cisco NX-OS 7.3(0)DX(1) release to the "Configuration Limits for Interfaces", "Guidelines and Limitations for vPC Configuration Limits", "Guidelines and Limitations for vPC+ Configuration Limits", "Configuration Limits for OTV", "Configuration Limits for Multicast Routing", "Configuration Limits for Security", and "Configuration Limits for VXLAN" sections.

Cisco NX-OS 7.3(0)DX(1)

February , 2016

  • Added verified scalability values per Cisco NX-OS 7.3(0)D1(1) release to the "Configuration Limits for FCoE" section.

  • Added values for ITD scale limits per Cisco NX-OS 7.3(0)D1(1) release to the "Configuration Limits for Intelligent Traffic Director" section.

Cisco NX-OS 7.3(0)D1(1)

October 15, 2015

Added values for ITD scale limits per Cisco NX-OS 7.2(1)D1(1) release to the "Configuration Limits for Intelligent Traffic Director" section.

Cisco NX-OS 7.2(1)D1(1)

June 26, 2015

Updated the values for Cisco TrustSec Number of IP- IP-SGT mappings in the "Configuration Limits for Security".

Cisco NX-OS 7.2(0)D1(1)

June 19, 2015

Added verified scalability values per Cisco NX-OS 7.2(0)D1(1) release to the "Configuration Limits for FCoE" section.

Cisco NX-OS 7.2(0)D1(1)

February 3, 2015

Added Configuration Limits for PVLAN.

6.2(12)

November 08, 2014

Updated the values for Remote Integrated Service Engine (RISE).

6.2(10)

October 17, 2014

Updated the values for ITD services per VDC and virtual IPs per ITD service in the "Configuration Limits for Intelligent Traffic Director" table.

6.2(10)

April 25, 2014

  • Added new section for Remote Integrated Service Engine (RISE) values.

  • Added new section for Intelligent Traffic Director (ITD) values.

  • Updated number of class maps per policy value in "Configuration Limits for QoS."

  • Updated the "Guidelines and Limitations for vPC Configuration Limits" table.

6.2(8)

February 24, 2014

  • Added values for private VLANs to the table in the "Configuration Limits for Layer 2 Switching" section.

  • Added values for the number of secondary IP addresses used for OTV traffic depolarization to the table in the "Configuration Limits for OTV" section.

  • Added values for the number of physical port vPCs on front panel ports used for FCoE to the table in the "Configuration Limits for Interfaces" section.

6.2(6)

January 8, 2014

Added a new parameter to the table in the "Guidelines and Limitations for EIGRP Configuration Limits" section.

6.2

January 7, 2014

Removed the outdated values for "Number of neighbors + passive interfaces + routes" in the "Guidelines and Limitations for EIGRP Configuration Limits" section.

6.2

January 6, 2014

  • Updated the EIGRP verified scalability numbers in Table 14 (Configuration Limits for Unicast Routing) for Cisco NX-OS Release 6.2(6).

  • Updated the configuration limits for Cisco NX-OS Release 6.2(6) in the "Guidelines and Limitations for EIGRP Configuration Limits" section.

6.2(6)

November 2013

  • Added the specified I/O modules to introductory paragraphs for vPC+ and vPC guidelines and limitations in Cisco NX-OS 6.2 releases.

  • Updated and added the information for validated VPC scalability in Cisco NX-OS 6.2 releases.

6.2

August 2013

Updated the verified scalability values.

6.2(2)

October 2012

Updated the verified scalability values.

6.1(2)

August 2012

Updated the verified scalability values.

6.1

November 2011

Initial version of the guide with information for shipping releases.

Introduction

The scalability of Cisco Nexus 7000 Series switches has been verified for the following features:
  • Cisco Nexus 2000 Series Fabric Extender connectivity to Cisco Nexus 7000 Series switches

  • FabricPath

  • Fibre Channel over Ethernet (FCoE)

  • Interfaces

  • Layer 2 switching

  • Locator/ID Separation Protocol (LISP)

  • Multiprotocol Label Switching (MPLS)

  • Multicast routing

  • Overlay Transport Virtualization (OTV)

  • Quality of Service (QoS)

  • Security

  • System management

  • Unicast routing

  • Virtual device context (VDC)

  • Private VLAN (PVLAN)

  • Remote Integrated Service Engine (RISE)

  • Virtual Extensible LAN (VXLAN)

To make the best use of this document, please take note of the following:

  • All numbers are per system unless noted otherwise. For example, a listed number of FCoE fabric logins can be in a single VDC or be a sum of fabric logins across all VDCs in the system. Any changes in the number of supported VDCs do not automatically imply changes in the supported scale for other features.

  • If the latest release has an updated value for a parameter but the previous release does not, specific information for the previous release is not available.

  • If a release is not listed in a specific column in the configuration limits support table, consider the scale numbers listed for the previous release.

  • The values provided in this guide are uni-dimensional. They focus on the scalability of one particular feature at a time. Results might differ from the values listed here when trying to achieve maximum scalability with multiple features enabled.

  • The values provided in this guide should not be interpreted as theoretical system limits for Cisco Nexus 7000 Series and Cisco Nexus 7700 Series hardware or Cisco NX-OS software. These limits refer to values that have been validated by Cisco. They can increase over time as more testing and validation is done.

  • Cisco NX-OS Release 6.1 introduced support for Cisco Nexus 7000 Supervisor 2 and Supervisor 2e. Supervisor 2e is designed to provide the highest software scalability. If a higher uni-dimensional scale is verified on Supervisor 2e, the scale values for each supervisor will be listed using the following notation: Supervisor 1 value/Supervisor 2 value/Supervisor 2e value. If Supervisor 2e is not verified to provide a higher uni-dimensional scale for a particular feature parameter, a single scalability value will be listed for all supervisors.

    Note

    Supervisor 2e is strongly recommended in multi-dimensional scalability scenarios, particularly when multiple VDCs are used and the Cisco NX-OS version deployed is 6.2 or above. From Cisco NX-OS Release 8.3(1) onwards either Supervisor 2e/Supervisor 3 is recommended for the above scenario.


  • Cisco NX-OS Release 6.2 introduced support for Cisco Nexus 7700 switches. Supervisor 2e running on Cisco Nexus 7700 switches provides the same software scalability as Supervisor 2e running on Cisco Nexus 7000 switches.

  • Cisco NX-OS Release 7.2(1)D1(1) introduced support for scale limit monitoring on Cisco Nexus 7000 Supervisor 2 and Supervisor 2E and on Cisco Nexus 7700 switches. The Scale Limit Monitoring feature enables you to monitor the scale limit both at the system level and the VDC level. This feature monitors the scale limits for various features across different VDCs on the device and alerts you if the system crosses the permissible scale limit.

Configuration Limits for Connecting Cisco Nexus 2000 Series Fabric Extenders to Cisco Nexus 7000 Series Switches

Table 2. Configuration Limits for Connecting Cisco Nexus 2000 Series Fabric Extenders to Cisco Nexus 7000 Series Switches
Parameter Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.1(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
Number of Fabric Extenders with total number of Fabric Extender server interfaces on Supervisor 1 or 2 or 3 module 32 with 1536 32 with 1536 32 with 1536 32 with 1536 32 with 1536 32 with 1536 32 32
Number of Fabric Extenders with total number of Fabric Extender server interfaces on Supervisor 2e or Supervisor 3 module 64 with 3072 64 with 3072 64 with 3072 64 with 3072 64 with 3072 48 with 2048 N/A N/A
Number of VLAN IDs per Fabric Extender 2000 2000 2000 2000 2000 2000 2000 2000
Number of VLANs per Fabric Extender server interface 75 75 75 75 75 50 50 50
Number of VLANs per Fabric Extender server interface (with M3 as the parent module) 300 300 N/A N/A N/A N/A N/A N/A
Number of subinterfaces per Fabric Extender server interface 63 63 63 63 63 63 63 63
Number of Fabric Extenders in Active-Active mode 32 32 32 16 N/A N/A N/A N/A
Number of FEX server ports for Sup2 / Sup2E / Sup3 1536 / 3072 / 3072 1536 / 3072 1536 / 3072 N/A N/A N/A N/A N/A

Note

  • To achieve the highest VLAN per Fabric Extender (FEX) port scale, Cisco recommends connecting FEX uplinks to one switch on chip (SoC) on F2/F2e or F3 series modules instead of spreading them across different SoCs.
  • In Cisco NX-OS 7.3(0)D1(1) release, the number of Fabric Extenders in Active-Active mode is 32.

Configuration Limits for FabricPath

Table 3. Configuration Limits for FabricPath
Feature Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
Number of VLANs per switch

4000

4000

4000 4000

2000 (Cisco NX-OS Release 6.1.1)

4000 (Cisco NX-OS Release 6.1.2)

2000 2000
Number of core ports per switch in SUP1/SUP2/SUP2E/SUP3 modules

512 / 512 / 768/768

512 / 512 / 768

512 / 512 / 768 256 / 256 / 768 256 256 256
Number of edge ports per switch

384

384

384 384 256 256 256
Number of topologies

8

8

8 8 1 1 1
Number of trees per topology

2

2

2 2 2 2 2
Number of multicast groups per switch

10,000

10,000

10,000 10,000 10,000 10,000 10,000
Number of FabricPath IS-IS adjacencies in SUP1/SUP2/SUP2E/SUP3 modules

512 / 512 / 768 / 768

512 / 512 / 768

256 / 256 / 768 256 / 256 / 768 256 256 256
Number of switch IDs in SUP1/SUP2/SUP2E/SUP3 modules

512 / 512 / 768 / 768

512 / 512 / 768

256 / 256 / 768 256 / 256 / 768

128 (Cisco NX-OS Release 6.1.1)

256 (Cisco NX-OS Release 6.1.2)

128 64

Note

The number of vPC+ links is 768/4k.



Note

To achieve the maximum number of topologies, Cisco recommends enabling the no port-channel limit command. Enabling this command will cause a brief disruption to traffic.


Configuration Limits for FCoE

Table 4. Configuration Limits for FCoE
Parameter

Verified Limit (Cisco NX-OS 8.3(1))

Verified Limit (Cisco NX-OS 8.0(1))

Verified Limit (Cisco NX-OS 7.3(0)D1(1))

Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2)
Number of fabric logins per switch

4000

4000

4000

2500 2500
Number of fabric logins per line card

1000

1000

1000

1000 500
Number of fabric logins per port/chassis

256

256

256

256 256
Number of fabric logins per fabric

20000

20000

20000

10000 N/A
Number of FCoE hops

7

7 7
Number of vFC interfaces

384

384

768

512 396
Number of vFC port channels

128

128

127

127

128

Number of zone members per fabric

32000

32000

32000

16000 16000
Number of zones per fabric

16000

16000

16000

8000 8000
Number of zones per switch

16000

16000

16000

8000 N/A
Number of zone sets per switch

1000

1000

1000

500 500
Number of VSANs per fabric

80

80

80

80 80

FCoE over long distance for 10G F2/F2e and F3 cards (in kilometers)

80

80

80

80

N/A

FCoE over long distance for 40G F3 cards (in kilometers)

40

40

40

40

N/A

Device alias entries

12000

12000

20000

N/A

N/A

IVR zones

1000

1000

1000

N/A

N/A

IVR zone members

2000

2000

2000

N/A

N/A

IVR zonesets

32

32

32

N/A

N/A

IVR

16

16

16

N/A

N/A

Number of physical port virtual Private Channels (vPCs) supporting FCoE over FEX

256

256

256

256 N/A
Maximum number of fabric extenders supporting FCoE over FEX

24

24

24

Note 

This value has been verified with a mix of Cisco Nexus 2232P and 2348UPQ FEX types.

24 N/A
Number of ports (includes both Dedicated and Shared ports) allocated to a storage VDC

768

768

768

512 N/A
Number of physical port vPC and vPC+ links
Note 

The ports can be front panel ports or FEX ports.

40(384)**

40(384)**

40(384)**

40(256)* N/A

* The number of tested physical port vPC and vPC+ links is 40. You can configure a maximum of 256 physical port vPC and vPC+ links.

** The number of tested physical port vPC and vPC+ links is 40. You can configure a maximum of 384 physical port vPC and vPC+ links.


Note

The following FCoE parameters are validated in Cisco NX-OS Release 8.0(1):

- The number of domains is 80.

The numbers above are verified and supported on Cisco Nexus 7700 switches with Supervisor 2e and Supervisor 3 module from Cisco NX-OS Release 8.3(1) onwards.


Configuration Limits for Intelligent Traffic Director

Feature

Verified Limit (Cisco NX-OS 8.3(1))

Verified Limit (Cisco NX-OS 8.0(1))

Verified Limit (Cisco NX-OS 7.3(1)D1(1))

Verified Limit (Cisco NX-OS 7.3(0)D1(1))

Verified Limit (Cisco NX-OS 7.2(1)D1(1))

Verified Limit (Cisco NX-OS 7.2(0)D1(1))

Verified Limit (Cisco NX-OS Release 6.2)

1

Number of nodes per ITD device group

128

128

128

32

31

256

256

Number of ITD services per VDC

128

128

128

128

128

32

8 (Cisco NX-OS Release 6.2.8)

32 (Cisco NX-OS Release 6.2.10)

Number of ITD services per Nexus 7000 Series switch.

128 x maximum number of VDCs

128 x maximum number of VDCs

128 x maximum number of VDCs

128 x maximum number of VDCs

128 x maximum number of VDCs

32 x maximum number of VDCs

8 x maximum number of VDCs (Cisco NX-OS Release 6.2.8)

32 x maximum number of VDCs (Cisco NX-OS Release 6.210)

Number of ingress interfaces per ITD service

511

511

512

512

512

512

512

Number of virtual IP addresses per ITD service

128

128

255

255

255

16

8 (Cisco NX-OS Release 6.2.8)

16 (Cisco NX-OS Release 6.2.10)

Number of device-groups per VDC

128

128

128

128

--

--

--

Number of device-groups per ITD service

128

128

128

Each virtual IP address can have its own unique device-group.

128

Each virtual IP address can have its own unique device-group.

1

1

1

Number of buckets per ITD service

1000

1000

2000 *

2000 *

2000 *

--

--

Number of probes per ITD service

500

500

500

500

500

500

500

Number of probes per VDC

500

500

500

500

500

500

500

Number of probes per Nexus 7000 Series switch.

500 x maximum number of VDCs

500 x maximum number of VDCs

500 x maximum number of VDCs

500 x maximum number of VDCs

500 x maximum number of VDCs

500 x maximum number of VDCs

500 x maximum number of VDCs

1 All scale values for Cisco NX-OS 6.2 releases are from Cisco NX-OS Release 6.2(8) onwards.

* By default the number of buckets used is the product of total virtual IPs and total nodes associated to a ITD policy.

Configuration Limits for Interfaces

Table 5. Configuration Limits for Interfaces
Feature Parameter Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.1(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3(0)DX(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)

Port channels

Number of port channels

744

744

744

744

744

744

528

528

528

Virtual port channels (vPCs)

Number of vPCs (total)

744

744

744

744

744

744

528

528

528

Number of vPCs (FEX)

744

744

744

744

744

744

528

528

528

Number of vPC+s (total)

3842

384 2

3842

3842

3842

3842

244

244

244

Number of physical port vPCs on front panel ports used for FCoE

30

30

30

30

30

30 from Cisco NX-OS Release 6.2(6)

N/A

N/A

N/A

vPC orphan-port suspend config

800

800

800

800

800

800

N/A

N/A

N/A

BFD Minimum interval x multiplier (peers over Layer 3 link or Layer 3 port channel with per-link mode)

50 msec x 3

50 msec x 3

50 msec x 3

50 msec x 3

50 msec x 3 50 msec x 3 50 msec x 3 50 msec x 3 50 msec x 3
Minimum interval x multiplier (peers over Layer 2 port channel and Layer 3 port channel without per-link mode)

250 msec x 3

250 msec x 3

250 msec x 3

250 msec x 3

250 msec x 3 250 msec x 3 250 msec x 3 250 msec x 3 250 msec x 3
Number of sessions per I/O module with subinterface optimize

1000

1000

1000

1000

1000 1000 N/A N/A N/A
Number of sessions per I/O module with 300 msec x 3 interval

1000

1000

1000

1000

500 500 N/A N/A N/A
Number of sessions per I/O module with 50 msec x 3 interval

250

250

250

1000

250 250 200 200 200
Number of sessions per I/O module with 15 msec x3 interval (F3/M3)

250

250

250

250

N/A

N/A

N/A

N/A

N/A

Maximum number of BFD multi-hop sessions 1003 1004

N/A

N/A

N/A

N/A

N/A

N/A

N/A

Number of sessions

2000

2000

2000

2000

2000 2000 1000 1000 1000
Generic routing encapsulation (GRE) Number of GRE tunnels

1500

1500

1500

1500

1500 1500 1500 1500 1500
Sub-Interfaces Number of sub-interfaces (total)

4000

4000

4000

4000

4000 4000 NA NA NA
Number of sub-interfaces (total) per Port

1500

1500

1500

1500

1500 1500 NA NA NA
2 To achieve more than 244 VPC+s, you must enable the no port-channel limit command. Enabling this command will cause a brief disruption to traffic. This applies to F2, F3, and M3 modules.
3 The maximum number of BFD multi-hop sessions supported is 100 if the sum of single-hop and multi-hop sessions on the system is not greater than 1000. Which means, if there are already 950 BFD single-hop sessions, then only 50 BFD multi-hop sessions are supported.
4 The maximum number of BFD multi-hop sessions supported is 100 if the sum of single-hop and multi-hop sessions on the system is not greater than 1000. Which means, if there are already 950 BFD single-hop sessions, then only 50 BFD multi-hop sessions are supported.

Guidelines and Limitations for vPC Configuration Limits

The following vPC values are validated in Cisco NX-OS Release 8.0(1).

Number of vPCs / VLANs - Sup2e 768/4k

Number of physical port vPCs on front panel ports (LAN) - 768

Number of physical port vPCs on FEX (LAN) - 1500

Number of physical port vPC+ on front panel ports - 384

Number of multicast groups - 24k


Note

Refer to Table-6 for individual module scale numbers.


The vPC configuration limits such as the number of vPC+ and VLANs in a vPC+ domain depend on many different parameters. The following templates are validated in the Cisco NX-OS 7.3(0)DX(1)) release with different I/O modules where applicable and should be used as a guide in planning your deployment. The Profile D column in the following table is applicable to Cisco NX-OS Release 6.2(x) only.

Table 6. Guidelines and Limitations for vPC Configuration Limits
Feature Profile A (RSTP) Profile B Profile C Profile C Profile D*
vPC 75 70 744 190 75
VDC 4 4 1 1 1
VLANs 500 4000 4000 4000 500
VLAN trunked per vPC 30 4000 400 1500 30
SVI 300 4000 4000 4000 500
RPVST+ logical ports 16,000 N/A -- MST used N/A -- MST used N/A -- MST used 6,500
STP virtual ports 150,000 300,000 300,000 300,000 90,000
HSRP groups 300 4000 4000 4000 500
Supervisor 2e 2e 2e 2e 1
Modules M3//F3 M3//F3 F2e/F3 M3 M2/F2e/F3

Note

  • For the highest vPC scalability, Cisco recommends deploying MST and Supervisor 2e/Supervisor3. For scenarios with 4000 VLANs and SVIs and HSRP, Cisco recommends using the M2 Series modules.
  • * Supervisor 1 modules are supported only in Cisco NX-OS Release 6.2(x) and earlier.

Table 7. Guidelines and Limitations for Hif-vPC Configuration Limits
Feature Profile A
Hif-vPC 750
Physical Port Hif- vPC 1500
VDC 1
VLANs 2000
VLAN truncked per vPC 1
SVI 4000
RPVST+ logical ports RSTP
Supervisor 2e
Modules F2e/F3

Guidelines and Limitations for vPC+ Configuration Limits

The vPC+ configuration limits such as the number of vPC+ and VLANs in a vPC+ domain depend on many different parameters. The following templates are validated in the Cisco NX-OS 7.3(0)DX(1)) release with F2e, F3 I/O modules and should be used as a guide in planning your deployment.

Table 8. Guidelines and Limitations for vPC+ Configuration Limits
Feature Profile A* Profile B
vPC+ 384 35
VDC 2 1
VLANs per VDC 2000 4000
VLAN / vPC 750 4000
HSRP groups 384 4000
Supervisor 2e 2e
Modules F2e/F3 F2e/F3

Note

* To achieve more than 244 VPC+s, you must enable the no port-channel limit command. Enabling this command will cause a brief disruption to traffic.


Table 9. Guidelines and Limitations for Hif-vPC+ Configuration Limits
Feature Profile A
Hif-vPC+ 384
Physical Port Hif- vPC+ 384
VDC 2
VLANs per VDC 2000
VLAN / vPC 1
HSRP groups 384
Supervisor 2e
Modules F2e/F3

Guidelines and Limitations for BFD Configuration Limits

  • Beginning with Cisco NX-OS Release 6.2, the number of sessions can be all IPv4, all IPv6, or a mix of both.

  • For the highest per-module scale, Cisco recommends using the M2, M3, F2, F2e, or F3 Series modules.

  • For the highest per-system scale, Cisco recommends using Supervisor 2e/Supervisor 3 module.

Configuration Limits for Layer 2 Switching

Table 10. Configuration Limits for Layer 2 Switching
Feature Parameter Cisco NX-OS 8.3(1) Cisco NX-OS 8.0(1) Cisco NX-OS 7.2(0)D1(1) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
Layer 2 infrastructure Number of Layer 2 table entries on M Series I/O modules 128,000 128,000 128,000 128,000 128,000 128,000 128,000
Number of Layer 2 table entries on F1 Series I/O modules 16,000 to 256,000 16,000 to 256,000 16,000 to 256,000 16,000 to 256,000 16,000 to 256,000 16,000 to 256,000 16,000 to 256,000
Number of Layer 2 table entries on F2 or F2e Series I/O modules 16,000 to 192,000 16,000 to 192,000 16,000 to 192,000 16,000 to 192,000 16,000 to 192,000 16,000 to 192,000 N/A
Number of Layer 2 table entries on F3 Series I/O modules 64,000 64,000 64,000 64,000 N/A N/A N/A
Number of bridge domains supported 1000 1000 N/A N/A N/A N/A N/A
Number of MAC addresses on an M3 module 384,000 384,000 N/A N/A N/A N/A N/A
Number of MAC addresses per VDC on an M3 module 192,000 192,000 N/A N/A N/A N/A N/A
Number of MAC addresses on M1-XL or M2-XL modules 128,000 128,000 N/A N/A N/A N/A N/A
Number of MAC addresses per VDC on M1-XL or M2-XL modules 128,000 128,000 N/A N/A N/A N/A N/A
Spanning Tree Protocol Number of Multiple Spanning Tree (MST) instances per VDC 64 64 64 64 64 64 64
Number of MST virtual ports on SUP1/SUP2/SUP2E/SUP3 90,000 / 90,000 / 300,000/ 300,000 90,000 / 90,000 / 300,000 90,000 / 90,000 / 300,000 90,000 / 90,000 / 150,000 90,000 90,000 90,000
Number of STP Virtual Ports 300,000 300,000 N/A N/A N/A N/A N/A
Number of Rapid per-VLAN Spanning Tree+ (RPVST+) logical ports per switch 16,000 16,000 16,000 16,000 16,000 16,000 16,000
VLAN Translation Number of VLAN translations per interface in M3/F3/F2E modules 2000 2000 2000 2000 N/A N/A N/A

Note

The F2, F2e, and F3 modules synchronize the MAC address tables for a VLAN across all Switch on Chips (SoCs) present in a virtual device context (VDC) when a switch virtual interface (SVI) for the VLAN is configured. Synchronizing the MAC address tables can reduce the number of MAC addresses supported in a VDC to the number of MAC addresses supported in one Switch on Chip, which is16,000 for F2/F2e I/O module and 64,000 for F3 I/O module.

Configuration Limits for LISP

Table 11. Configuration Limits for Map Server and Ingress Tunnel Routers (ITRs) and Egress Tunnel Routers (ETRs)
Feature Parameter Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
Map server Number of mapping entries registered on a map server 10,000 10,000 10,000 10,000 10,000 10,000 1000
Number of RLOCs per EID mapping entry 8k 8k 8k 8k 8k 8k 8k
ITR/ETR Number of dynamic EID mapping entries registered to a map server 7000 7000 7000 250 250 250 250
Number of EIDs with static mapping entries registered to a map server (per address family and per VRF) 4 4 4 4 4 4 4
Number of VRFs 300 300 300 300 300 300 300
Multi-Tenancy Number of instances on a map server 256 256 256 256 N/A N/A N/A
Number of instances on xTR and PxTR 256 256 256 256 N/A N/A N/A
PxTR Number of EID prefixes on PxTR map cache 1000 1000 1000 1000 N/A N/A N/A
xTR Number of EID prefixes on xTR map cache 10,000 10,000 10,000 10,000 N/A N/A N/A

Configuration Limits for MPLS

Table 12. Configuration Limits for MPLS
Feature Parameter Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3(0)DX(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
LDP and infrastructure Maximum label depth for forwarding 4 4 4 4 4 4 4 4
Number of LDP sessions 200 200 200 200 200 200 200 200
Traffic engineering Number of MPLS TE head-end tunnels 5000 5000 5000 5000 5000 4000 4000 4000
Number of MPLS TE mid-point LSPs (transit) 12,0005 12,0006 12,000 12,000 12,000 12,000 12,000 12,000
Supported load balancing over LSPs 16 16 N/A N/A N/A N/A N/A N/A
Number of MPLS TE head-end tunnels 5K system / 2.5k VDC 5K system / 2.5k VDC N/A N/A N/A N/A N/A N/A
The supported RSVP TE LSP setup rate (LSPs/sec) 200 200 N/A N/A N/A N/A N/A N/A
Layer 2 VPN (L2VPN) Number of pseudo-wires for VPLS 2000 2000 2000 2000 2000 N/A N/A N/A
Number of pseudo-wires for EoMPLS 4000 4000 4000 4000 4000 N/A N/A N/A
Number of VPLS virtual forwarding instances (VFIs) 3000 3000 1000 1000 1000 N/A N/A N/A
Number of VPLS bridge domains 1000 1000 1000 1000 1000 N/A N/A N/A
Number of VPLS sites 16 single-homed

8 dual-homed

16 single-homed

8 dual-homed

16 single-homed

8 dual-homed

16 single-homed

8 dual-homed

16 single-homed

8 dual-homed

N/A N/A N/A
Number of MAC addresses in VPLS across all VLANs 40,000 40,000 40,000 40,000 40,000 N/A N/A N/A
Number of L2VPN EVCs supported 1000 1000 N/A N/A N/A N/A N/A N/A
Number of L2VPN EFPs supported 1000 1000 N/A N/A N/A N/A N/A N/A
Layer 3 VPN (L3VPN) Number of VPNs in SUP1/SUP2/SUP2E/SUP3 modules 1000 / 1000 / 4000 /4000 1000 / 1000 / 4000 1000 / 1000 / 4000 1000 / 1000 / 4000 1000 / 1000 / 4000 1000 1000 1000
Number of VPNv4 routes with per-prefix label allocation mode in SUP1/SUP2/SUP2E/SUP3 modules 300,000 / 300,000 / 500,000 /500,000 300,000 / 300,000 / 500,000 300,000 / 300,000 / 500,000 300,000 / 300,000 / 500,000 300,000 / 300,000 / 500,000 300,000 300,000 300,000
Number of VPN labels with per-prefix label allocation mode in SUP1/SUP2/SUP2E/SUP3 modules 300,000 / 300,000 / 500,000/500,000 300,000 / 300,000 / 500,000 300,000 / 300,000 / 500,000 300,000 / 300,000 / 500,000 300,000 / 300,000 / 500,000 300,000 300,000 300,000
Number of VPNv4 routes with per-VRF label allocation mode in SUP1/SUP2/SUP2E/SUP3 modules 500,000 / 500,000 / 700,000/700,000 500,000 / 500,000 / 700,000 500,000 / 500,000 / 700,000 500,000 / 500,000 / 700,000 500,000 / 500,000 / 700,000 500,000 500,000 500,000
Number of VPN labels with per-VRF label allocation mode in SUP1/SUP2/SUP2E/SUP3 modules 1000 / 1000 / 4000 /4000 1000 / 1000 / 4000 1000 / 1000 / 4000 1000 / 1000 / 4000 1000 / 1000 / 4000 1000 1000 1000
Number of VPNv6 (6VPE) routes with per-VRF label allocation mode in SUP1/SUP2/SUP2E/SUP3 modules 250,000 / 250,000 / 300,000 /300,000 250,000 / 250,000 / 300,000 250,000 / 250,000 / 350,000 250,000 / 250,000 / 350,000 250,000 / 250,000 / 350,000 250,000 250,000 250,000
Number of route targets imported in one VRF 1000 1000 1000 1000 1000 Not tested Not tested Not tested
Inter AS Option B 500,000 500,000 150,000 Not tested Not tested Not tested Not tested Not tested
Number of L3 VPNs with PE-CE (static + OSPF/IS-IS/EIGRP) 1000 (2 EIGRP neighbors per vrf; 100 routes per vrf) 1000 (2 EIGRP neighbors per vrf; 100 routes per vrf) N/A N/A N/A N/A N/A N/A
Number of supported LDP sessions in L3VPN 200 200 N/A N/A N/A N/A N/A N/A
LDP convergence supported in L3VPN Less than 2s Less than 2s N/A N/A N/A N/A N/A N/A
MVPN Number of multicast VRFs 200 200 200 200 200 200 200 200
Number of multicast VRF routes 50,000 50,000 50,000 50,000 50,000 50,000 50,000 50,000
Number of MDT groups 1000 1000 1000 1000 1000 1000 1000 1000
Number of MDT groups per VRF 1000 1000 1000 1000 1000 256 256 256
Number of MDTs per VRF supported in MVPN ENH 200 200 N/A N/A N/A N/A N/A N/A
Total number of MDT tunnels (interfaces) 500 500 N/A N/A N/A N/A N/A N/A
The supported RSVP Hellos (100 neighbors with 5 sec interval) 100 100
5 Number of MPLS TE mid-point LSPs (transit and terminating) is 30,000
6 Number of MPLS TE mid-point LSPs (transit and terminating) is 30,000

Note

Inter AS Option B is supported on the M2 modules. Up to 150,000 option B labels are supported from Cisco NX-OS Release 7.2(0)D1(1) onwards.

Cisco NX-OS Release 7.3(0)DX(1) and Cisco NX-OS Release 7.3(1)D1(1) support Inter AS Option B on the M3 modules with 150,000 labels.

When M2 and M3 modules are used in the same VDC, the supported scale in the VDC is 150,000 labels.

Number of VRFs for handoff (MP-BGP) in a M3 module is 4000.


Guidelines and Limitations for MPLS L2VPN Configuration Limits

  • Each MPLS L2VPN scale value might vary when combined with other parameters.

  • For VPLS, the more sites that are used, the fewer VFIs and bridge domains that can be supported due to the increased number of pseudo-wires to connect sites in a full mesh.

Guidelines and Limitations for MPLS L3VPN Configuration Limits

  • Each MPLS L3VPN scale value might vary when combined with other parameters. See examples of scenarios tested with Supervisor 2e running Cisco NX-OS Release 6.2 for better guidance.

  • The following scenarios were tested in a single VDC as well as in VRFs broken up across four VDCs. 85% of the routes were local, and 15% were remote.

    Table 13. Guidelines and Limitations for MPLS L3VPN Configuration Limits
    Parameter Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2)
    Number of L3VPNs with PE-CE (2000 static routes + 2000 BGP sessions) 4000 4000 4000
    Number of L3VPNs without PE-CE (direct routes) 4000 4000 4000
    Number of L3VPNs in InterAS OptB lite 4000 4000 4000

Configuration Limits for Multicast Routing

Table 14. Configuration Limits for Multicast Routing
Feature Parameter Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3(0)DX(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
Multicast routing and forwarding Number of IPv4 multicast routes with PIM sparse mode 32,000 32,000 32,000 32,000 32,000 32,000 32,000 32,000
Number of IPv4 multicast routes with PIM bidirectional 32,000 32,000 32,000 32,000 32,000 Not tested Not tested Not tested
Number of IPv4 multicast routes using generic routing encapsulation reverse path forwarding (GRE RPF) interfaces or outgoing interfaces (OIFs) / number of GRE OIFs per route 16,000 / 8 16,000 / 8 16,000 / 8 16,000 / 8 16,000 / 8 16,000 / 8 16,000 / 8 16,000 / 8
Number of IPv4 multicast routes in a vPC environment 25,000 25,000 25,000 25,000 25,000 15,000 15,000 15,000
Number of total OIFs supported 1000 1000 1000 1000 1000 1000 1000 1000
Number of IPv6 multicast routes 2000 2000 2000 2000 2000 2000 2000 2000
Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Number of IGMP groups 32,000 32,000 32,000 32,0007 32,000 32,000 32,000 32,000
Number of IGMP sources per group 8 8 8 8 8 N/A N/A N/A
Number of IGMP Reports/Leave Rate 2000/s 2000/s 2000/s 2000/s 2000/s N/A N/A N/A
Number of MLD groups 2000 2000 2000 2000 2000 2000 2000 2000
Multicast Source Discovery Protocol (MSDP) Number of MSDP source-active (SA) cache entries 12,000 12,000 12,000 12,000 12,000 12,000 12,000 12,000
Number of MSDP peers 6 6 6 6 6 N/A N/A N/A
PIM Number of PIM IPv4 neighbors 1000 1000 1000 1000 1000 1000 1000 1000
Number of PIM IPv4 neighbors with aggressive (1/3) timers 50 50 50 50 50 N/A N/A N/A
Number of IPv4 multicast routes (ASM/SSM) 32,000 32,000 32,000 32,000 32,000 N/A N/A N/A
Number of multicast PIM Join/Prune Group 4000/s 4000/s 4000/s 4000/s 4000/s N/A N/A N/A
Number of multicast PIM Registers Encapulation and Decapsulation (packets per second) 3000 3000 3000 3000 3000 N/A N/A N/A
Number of PIM IPv6 neighbors with default timers 200 200 200 200 200 N/A N/A N/A
7 250 (*,G) X 130 (S,G) totaling 32500 for ASM;  32K (S,G) for SSM ;  32K (*,G) for BiDir

Note

Cisco recommends M2/M3 Series modules to achieve the highest multicast scale.



Note

High availability (stateful switchover and ISSU) is not supported with aggressive PIM hello timers. Cisco recommends using default PIM hello timers combined with BFD for PIM.


Configuration Limits for OTV

Table 15. Configuration Limits for OTV
Parameter

Verified Limit (Cisco NX-OS 8.3(1))

Verified Limit (Cisco NX-OS 8.2(1))

Verified Limit (Cisco NX-OS 8.0(1))

Verified Limit (Cisco NX-OS 7.3(0)DX(1)) Verified Limit (Cisco NX-OS 7.3(0)D1(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)

Number of extended VLANs across all configured overlays

2000

2000

2000

2000

2000

1500

1500

256

256

256

Number of extended VLAN ranges per Overlay on N7K / N77

64/64

64/64

64/64

64/64

64/64

64/64

64/64

64/64

N/A

N/A

Number of total OTV routes across all sites

64,000 on M3 modules

40,000 on F3 modules

64,000 on M3 modules

40,000 on F3 modules

32,000 on F3 and M3 modules

32,000

32,000

32,000

32,000

16,000

16,000

16,000

Number of local OTV routes per site

24,000

24,000

12,000

12,000

12,000

12,000

12,000

8,000

8,000

8,000

Number of edge devices per site

2

2

2

2

2

2

2

2

2

2

Number of OTV-connected sites

12

12

8

8

8

8

8

6

6

6

Number of OTV overlays (simultaneous)

10

10

10

10

10

10

10

10

10

10

Number of instances (instance-id)

1

1

1

1

1

1

1

1

1

1

Number of local multicast routes

4000

4000

4000

4000

4000

4000

4000

2000

2000

2000

Number of multicast data groups

256

256

256

256

256

256

256

256

256

256

Number of secondary IP addresses used for OTV traffic depolarization

3

3

3

3

3

3

3 from Cisco NX-OS Release 6.2(6)

N/A

N/A

N/A


Note

To achieve maximum VLAN and MAC address scale, Cisco recommends using one overlay.


Configuration Limits for PVLAN

Table 16. Configuration Limits for PVLAN
Feature Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)

Number of primary VLANs

25 (Classic Ethernet or FabricPath)

25 (Classic Ethernet or FabricPath)

25 (Classic Ethernet or FabricPath)

25 (Classic Ethernet or FabricPath)

N/A

N/A

N/A

Number of secondary VLANS

75 (Classic Ethernet or FabricPath)

75 (Classic Ethernet or FabricPath)

75 (Classic Ethernet or FabricPath)

75 (Classic Ethernet or FabricPath)

N/A

N/A

N/A

Number of ports in host mode

20 (10 vPC)

20 (10 vPC)

20 (10 vPC)

20 (10 vPC)

N/A

N/A

N/A

Number of ports in promiscuous mode

16 (8 vPC)

16 (8 vPC)

16 (8 vPC)

16 (8 vPC)

N/A

N/A

N/A

Number of ports in promiscuous trunk mode

150 (8 vPC)

150 (8 vPC)

150 (8 vPC)

150 (8 vPC)

N/A

N/A

N/A

Number of ports in trunk secondary mode

30 (8 vPC)

30 (8 vPC)

30 (8 vPC)

30 (8 vPC)

N/A

N/A

N/A

Number of private VLAN mappings per promiscuous trunk

16 (on non-vPC interface)

16 (on non-vPC interface)

16

16

16

16

16

Configuration Limits for QoS

Table 17. Configuration Limits for QoS
Parameter Verified Limit (Cisco NX-OS 8.3(1) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS Release 6.2) Verified Limit (Cisco NX-OS Release 6.1) Verified Limit (Cisco NX-OS Release 6.0) Verified Limit (Cisco NX-OS Release 5.2)

Number of class maps per policy

4096

4096

128

4096 in 6.2(8) and later releases

128

128

128

Number of class-maps across all policies in SUP1/SUP2/SUP2E/SUP3 modules

6,000 / 6,000 / 8,000 / 8,000

6,000 / 6,000 / 8,000

128

6,000 / 6,000 / 8,000 from 6.2(8) onwards

128

128

128

Number of matches in a class map

1024

1024

1024

1024

1024

1024

Number of policers on M1 I/O module

12288

12288

12288

12288

12288

12288

Number of policers on M2 I/O module

12288

12288

12288

12288

12288

12288

Number of policers on F1 I/O module

0

0

0

0

0

0

Number of policers for F2/F2E I/O module

12288*

12288*

12288*

12288

12288

N/A

Number of policers for F3 - N7K 40G I/O module

6144*

6144*

6144*

N/A

N/A

N/A

Number of policers for F3 - N77 10G I/O module

6144*

6144*

6144*

N/A

N/A

N/A

Number of policers for F3 - N77 40G I/O module

12288*

12288*

12288*

N/A

N/A

N/A

Number of policers for F3 - N77 100G I/O module

12288*

12288*

12288*

N/A

N/A

N/A

* 1,000 policers per SOC

Configuration Limits for Remote Integrated Service Engine

Table 18. Configuration Limits for Remote Integrated Service Engine

Feature

Cisco NX-OS 8.3(1)

Cisco NX-OS 8.0(1)

Cisco NX-OS 7.2 releases

Verified Limit (Cisco NX-OS 6.2 releases)

Number of Remote Integrated Service Engine (RISE) clients

32

32

32

N/A

Number of APBR ACEs per RISE client

2000

2000

2000

1100

Number of APBR ACEs per RISE client per device

4000

4000

4000

1100

Number of APBR ACEs per SVI

2000

2000

2000

1100

Number of SVIs supported with ABPR per NetScaler instance

250

250

250

20

Number of SVIs supported with ABPR

1000

1000

1000

40

No. of RHIs supported

1000

1000

1000

N/A

Configuration Limits for Security

Table 19. Configuration Limits for Security
Feature Parameter Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3(0)DX(1)) Verified Limit (Cisco NX-OS 7.3(0)D1(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
ACLs Number of ACL 4000 4000 4000 N/A N/A N/A N/A N/A N/A
Number of ACL per LC N/A8 N/A9 N/A10 N/A N/A N/A N/A N/A N/A
Number of ACEs 320,000 320,000 310,000 N/A N/A N/A N/A N/A N/A
Number of ACEs per LC 128,000 128,000 128,000 N/A N/A N/A N/A N/A N/A
Number of interfaces with ACL applied 20,000 20,000 20,000 N/A N/A N/A N/A N/A N/A
Number of ACL + total Number of ACEs + Number of interfaces 4K ACLs with 60 ACEs per each ACL and applied to 15 physical interfaces, 15 port-channels, and 1100 SVI's 4K ACLs with 60 ACEs per each ACL and applied to 15 physical interfaces, 15 port-channels, and 1100 SVI's 4K ACLs with 60 ACEs per each ACL and applied to 20 physical interfaces and 1100 SVI's. N/A N/A N/A N/A N/A N/A
Number of Non L4Ops ACL labelsin a M3 module 4000 N/A N/A N/A N/A N/A N/A N/A N/A
Number of L4Ops ACLs / IPv6 ACLsin a M3 module 2000 N/A N/A N/A N/A N/A N/A N/A N/A
Cisco TrustSec Number of IP-SGT mappings for M1/M2/M3 I/O module 200,000 200,000 200,000 200,000 200,000 50,000 Not tested Not tested Not tested
Number of IP-SGT mappings for F2/F2e I/O module 32,000 32,000 32,000 32,000 32,000 32,000 Not tested Not tested Not tested
Number of IP-SGT mappings for F3 I/O module 64,000 64,000 64,000 64,000 64,000 64,000 Not tested Not tested Not tested
Number of SXP connections 980 980 980 980 980 980 Not tested Not tested Not tested
Number of IP-SGT mappings learned using SXP 200,000 200,000 200,000 200,000 200,000 50,000 Not tested Not tested Not tested
Number of SGT Groups 3,000 SGT/DGT 3,000 SGT/DGT 3,000 SGT/DGT 3,000 SGT/DGT 3,000 SGT/DGT 3,000 SGT/DGT Not tested Not tested Not tested
DHCP Number of total bindings for DHCPv4 snooping 50,000 50,000 60,000 50,000 50,000 50,000 4000 Not tested Not tested
Number of VLANs for DHCP snooping 4000 4000 3968 4000 4000 4000 1000 Not tested Not tested
Number of total clients for DHCPv4 relay 50,000 50,000 50,000 50,000 50,000 50,000 4000 Not tested Not tested
Number of total clients for DHCPv6 relay 10,000 10,000 10,000 10,000 10,000 10,000 N/A N/A N/A
Number of DHCP relay agents 3960 3960 3968 3960 3960 3960 1000 Not tested Not tested
Number of DHCP helper addresses for SVI 16 16 16 16 16 16 16 Not tested Not tested
UDP Relay Maximum number of object groups that can be created 4096 4096 Not supported 4096 N/A N/A N/A N/A N/A
Number of object groups that an L3/SVI interface can be associated with 1 1 Not supported 1 N/A N/A N/A N/A N/A
Maximum number of UDP relay IP addresses that an interface can be associated with 300 300 Not supported 300 N/A N/A N/A N/A N/A
Maximum number of UDP ports supported 200 200 Not supported 200* N/A N/A N/A N/A N/A
8 Number of ACL is not limited to LC. LC has only TCAM limitation (128,000).
9 Number of ACL is not limited to LC. LC has only TCAM limitation (128,000).
10 Number of ACL is not limited to LC. LC has only TCAM limitation (128,000).

Note

* This number includes seven default ports.



Note

  • Maximum number of supported MACsec enabled ports for Nexus 7700 M3 48-Port 1G/10G module is 768.

  • Maximum number of supported MACsec enabled ports for Nexus 7700 M3 24-Port 40G module is 384.


Each DHCP scale value might vary when combined with other parameters. See this example of a scenario tested for Cisco NX-OS Release 7.2(0)D1(1)) for better guidance.

Table 20. Example of a scenario tested for DHCP scale
Parameter Verified Limit (Cisco NX-OS 8.3(1) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2)
Number of SVIs with IPv4 and IPv6 DHCP relay configured together 3960 3960 3960

Guidelines and Limitations for DHCP Configuration Limits

For Cisco NX-OS Release 6.2 and later releases, you must enable the insertion of Option 82 information for DHCP packets to support the highest DHCP snooping scale.

Configuration Limits for System Management

Table 21. Configuration Limits for System Management
Feature Parameter Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
IP SLA Maximum number of probes configured in SUP1/SUP2/SUP2E/SUP3 modules 500 / 500 / 1000/ 100011 500 / 500 / 100012 500 / 500 / 100013 500 / 500 / 1000 500 N/A N/A
SPAN and ERSPAN Number of active SPAN or ERSPAN source sessions 14 (Nexus 7000); 16 (Nexus 7700) 14 (Nexus 7000); 16 (Nexus 7700) 14 (Nexus 7000); 16 (Nexus 7700) 14 (Nexus 7000); 16 (Nexus 7700) 2 2 2
Number of configured (not active) SPAN sessions per VDC 48 48 48 48 48 48 48
Number of active ERSPAN destination sessions 23 (Nexus 7000); 16 (Nexus 7700) 23 (Nexus 7000); 16 (Nexus 7700) 23 (Nexus 7000); 16 (Nexus 7700) 23 (Nexus 7000); 16 (Nexus 7700) 23 23 23
Number of source interfaces per SPAN or ERSPAN session 128 128 128 128 128 128 128
Number of destination interfaces per SPAN or ERSPAN session 32 32 32 32 32 32 32
Number of source VLANs per SPAN or ERSPAN session 32 32 32 32 32 32 32
PTP/IEEE 1588 Number of clients in SUP1/SUP2/SUP2E/SUP3 modules 100 / 100 / 512 / 512 100 / 100 / 512 100 / 100 / 512 100 / 100 / 512 100 / 100 / 512 Not tested Not tested
NetFlow Number of pps for sampled Netflow (M3/F3) 50K pps 50K pps Not tested Not tested Not tested Not tested Not tested
The expose netflow sampling rate of 1:128K on (M3/F3) 1:128K 1:128K Not tested Not tested Not tested Not tested Not tested
11 The highest scale was verified with UDP jitter and ICMP probes.
12 The highest scale was verified with UDP jitter and ICMP probes.
13 The highest scale was verified with UDP jitter and ICMP probes.

Guidelines and Limitations for IP SLA Configuration Limits

  • To achieve the highest IP SLA probe scale, you might need to add a specific CoPP configuration to allow the IP SLA generated packets to pass through. Otherwise, probes might experience timeouts. See the Cisco Nexus 7000 Series NX-OS IP SLAs Configuration Guide for more details.

  • Even if CoPP is not dropping any IP SLA traffic, round-trip times (RTTs) might vary, so it is important to test locally and set the proper timeout value for IP SLA probes. Generally, Cisco does not recommend setting the IP SLA probe timeout below 1 second.

  • Cisco recommends using Supervisor 2e/Supervisor 3 to achieve the highest scale and the lowest RTT for IP SLA probes.

Guidelines and Limitations for SPAN Configuration Limits

The number of SPAN sessions refers to unidirectional sessions. On the Cisco Nexus 7000 Series switch, two SPAN extended sessions can be combined to create a bidirectional session, and a SPAN standard session can behave either as unidirectional or bidirectional. The Cisco Nexus 7700 switch does not have standard and extended sessions. All SPAN sessions are unidirectional, and any two can be combined to create a bidirectional session. See the Cisco Nexus 7000 Series NX-OS System Management Configuration Guide for more information.

Configuration Limits for Unicast Routing

Table 22. Configuration Limits for Unicast Routing
Feature Parameter Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.2(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.2) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
ARP/ND Number of entries in ARP table

128,000

128,000

128,000

128,000 128,000 128,000 128,000 128,000
Number of ARP packets per second 300014

1500

1500

1500 1500 1500 Not tested Not tested
Number of ARP glean packets for second 2500

1500

1500

1500 1500 1500 Not tested Not tested
Number of IPv6 ND packets per second

1500

1500

1500

1500 1500 1500 Not tested Not tested
Number of IPv6 glean packets per second

1500

1500

1500

1500 1500 1500 Not tested Not tested
OSPFv2 Number of neighbors / total LSAs15

1000/100,000

1000/100,000

1000/100,000

1000 / 100,000 1000 / 100,000 300 / 15,000 300 / 15,000 300 / 15,000
Number of neighbors / total LSAs with aggressive timers (1s/4s)

250/50,000

250/50,000

250/50,000

250 / 50,000 250 / 50,000 16 / 6000 16 / 6000 16 / 6000
Number of passive interfaces

3780

3780

3780

3780 3780 500 500 500
Number of process instances per VDC

16

16

16

16 16 16 4 4
Number of process instances

16

16

16

16 16 16 16 16
Number of equal cost paths

32

32

32

32 32 16 16 16
OSPFv3 Number of neighbors / total LSAs

300 / 50,000

300 / 50,000

300 / 50,000

300 / 50,000 300 / 50,000 300 / 15,000 300 / 15,000 300 / 15,000
Number of passive interfaces

1280

1280

1280

1280 1280 300 300 300
Number of process instances per VDC

16

16

16

16 16 16 4 4
Number of process instances

16

16

16

16 16 16 16 16
Number of equal cost paths

32

32

32

32 32 16 16 16
IS-IS Number of neighbors

1000

1000

1000

300 300 300 300 300
Number of neighbors with aggressive timers (1s/3s)

250

250

250

250 250 Not tested Not tested Not tested
Number of passive interfaces

4000

4000

4000

600 600 Not tested Not tested Not tested
Number of routes

64,000

64,000

64,000

30,000 30,000 Not tested Not tested Not tested
Number of process instances per VDC

16

16

16

16 16 4 4 4
Number of process instances

16

16

16

16 16 16 16 16
Number of equal cost paths

32

32

32

32 32 16 16 16
EIGRP Number of neighbors with default timers

200

200

200

2000

500

2000 in 6.2(6) and later releases

300 50 50
Number of neighbors with aggressive timers (1s/3s)

100

100

100

250 250 Not tested Not tested Not tested
Number of passive interfaces with default timers

4000

4000

4000

3960 3960 Not tested Not tested Not tested
Number of passive interfaces with aggressive timers 1000 1000 1000 N/A N/A