Cisco Nexus 7000 Series NX-OS Verified Scalability Guide

This document describes the Cisco NX-OS configuration limits for the Cisco Nexus 7000 Series switches.

The documentation set for this product strives to use bias-free language. For purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on standards documentation, or language that is used by a referenced third-party product.

New and Changed Information

Your software release might not support all the features in this document. For the latest caveats and feature information, see the Bug Search Tool at https://tools.cisco.com/bugsearch/ and the release notes for your software release.

Table 1. New and Changed Verified Scalability Values
Date Description Changed in Release

March 11, 2020

Added verified scalability values for Cisco NX-OS 8.4(2) release in all the sections.

Cisco NX-OS 8.4(2)

July 5, 2019

Added verified scalability values for Cisco NX-OS 8.4(1) release in all the sections.

Cisco NX-OS 8.4(1)

July 2, 2018

Added verified scalability values for Cisco NX-OS 8.3(1) release in all the sections.

Cisco NX-OS 8.3(1)

January 30, 2018

Added the verified scalability value for the OSPF LSA in the Configuration Limits for Uniocast Routing section.

Cisco NX-OS 8.1(2)

September 27, 2017

Added verified scalability values per Cisco NX-OS 8.2(1) release to the following sections — Configuration Limits for OTV and Configuration Limits for VXLAN.

Cisco NX-OS 8.2(1)

May 3, 2017

  • Added value for the number of VLANs per Fabric Extender server interface on M3 modules in the "Configuration Limits for Connecting Cisco Nexus 2000 Series Fabric Extenders to Cisco Nexus 7000 Series Switches" section.

  • Added value for the maximum number of multi-hop BFD sessions supported in the "Configuration Limits for Interfaces" section.

Cisco NX-OS 8.1(1)

December 21, 2016

Added verified scalability values per Cisco NX-OS 8.0(1) release to the following sections — Configuration Limits for Unicast Routing, Configuring Limits for MPLS, Configuration Limits for Remote Integrated Service Engine, Configuration Limits for Interfaces, Configuration Limits for FCoE, Configuration Limits for Connecting Cisco Nexus 2000 Series Fabric Extenders to Cisco Nexus 7000 Series Switches, Configuration Limits for Intelligent Traffic Director, Configuration Limits for LISP, Configuration Limits for Multicast Routing, Configuration Limits for OTV, Configuration Limits for System Management, Configuration Limits for Security, and Configuration Limits for VXLAN.

Cisco NX-OS 8.0(1)

September 11, 2016

Added values for ITD scale limits per Cisco NX-OS 7.3(1)D1(1) release to the "Configuration Limits for Intelligent Traffic Director" section.

Cisco NX-OS 7.3(1)D1(1)

May 10, 2016

Added verified scalability values per Cisco NX-OS 7.3(0)DX(1) release to the "Configuration Limits for Interfaces", "Guidelines and Limitations for vPC Configuration Limits", "Guidelines and Limitations for vPC+ Configuration Limits", "Configuration Limits for OTV", "Configuration Limits for Multicast Routing", "Configuration Limits for Security", and "Configuration Limits for VXLAN" sections.

Cisco NX-OS 7.3(0)DX(1)

February , 2016

  • Added verified scalability values per Cisco NX-OS 7.3(0)D1(1) release to the "Configuration Limits for FCoE" section.

  • Added values for ITD scale limits per Cisco NX-OS 7.3(0)D1(1) release to the "Configuration Limits for Intelligent Traffic Director" section.

Cisco NX-OS 7.3(0)D1(1)

October 15, 2015

Added values for ITD scale limits per Cisco NX-OS 7.2(1)D1(1) release to the "Configuration Limits for Intelligent Traffic Director" section.

Cisco NX-OS 7.2(1)D1(1)

June 26, 2015

Updated the values for Cisco TrustSec Number of IP- IP-SGT mappings in the "Configuration Limits for Security".

Cisco NX-OS 7.2(0)D1(1)

June 19, 2015

Added verified scalability values per Cisco NX-OS 7.2(0)D1(1) release to the "Configuration Limits for FCoE" section.

Cisco NX-OS 7.2(0)D1(1)

February 3, 2015

Added Configuration Limits for PVLAN.

6.2(12)

November 08, 2014

Updated the values for Remote Integrated Service Engine (RISE).

6.2(10)

October 17, 2014

Updated the values for ITD services per VDC and virtual IPs per ITD service in the "Configuration Limits for Intelligent Traffic Director" table.

6.2(10)

April 25, 2014

  • Added new section for Remote Integrated Service Engine (RISE) values.

  • Added new section for Intelligent Traffic Director (ITD) values.

  • Updated number of class maps per policy value in "Configuration Limits for QoS."

  • Updated the "Guidelines and Limitations for vPC Configuration Limits" table.

6.2(8)

February 24, 2014

  • Added values for private VLANs to the table in the "Configuration Limits for Layer 2 Switching" section.

  • Added values for the number of secondary IP addresses used for OTV traffic depolarization to the table in the "Configuration Limits for OTV" section.

  • Added values for the number of physical port vPCs on front panel ports used for FCoE to the table in the "Configuration Limits for Interfaces" section.

6.2(6)

January 8, 2014

Added a new parameter to the table in the "Guidelines and Limitations for EIGRP Configuration Limits" section.

6.2

January 7, 2014

Removed the outdated values for "Number of neighbors + passive interfaces + routes" in the "Guidelines and Limitations for EIGRP Configuration Limits" section.

6.2

January 6, 2014

  • Updated the EIGRP verified scalability numbers in Table 14 (Configuration Limits for Unicast Routing) for Cisco NX-OS Release 6.2(6).

  • Updated the configuration limits for Cisco NX-OS Release 6.2(6) in the "Guidelines and Limitations for EIGRP Configuration Limits" section.

6.2(6)

November 2013

  • Added the specified I/O modules to introductory paragraphs for vPC+ and vPC guidelines and limitations in Cisco NX-OS 6.2 releases.

  • Updated and added the information for validated VPC scalability in Cisco NX-OS 6.2 releases.

6.2

August 2013

Updated the verified scalability values.

6.2(2)

October 2012

Updated the verified scalability values.

6.1(2)

August 2012

Updated the verified scalability values.

6.1

November 2011

Initial version of the guide with information for shipping releases.

Licensing Requirements

For a complete explanation of Cisco NX-OS licensing recommendations and how to obtain and apply licenses, see the Cisco NX-OS Licensing Guide.

Introduction

The scalability of Cisco Nexus 7000 Series switches has been verified for the following features:
  • Cisco Nexus 2000 Series Fabric Extender connectivity to Cisco Nexus 7000 Series switches

  • FabricPath

  • Fibre Channel over Ethernet (FCoE)

  • Interfaces

  • Layer 2 switching

  • Locator/ID Separation Protocol (LISP)

  • Multiprotocol Label Switching (MPLS)

  • Multicast routing

  • Overlay Transport Virtualization (OTV)

  • Quality of Service (QoS)

  • Security

  • System management

  • Unicast routing

  • Virtual device context (VDC)

  • Private VLAN (PVLAN)

  • Remote Integrated Service Engine (RISE)

  • Virtual Extensible LAN (VXLAN)

To make the best use of this document, please take note of the following:

  • All numbers are per system unless noted otherwise. For example, a listed number of FCoE fabric logins can be in a single VDC or be a sum of fabric logins across all VDCs in the system. Any changes in the number of supported VDCs do not automatically imply changes in the supported scale for other features.

  • If the latest release has an updated value for a parameter but the previous release does not, specific information for the previous release is not available.

  • If a release is not listed in a specific column in the configuration limits support table, consider the scale numbers listed for the previous release.

  • The values provided in this guide are uni-dimensional. They focus on the scalability of one particular feature at a time. Results might differ from the values listed here when trying to achieve maximum scalability with multiple features enabled.

  • The values provided in this guide should not be interpreted as theoretical system limits for Cisco Nexus 7000 Series and Cisco Nexus 7700 Series hardware or Cisco NX-OS software. These limits refer to values that have been validated by Cisco. They can increase over time as more testing and validation is done.

  • Cisco NX-OS Release 6.1 introduced support for Cisco Nexus 7000 Supervisor 2 and Supervisor 2e. Supervisor 2e is designed to provide the highest software scalability. If a higher uni-dimensional scale is verified on Supervisor 2e, the scale values for each supervisor will be listed using the following notation: Supervisor 1 value/Supervisor 2 value/Supervisor 2e value. If Supervisor 2e is not verified to provide a higher uni-dimensional scale for a particular feature parameter, a single scalability value will be listed for all supervisors.

    Note


    Supervisor 2e is strongly recommended in multi-dimensional scalability scenarios, particularly when multiple VDCs are used and the Cisco NX-OS version deployed is 6.2 or above. From Cisco NX-OS Release 8.3(1) onwards either Supervisor 2e/Supervisor 3 is recommended for the above scenario.


  • Cisco NX-OS Release 6.2 introduced support for Cisco Nexus 7700 switches. Supervisor 2e running on Cisco Nexus 7700 switches provides the same software scalability as Supervisor 2e running on Cisco Nexus 7000 switches.

  • Cisco NX-OS Release 7.2(1)D1(1) introduced support for scale limit monitoring on Cisco Nexus 7000 Supervisor 2 and Supervisor 2E and on Cisco Nexus 7700 switches. The Scale Limit Monitoring feature enables you to monitor the scale limit both at the system level and the VDC level. This feature monitors the scale limits for various features across different VDCs on the device and alerts you if the system crosses the permissible scale limit.

Configuration Limits for Connecting Cisco Nexus 2000 Series Fabric Extenders to Cisco Nexus 7000 Series Switches

Table 2. Configuration Limits for Connecting Cisco Nexus 2000 Series Fabric Extenders to Cisco Nexus 7000 Series Switches
Parameter Verified Limit (Cisco NX-OS 8.4(2)) Verified Limit (Cisco NX-OS 8.4(1)) Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.1(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3.x) Verified Limit (Cisco NX-OS 7.2.x) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
Number of Fabric Extenders with total number of Fabric Extender server interfaces on Supervisor 1 or 2 module 32 with 1536 32 with 1536 32 with 1536 32 with 1536 32 with 1536 32 with 1536 32 with 1536 32 with 1536 32 with 1536 32 32
Number of Fabric Extenders with total number of Fabric Extender server interfaces on Supervisor 2e or Supervisor 3 module 64 with 3072 64 with 3072 64 with 3072 64 with 3072 64 with 3072 64 with 3072 64 with 3072 64 with 3072 48 with 2048 N/A N/A
Number of VLAN IDs per Fabric Extender 2000 2000 2000 2000 2000 2000 2000 2000 2000 2000 2000
Number of VLANs per Fabric Extender server interface 75 75 75 75 75 75 75 75 50 50 50
Number of VLANs per Fabric Extender server interface (with M3 as the parent module) 300 300 300 300 N/A N/A N/A N/A N/A N/A N/A
Number of subinterfaces per Fabric Extender server interface 63 63 63 63 63 63 63 63 63 63 63
Number of Fabric Extenders in Active-Active mode 32 32 32 32 32 32 16 N/A N/A N/A N/A
Number of FEX server ports for Sup2 / Sup2E / Sup3 1536 / 3072 / 3072 1536 / 3072 / 3072 1536 / 3072 / 3072 1536 / 3072 1536 / 3072 N/A N/A N/A N/A N/A N/A

Note


  • To achieve the highest VLAN per Fabric Extender (FEX) port scale, Cisco recommends connecting FEX uplinks to one switch on chip (SoC) on F2/F2e or F3 series modules instead of spreading them across different SoCs.

  • In Cisco NX-OS 7.3(0)D1(1) release, the number of Fabric Extenders in Active-Active mode is 32.

  • In Cisco NX-OS 8.3(1) release, FEX does not support F4 series modules.


Configuration Limits for FabricPath

Table 3. Configuration Limits for FabricPath
Feature Verified Limit (Cisco NX-OS 8.4(2)) Verified Limit (Cisco NX-OS 8.4(1)) Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3.x) Verified Limit (Cisco NX-OS 7.2.x) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
Number of VLANs per switch

4000

4000

4000

4000

4000 4000 4000

2000 (Cisco NX-OS Release 6.1.1)

4000 (Cisco NX-OS Release 6.1.2)

2000 2000
Number of core ports per switch in SUP1/SUP2/SUP2E/SUP3 modules

512 / 512 / 768/768

512 / 512 / 768/768

512 / 512 / 768/768

512 / 512 / 768

512 / 512 / 768 512 / 512 / 768 256 / 256 / 768 256 256 256
Number of edge ports per switch

384

384

384

384

384 384 384 256 256 256
Number of topologies

8

8

8

8

8 8 8 1 1 1
Number of trees per topology

2

2

2

2

2 2 2 2 2 2
Number of multicast groups per switch

10,000

10,000

10,000

10,000

10,000 10,000 10,000 10,000 10,000 10,000
Number of FabricPath IS-IS adjacencies in SUP1/SUP2/SUP2E/SUP3 modules

512 / 512 / 768 / 768

512 / 512 / 768 / 768

512 / 512 / 768 / 768

512 / 512 / 768

256 / 256 / 768 256 / 256 / 768 256 / 256 / 768 256 256 256
Number of switch IDs in SUP1/SUP2/SUP2E/SUP3 modules

512 / 512 / 768 / 768

512 / 512 / 768 / 768

512 / 512 / 768 / 768

512 / 512 / 768

256 / 256 / 768 256 / 256 / 768 256 / 256 / 768

128 (Cisco NX-OS Release 6.1.1)

256 (Cisco NX-OS Release 6.1.2)

128 64

Note


The number of vPC+ links is 768/4k.



Note


To achieve the maximum number of topologies, Cisco recommends enabling the no port-channel limit command. Enabling this command will cause a brief disruption to traffic.


Configuration Limits for FCoE

Table 4. Configuration Limits for FCoE
Parameter Verified Limit (Cisco NX-OS 8.4(2)) Verified Limit (Cisco NX-OS 8.4(1)) Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3.x) Verified Limit (Cisco NX-OS 7.2.x) Verified Limit (Cisco NX-OS 6.2)
Number of fabric logins per switch

4000

4000

4000

4000

4000

2500 2500
Number of fabric logins per line card

1000

1000

1000

1000

1000

1000 500
Number of fabric logins per port/chassis

256

256

256

256

256

256 256
Number of fabric logins per fabric

20000

20000

20000

20000

20000

10000 N/A
Number of FCoE hops

7

7

7

7

7

7 7
Number of vFC interfaces

384

384

384

384

768

512 396
Number of vFC port channels

128

128

128

128

127

127

128

Number of zone members per fabric

32000

32000

32000

32000

32000

16000 16000
Number of zones per fabric

16000

16000

16000

16000

16000

8000 8000
Number of zones per switch

16000

16000

16000

16000

16000

8000 N/A
Number of zone sets per switch

1000

1000

1000

1000

1000

500 500
Number of VSANs per fabric

80

80

80

80

80

80 80

FCoE over long distance for 10G F2/F2e and F3 cards (in kilometers)

80

80

80

80

80

80

N/A

FCoE over long distance for 40G F3 cards (in kilometers)

40

40

40

40

40

40

N/A

Device alias entries

12000

12000

12000

12000

20000

N/A

N/A

IVR zones

1000

1000

1000

1000

1000

N/A

N/A

IVR zone members

2000

2000

2000

2000

2000

N/A

N/A

IVR zonesets

32

32

32

32

32

N/A

N/A

IVR

16

16

16

16

16

N/A

N/A

Number of physical port virtual Private Channels (vPCs) supporting FCoE over FEX

256

256

256

256

256

256 N/A
Maximum number of fabric extenders supporting FCoE over FEX

24

24

24

24

24

Note

 

This value has been verified with a mix of Cisco Nexus 2232P and 2348UPQ FEX types.

24 N/A
Number of ports (includes both Dedicated and Shared ports) allocated to a storage VDC

768

768

768

768

768

512 N/A
Number of physical port vPC and vPC+ links

Note

 

The ports can be front panel ports or FEX ports.

40(384)**

40(384)**

40(384)**

40(384)**

40(384)**

40(256)* N/A

* The number of tested physical port vPC and vPC+ links is 40. You can configure a maximum of 256 physical port vPC and vPC+ links.

** The number of tested physical port vPC and vPC+ links is 40. You can configure a maximum of 384 physical port vPC and vPC+ links.


Note


The following FCoE parameters are validated in Cisco NX-OS Release 8.0(1):

- The number of domains is 80.

The numbers above are verified and supported on Cisco Nexus 7700 switches with Supervisor 2e and Supervisor 3 module from Cisco NX-OS Release 8.3(1) onwards.

FCoE does not support F4 series modules in Cisco NX-OS Release 8.3(1).


Configuration Limits for Intelligent Traffic Director

Feature Verified Limit (Cisco NX-OS 8.4(2)) Verified Limit (Cisco NX-OS 8.4(1)) Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3(1)D1(1)) Verified Limit (Cisco NX-OS 7.3(0)D1(1)) Verified Limit (Cisco NX-OS 7.2(1)D1(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS Release 6.2) 1

Number of nodes per ITD device group

128

128

128

128

128

32

31

256

256

Number of ITD services per VDC

128

128

128

128

128

128

128

32

8 (Cisco NX-OS Release 6.2.8)

32 (Cisco NX-OS Release 6.2.10)

Number of ITD services per Nexus 7000 Series switch.

128 x maximum number of VDCs

128 x maximum number of VDCs

128 x maximum number of VDCs

128 x maximum number of VDCs

128 x maximum number of VDCs

128 x maximum number of VDCs

128 x maximum number of VDCs

32 x maximum number of VDCs

8 x maximum number of VDCs (Cisco NX-OS Release 6.2.8)

32 x maximum number of VDCs (Cisco NX-OS Release 6.210)

Number of ingress interfaces per ITD service

511

511

511

511

512

512

512

512

512

Number of virtual IP addresses per ITD service

128

128

128

128

255

255

255

16

8 (Cisco NX-OS Release 6.2.8)

16 (Cisco NX-OS Release 6.2.10)

Number of device-groups per VDC

128

128

128

128

128

128

--

--

--

Number of device-groups per ITD service

128

128

128

128

128

Each virtual IP address can have its own unique device-group.

128

Each virtual IP address can have its own unique device-group.

1

1

1

Number of buckets per ITD service

1000

1000

1000

1000

2000 *

2000 *

2000 *

--

--

Number of probes per ITD service

500

500

500

500

500

500

500

500

500

Number of probes per VDC

500

500

500

500

500

500

500

500

500

Number of probes per Nexus 7000 Series switch.

500 x maximum number of VDCs

500 x maximum number of VDCs

500 x maximum number of VDCs

500 x maximum number of VDCs

500 x maximum number of VDCs

500 x maximum number of VDCs

500 x maximum number of VDCs

500 x maximum number of VDCs

500 x maximum number of VDCs

1 All scale values for Cisco NX-OS 6.2 releases are from Cisco NX-OS Release 6.2(8) onwards.

* By default the number of buckets used is the product of total virtual IPs and total nodes associated to a ITD policy.

Configuration Limits for Interfaces

Table 5. Configuration Limits for Interfaces
Feature Parameter Verified Limit (Cisco NX-OS 8.4(2)) Verified Limit (Cisco NX-OS 8.4(1)) Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.1(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3(0)DX(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)

Port channels

Number of port channels

744

744

744

744

744

744

744

744

528

528

528

Virtual port channels (vPCs)

Number of vPCs (total)

744

744

744

744

744

744

744

744

528

528

528

Number of vPCs (FEX)

744

744

744

744

744

744

744

744

528

528

528

Number of vPC+s (total)

3842

3843

3844

384 2

3842

3842

3842

3842

244

244

244

Number of physical port vPCs on front panel ports used for FCoE

30

30

30

30

30

30

30

30 from Cisco NX-OS Release 6.2(6)

N/A

N/A

N/A

vPC orphan-port suspend config

800

800

800

800

800

800

800

800

N/A

N/A

N/A

BFD Number of sessions per I/O module with subinterface optimize

1000

1000

1000

1000

1000

1000

1000 1000 N/A N/A N/A
Number of sessions per I/O module with 300 msec x 3 interval

1000

1000

1000

1000

1000

1000

500 500 N/A N/A N/A
Number of sessions per I/O module with 50 msec x 3 interval

250

250

250

250

250

250

250 250 200 200 200
Number of sessions per I/O module with 15 msec x3 interval (F3/F4/M3)

250

250

250

250

250

250

N/A

N/A

N/A

N/A

N/A

Maximum number of BFD multi-hop sessions 1005 1006 1007 1008

N/A

N/A

N/A

N/A

N/A

N/A

N/A

Number of BFD sessions per system

2000

2000

2000

2000

2000

2000

2000 2000 1000 1000 1000
Generic routing encapsulation (GRE) Number of GRE tunnels

1500

1500

1500

1500

1500

1500

1500 1500 1500 1500 1500
Sub-Interfaces Number of sub-interfaces (total)

4000

4000

4000

4000

4000

4000

4000 4000 NA NA NA
Number of sub-interfaces (total) per Port

1500

1500

1500

1500

1500

1500

1500 1500 NA NA NA
2 To achieve more than 244 VPC+s, you must enable the no port-channel limit command. Enabling this command will cause a brief disruption to traffic. This applies to F2, F3, and M3 modules.
3 To achieve more than 244 VPC+s, you must enable the no port-channel limit command. Enabling this command will cause a brief disruption to traffic. This applies to F2, F3, and M3 modules.
4 To achieve more than 244 VPC+s, you must enable the no port-channel limit command. Enabling this command will cause a brief disruption to traffic. This applies to F2, F3, and M3 modules.
5 The maximum number of BFD multi-hop sessions supported is 100 if the sum of single-hop and multi-hop sessions on the system is not greater than 1000. Which means, if there are already 950 BFD single-hop sessions, then only 50 BFD multi-hop sessions are supported.
6 The maximum number of BFD multi-hop sessions supported is 100 if the sum of single-hop and multi-hop sessions on the system is not greater than 1000. Which means, if there are already 950 BFD single-hop sessions, then only 50 BFD multi-hop sessions are supported.
7 The maximum number of BFD multi-hop sessions supported is 100 if the sum of single-hop and multi-hop sessions on the system is not greater than 1000. Which means, if there are already 950 BFD single-hop sessions, then only 50 BFD multi-hop sessions are supported.
8 The maximum number of BFD multi-hop sessions supported is 100 if the sum of single-hop and multi-hop sessions on the system is not greater than 1000. Which means, if there are already 950 BFD single-hop sessions, then only 50 BFD multi-hop sessions are supported.

Note


  • For peers over Layer 3 link or Layer 3 port channel with per-link mode, the recommended minimum interval is 50 msec and the multiplier value is 3.

  • For peers over Layer 2 port channel and Layer 3 port channel without per-link mode, the recommended minimum interval is 250 msec and the multiplier value is 3.


Guidelines and Limitations for vPC Configuration Limits

The following vPC values are validated in Cisco NX-OS Release 8.0(1).

Number of vPCs / VLANs - Sup2e 768/4k

Number of physical port vPCs on front panel ports (LAN) - 768

Number of physical port vPCs on FEX (LAN) - 1500

Number of physical port vPC+ on front panel ports - 384

Number of multicast groups - 24k


Note


Refer to Table-6 for individual module scale numbers.


The vPC configuration limits such as the number of vPC+ and VLANs in a vPC+ domain depend on many different parameters. The following templates are validated in the Cisco NX-OS 7.3(0)DX(1)) release with different I/O modules where applicable and should be used as a guide in planning your deployment. The Profile D column in the following table is applicable to Cisco NX-OS Release 6.2(x) only.

Table 6. Guidelines and Limitations for vPC Configuration Limits
Feature Profile A (RSTP) Profile B Profile C Profile C Profile D*
vPC 75 70 744 190 75
VDC 4 4 1 1 1
VLANs 500 4000 4000 4000 500
VLAN trunked per vPC 30 4000 400 1500 30
SVI 300 4000 4000 4000 500
RPVST+ logical ports 16,000 N/A -- MST used N/A -- MST used N/A -- MST used 6,500
STP virtual ports 150,000 300,000 300,000 300,000 90,000
HSRP groups 300 4000 4000 4000 500
Supervisor 2e 2e 2e 2e 1
Modules M3//F3 M3//F3 F2e/F3 M3 M2/F2e/F3

Note


  • For the highest vPC scalability, Cisco recommends deploying MST and Supervisor 2e/Supervisor3. For scenarios with 4000 VLANs and SVIs and HSRP, Cisco recommends using the M2 Series modules.
  • * Supervisor 1 modules are supported only in Cisco NX-OS Release 6.2(x) and earlier.

Table 7. Guidelines and Limitations for Hif-vPC Configuration Limits
Feature Profile A
Hif-vPC 750
Physical Port Hif- vPC 1500
VDC 1
VLANs 2000
VLAN truncked per vPC 1
SVI 4000
RPVST+ logical ports RSTP
Supervisor 2e
Modules F2e/F3

Guidelines and Limitations for vPC+ Configuration Limits

The vPC+ configuration limits such as the number of vPC+ and VLANs in a vPC+ domain depend on many different parameters. The following templates are validated in the Cisco NX-OS 7.3(0)DX(1)) release with F2e, F3 I/O modules and should be used as a guide in planning your deployment.

Table 8. Guidelines and Limitations for vPC+ Configuration Limits
Feature Profile A* Profile B
vPC+ 384 35
VDC 2 1
VLANs per VDC 2000 4000
VLAN / vPC 750 4000
HSRP groups 384 4000
Supervisor 2e 2e
Modules F2e/F3 F2e/F3

Note


* To achieve more than 244 VPC+s, you must enable the no port-channel limit command. Enabling this command will cause a brief disruption to traffic.


Table 9. Guidelines and Limitations for Hif-vPC+ Configuration Limits
Feature Profile A
Hif-vPC+ 384
Physical Port Hif- vPC+ 384
VDC 2
VLANs per VDC 2000
VLAN / vPC 1
HSRP groups 384
Supervisor 2e
Modules F2e/F3

Guidelines and Limitations for BFD Configuration Limits

  • Beginning with Cisco NX-OS Release 6.2, the number of sessions can be all IPv4, all IPv6, or a mix of both.

  • For the highest per-module scale, Cisco recommends using the M2, M3, F2, F2e, or F3 Series modules.

  • For the highest per-system scale, Cisco recommends using Supervisor 2e/Supervisor 3 module.

Configuration Limits for Layer 2 Switching

Table 10. Configuration Limits for Layer 2 Switching
Feature Parameter Cisco NX-OS 8.4(2) onwards Cisco NX-OS 8.4(1) Cisco NX-OS 8.3(1) Cisco NX-OS 8.0(1) Cisco NX-OS 7.3.x Cisco NX-OS 7.2(0)D1(1) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
Layer 2 infrastructure Number of Layer 2 table entries on M Series I/O modules 128,000 128,000 128,000 128,000 128,000 128,000 128,000 128,000 128,000 128,000
Number of Layer 2 table entries on F1 Series I/O modules 16,000 to 256,000 16,000 to 256,000 16,000 to 256,000 16,000 to 256,000 16,000 to 256,000 16,000 to 256,000 16,000 to 256,000 16,000 to 256,000 16,000 to 256,000 16,000 to 256,000
Number of Layer 2 table entries on F2 or F2e Series I/O modules 16,000 to 192,000 16,000 to 192,000 16,000 to 192,000 16,000 to 192,000 16,000 to 192,000 16,000 to 192,000 16,000 to 192,000 16,000 to 192,000 16,000 to 192,000 N/A
Number of Layer 2 table entries on F3/F4 Series I/O modules 64,000 64,000 64,000 64,000 64,000 64,000 64,000 N/A N/A N/A
Number of MAC addresses on an M3 module 384,000 384,000 384,000 384,000 N/A N/A N/A N/A N/A N/A
Number of MAC addresses on an F4 module 384,000 384,000 384,000 N/A N/A N/A N/A N/A N/A N/A
Number of MAC addresses per VDC on an F4 module 192,000 192,000 192,000 N/A N/A N/A N/A N/A N/A N/A
Number of MAC addresses per VDC on an M3 module 192,000 192,000 192,000 192,000 N/A N/A N/A N/A N/A N/A
Number of MAC addresses on M1-XL or M2-XL modules 128,000 128,000 128,000 128,000 N/A N/A N/A N/A N/A N/A
Number of MAC addresses per VDC on M1-XL or M2-XL modules 128,000 128,000 128,000 128,000 N/A N/A N/A N/A N/A N/A
Spanning Tree Protocol Number of Multiple Spanning Tree (MST) instances per VDC 64 64 64 64 64 64 64 64 64 64
Number of MST virtual ports on SUP1/SUP2/SUP2E/SUP3 NA* / 90,000 / 300,000/ 300,000 NA* / 90,000 / 300,000/ 300,000 NA */ 90,000 / 300,000/ 300,000 90,000 / 90,000 / 300,000 90,000 / 90,000 / 300,000 90,000 / 90,000 / 300,000 90,000 / 90,000 / 150,000 90,000 90,000 90,000
Number of MST VLAN Ports 76,800 76,800 76,800 76,800 NA NA NA NA

NA

NA

Number of Rapid per-VLAN Spanning Tree Virtual Ports 300,000 300,000 300,000 300,000 N/A N/A N/A N/A N/A N/A
Number of Rapid per-VLAN Spanning Tree+ (RPVST+) logical ports per switch 16,000 16,000 16,000 16,000 16,000 16,000 16,000 16,000 16,000 16,000
VLAN Translation Number of VLAN translations per interface in M3/F3/F2E/F4 modules 2000 2000 2000 2000 2000 2000 2000 N/A N/A N/A

*From Cisco NX-OS Release 8.3(1), SUP1 is End of Life (EOL).


Note


The F2, F2e, F3, anx F4 modules synchronize the MAC address tables for a VLAN across all Switch on Chips (SoCs) present in a virtual device context (VDC) when a switch virtual interface (SVI) for the VLAN is configured. Synchronizing the MAC address tables can reduce the number of MAC addresses supported in a VDC to the number of MAC addresses supported in one Switch on Chip, which is16,000 for F2/F2e I/O module and 64,000 for F3/F4 I/O module.

Note


For more information about Spanning Tree Protocol , refer to sections Rapid PVST+ Scale Considerations and MST VLAN Scale Considerations in Cisco Nexus 7000 Series NX-OS Layer 2 Switching Configuration Guide.


Configuration Limits for LISP

Table 11. Configuration Limits for Map Server and Ingress Tunnel Routers (ITRs) and Egress Tunnel Routers (ETRs)
Feature Parameter Verified Limit (Cisco NX-OS 8.4(2)) Verified Limit (Cisco NX-OS 8.4(1)) Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3.x) Verified Limit (Cisco NX-OS 7.2.x) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
Map server Number of mapping entries registered on a map server 10,000 10,000 10,000 10,000 10,000 10,000 10,000 10,000 10,000 1000
Number of RLOCs per EID mapping entry 8k 8k 8k 8k 8k 8k 8k 8k 8k 8k
ITR/ETR Number of dynamic EID mapping entries registered to a map server 7000 7000 7000 7000 7000 7000 250 250 250 250
Number of EIDs with static mapping entries registered to a map server (per address family and per VRF) 4 4 4 4 4 4 4 4 4 4
Number of VRFs 300 300 300 300 300 300 300 300 300 300
Multi-Tenancy Number of instances on a map server 256 256 256 256 256 256 256 N/A N/A N/A
Number of instances on xTR and PxTR 256 256 256 256 256 256 256 N/A N/A N/A
PxTR Number of EID prefixes on PxTR map cache 150,000 150,000 32,000 10,000 10,000 10,000 10,000 N/A N/A N/A
xTR Number of EID prefixes on xTR map cache 150,000 150,000 32,000 10,000 10,000 10,000 10,000 N/A N/A N/A

Configuration Limits for MPLS

Table 12. Configuration Limits for MPLS
Feature Parameter Verified Limit (Cisco NX-OS 8.4(2)) Verified Limit (Cisco NX-OS 8.4(1)) Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3(0)DX(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
LDP and infrastructure Maximum label depth for forwarding 4 4 4 4 4 4 4 4 4 4
Number of LDP sessions 200 200 200 200 200 200 200 200 200 200
Traffic engineering Number of MPLS TE head-end tunnels 5000 5000 5000 5000 5000 5000 5000 4000 4000 4000
Number of MPLS TE mid-point LSPs (transit) 12,0009 12,00010 12,00011 12,00012 12,000 12,000 12,000 12,000 12,000 12,000
Supported load balancing over LSPs 16 16 16 16 N/A N/A N/A N/A N/A N/A
Number of MPLS TE head-end tunnels 5K system / 2.5k VDC 5K system / 2.5k VDC 5K system / 2.5k VDC 5K system / 2.5k VDC N/A N/A N/A N/A N/A N/A
The supported RSVP TE LSP setup rate (LSPs/sec) 200 200 200 200 N/A N/A N/A N/A N/A N/A
Layer 2 VPN (L2VPN) Number of pseudo-wires for VPLS 2000 2000 2000 2000 2000 2000 2000 N/A N/A N/A
Number of pseudo-wires for EoMPLS 4000 4000 4000 4000 4000 4000 4000 N/A N/A N/A
Number of VPLS virtual forwarding instances (VFIs) 3000 3000 3000 3000 1000 1000 1000 N/A N/A N/A
Number of VPLS bridge domains 1000 1000 1000 1000 1000 1000 1000 N/A N/A N/A
Number of VPLS sites 16 single-homed

8 dual-homed

16 single-homed

8 dual-homed

16 single-homed

8 dual-homed

16 single-homed

8 dual-homed

16 single-homed

8 dual-homed

16 single-homed

8 dual-homed

16 single-homed

8 dual-homed

N/A N/A N/A
Number of MAC addresses in VPLS across all VLANs 40,000 40,000 40,000 40,000 40,000 40,000 40,000 N/A N/A N/A
Number of L2VPN EVCs supported 1000 1000 1000 1000 N/A N/A N/A N/A N/A N/A
Number of L2VPN EFPs supported 1000 1000 1000 1000 N/A N/A N/A N/A N/A N/A
Layer 3 VPN (L3VPN) Number of VPNs in SUP1/SUP2/SUP2E/SUP3 modules 1000 / 1000 / 4000 /4000 1000 / 1000 / 4000 /4000 1000 / 1000 / 4000 /4000 1000 / 1000 / 4000 1000 / 1000 / 4000 1000 / 1000 / 4000 1000 / 1000 / 4000 1000 1000 1000
Number of VPNv4 routes with per-prefix label allocation mode in SUP1/SUP2/SUP2E/SUP3 modules 300,000 / 300,000 / 500,000 /500,000 300,000 / 300,000 / 500,000 /500,000 300,000 / 300,000 / 500,000 /500,000 300,000 / 300,000 / 500,000 300,000 / 300,000 / 500,000 300,000 / 300,000 / 500,000 300,000 / 300,000 / 500,000 300,000 300,000 300,000
Number of VPN labels with per-prefix label allocation mode in SUP1/SUP2/SUP2E/SUP3 modules 300,000 / 300,000 / 500,000/500,000 300,000 / 300,000 / 500,000/500,000 300,000 / 300,000 / 500,000/500,000 300,000 / 300,000 / 500,000 300,000 / 300,000 / 500,000 300,000 / 300,000 / 500,000 300,000 / 300,000 / 500,000 300,000 300,000 300,000
Number of VPNv4 routes with per-VRF label allocation mode in SUP1/SUP2/SUP2E/SUP3 modules 500,000 / 500,000 / 700,000/700,000 500,000 / 500,000 / 700,000/700,000 500,000 / 500,000 / 700,000/700,000 500,000 / 500,000 / 700,000 500,000 / 500,000 / 700,000 500,000 / 500,000 / 700,000 500,000 / 500,000 / 700,000 500,000 500,000 500,000
Number of VPN labels with per-VRF label allocation mode in SUP1/SUP2/SUP2E/SUP3 modules 1000 / 1000 / 4000 /4000 1000 / 1000 / 4000 /4000 1000 / 1000 / 4000 /4000 1000 / 1000 / 4000 1000 / 1000 / 4000 1000 / 1000 / 4000 1000 / 1000 / 4000 1000 1000 1000
Number of VPNv6 (6VPE) routes with per-VRF label allocation mode in SUP1/SUP2/SUP2E/SUP3 modules 250,000 / 250,000 / 300,000 /300,000 250,000 / 250,000 / 300,000 /300,000 250,000 / 250,000 / 300,000 /300,000 250,000 / 250,000 / 300,000 250,000 / 250,000 / 350,000 250,000 / 250,000 / 350,000 250,000 / 250,000 / 350,000 250,000 250,000 250,000
Number of route targets imported in one VRF 1000 1000 1000 1000 1000 1000 1000 Not tested Not tested Not tested
Inter AS Option B 500,000 500,000 500,000 500,000 150,000 Not tested Not tested Not tested Not tested Not tested
Number of L3 VPNs with PE-CE (static + OSPF/IS-IS/EIGRP) 1000 (2 EIGRP neighbors per vrf; 100 routes per vrf) 1000 (2 EIGRP neighbors per vrf; 100 routes per vrf) 1000 (2 EIGRP neighbors per vrf; 100 routes per vrf) 1000 (2 EIGRP neighbors per vrf; 100 routes per vrf) N/A N/A N/A N/A N/A N/A
Number of supported LDP sessions in L3VPN 200 200 200 200 N/A N/A N/A N/A N/A N/A
LDP convergence supported in L3VPN Less than 2s Less than 2s Less than 2s Less than 2s N/A N/A N/A N/A N/A N/A
MVPN Number of multicast VRFs 200 200 200 200 200 200 200 200 200 200
Number of multicast VRF routes 50,000 50,000 50,000 50,000 50,000 50,000 50,000 50,000 50,000 50,000
Number of MDT groups 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000
Number of MDT groups per VRF 1000 1000 1000 1000 1000 1000 1000 256 256 256
Number of MDTs per VRF supported in MVPN ENH 200 200 200 200 N/A N/A N/A N/A N/A N/A
Total number of MDT tunnels (interfaces) 500 500 500 500 N/A N/A N/A N/A N/A N/A
The supported RSVP Hellos (100 neighbors with 5 sec interval) 100 100 100 100
9 Number of MPLS TE mid-point LSPs (transit and terminating) is 30,000
10 Number of MPLS TE mid-point LSPs (transit and terminating) is 30,000
11 Number of MPLS TE mid-point LSPs (transit and terminating) is 30,000
12 Number of MPLS TE mid-point LSPs (transit and terminating) is 30,000

Note


Inter AS Option B is supported on the M2 modules. Up to 150,000 option B labels are supported from Cisco NX-OS Release 7.2(0)D1(1) onwards.

Cisco NX-OS Release 7.3(0)DX(1) and Cisco NX-OS Release 7.3(1)D1(1) support Inter AS Option B on the M3 modules with 150,000 labels.

When M2 and M3 modules are used in the same VDC, the supported scale in the VDC is 150,000 labels.

Number of VRFs for handoff (MP-BGP) in a M3 module is 4000.


Guidelines and Limitations for MPLS L2VPN Configuration Limits

  • Each MPLS L2VPN scale value might vary when combined with other parameters.

  • For VPLS, the more sites that are used, the fewer VFIs and bridge domains that can be supported due to the increased number of pseudo-wires to connect sites in a full mesh.

Guidelines and Limitations for MPLS L3VPN Configuration Limits

  • Each MPLS L3VPN scale value might vary when combined with other parameters. See examples of scenarios tested with Supervisor 2e running Cisco NX-OS Release 6.2 for better guidance.

  • The following scenarios were tested in a single VDC as well as in VRFs broken up across four VDCs. 85% of the routes were local, and 15% were remote.

    Table 13. Guidelines and Limitations for MPLS L3VPN Configuration Limits
    Parameter Verified Limit (Cisco NX-OS 8.4(2)) Verified Limit (Cisco NX-OS 8.4(1)) Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2)
    Number of L3VPNs with PE-CE (2000 static routes + 2000 BGP sessions) 4000 4000 4000 4000 4000
    Number of L3VPNs without PE-CE (direct routes) 4000 4000 4000 4000 4000
    Number of L3VPNs in InterAS OptB lite 4000 4000 4000 4000 4000

Configuration Limits for Multicast Routing

Table 14. Configuration Limits for Multicast Routing
Feature Parameter Verified Limit (Cisco NX-OS 8.4(2)) Verified Limit (Cisco NX-OS 8.4(1)) Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3(0)DX(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
Multicast routing and forwarding Number of IPv4 multicast routes with PIM sparse mode 32,000 32,000 32,000 32,000 32,000 32,000 32,000 32,000 32,000 32,000
Number of IPv4 multicast routes with PIM bidirectional 32,000 32,000 32,000 32,000 32,000 32,000 32,000 Not tested Not tested Not tested
Number of IPv4 multicast routes using generic routing encapsulation reverse path forwarding (GRE RPF) interfaces or outgoing interfaces (OIFs) / number of GRE OIFs per route 16,000 / 8 16,000 / 8 16,000 / 8 16,000 / 8 16,000 / 8 16,000 / 8 16,000 / 8 16,000 / 8 16,000 / 8 16,000 / 8
Number of IPv4 multicast routes in a vPC environment 25,000 25,000 25,000 25,000 25,000 25,000 25,000 15,000 15,000 15,000
Number of total OIFs supported 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000
Number of IPv6 multicast routes 2000 2000 2000 2000 2000 2000 2000 2000 2000 2000
Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Number of IGMP groups 32,000 32,000 32,000 32,000 32,000 32,00013 32,000 32,000 32,000 32,000
Number of IGMP sources per group 8 8 8 8 8 8 8 N/A N/A N/A
Number of IGMP Reports/Leave Rate 2000/s 2000/s 2000/s 2000/s 2000/s 2000/s 2000/s N/A N/A N/A
Number of MLD groups 2000 2000 2000 2000 2000 2000 2000 2000 2000 2000
Multicast Source Discovery Protocol (MSDP) Number of MSDP source-active (SA) cache entries 12,000 12,000 12,000 12,000 12,000 12,000 12,000 12,000 12,000 12,000
Number of MSDP peers 6 6 6 6 6 6 6 N/A N/A N/A
PIM Number of PIM IPv4 neighbors 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000
Number of PIM IPv4 neighbors with aggressive (1/3) timers 50 50 50 50 50 50 50 N/A N/A N/A
Number of IPv4 multicast routes (ASM/SSM) 32,000 32,000 32,000 32,000 32,000 32,000 32,000 N/A N/A N/A
Number of multicast PIM Join/Prune Group 4000/s 4000/s 4000/s 4000/s 4000/s 4000/s 4000/s N/A N/A N/A
Number of multicast PIM Registers Encapulation and Decapsulation (packets per second) 3000 3000 3000 3000 3000 3000 3000 N/A N/A N/A
Number of PIM IPv6 neighbors with default timers 200 200 200 200 200 200 200 N/A N/A N/A
13 250 (*,G) X 130 (S,G) totaling 32500 for ASM;  32K (S,G) for SSM ;  32K (*,G) for BiDir

Note


Cisco recommends M2/M3 Series modules to achieve the highest multicast scale.



Note


High availability (stateful switchover and ISSU) is not supported with aggressive PIM hello timers. Cisco recommends using default PIM hello timers combined with BFD for PIM.


Configuration Limits for OTV

Table 15. Configuration Limits for OTV
Parameter

Verified Limit (Cisco NX-OS 8.4(2))

Verified Limit (Cisco NX-OS 8.4(1))

Verified Limit (Cisco NX-OS 8.3(1))

Verified Limit (Cisco NX-OS 8.2(1))

Verified Limit (Cisco NX-OS 8.0(1))

Verified Limit (Cisco NX-OS 7.3(0)DX(1)) Verified Limit (Cisco NX-OS 7.3(0)D1(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)

Number of extended VLANs across all configured overlays

2000

2000

2000

2000

2000

2000

2000

1500

1500

256

256

256

Number of extended VLAN ranges per Overlay on N7K / N77

64/64

64/64

64/64

64/64

64/64

64/64

64/64

64/64

64/64

64/64

N/A

N/A

Number of total OTV routes across all sites

64,000 on M3 modules

40,000 on F3/F4 modules

64,000 on M3 modules

40,000 on F3/F4 modules

64,000 on M3 modules

40,000 on F3/F4 modules

64,000 on M3 modules

40,000 on F3 modules

32,000 on F3 and M3 modules

32,000

32,000

32,000

32,000

16,000

16,000

16,000

Number of local OTV routes per site

24,000

24,000

24,000

24,000

12,000

12,000

12,000

12,000

12,000

8,000

8,000

8,000

Number of edge devices per site

2

2

2

2

2

2

2

2

2

2

2

2

Number of OTV-connected sites

12

12

12

12

8

8

8

8

8

6

6

6

Number of OTV overlays (simultaneous)

10

10

10

10

10

10

10

10

10

10

10

10

Number of instances (instance-id)

1

1

1

1

1

1

1

1

1

1

1

1

Number of local multicast routes

4000

4000

4000

4000

4000

4000

4000

4000

4000

2000

2000

2000

Number of multicast data groups

256

256

256

256

256

256

256

256

256

256

256

256

Number of secondary IP addresses used for OTV traffic depolarization

3

3

3

3

3

3

3

3

3 from Cisco NX-OS Release 6.2(6)

N/A

N/A

N/A


Note


To achieve maximum VLAN and MAC address scale, Cisco recommends using one overlay.


Configuration Limits for PVLAN

Table 16. Configuration Limits for PVLAN
Feature Verified Limit (Cisco NX-OS 8.4(2)) Verified Limit (Cisco NX-OS 8.4(1)) Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3.x) Verified Limit (Cisco NX-OS 7.2.x) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)

Number of primary VLANs

150 (Classic Ethernet or FabricPath)

25 (Classic Ethernet or FabricPath)

25 (Classic Ethernet or FabricPath)

25 (Classic Ethernet or FabricPath)

25 (Classic Ethernet or FabricPath)

25 (Classic Ethernet or FabricPath)

25 (Classic Ethernet or FabricPath)

N/A

N/A

N/A

Number of secondary VLANS

750 (Classic Ethernet or FabricPath)

75 (Classic Ethernet or FabricPath)

75 (Classic Ethernet or FabricPath)

75 (Classic Ethernet or FabricPath)

75 (Classic Ethernet or FabricPath)

75 (Classic Ethernet or FabricPath)

75 (Classic Ethernet or FabricPath)

N/A

N/A

N/A

Number of ports in host mode

100 (50 vPC)

20 (10 vPC)

20 (10 vPC)

20 (10 vPC)

20 (10 vPC)

20 (10 vPC)

20 (10 vPC)

N/A

N/A

N/A

Number of ports in promiscuous mode

16 (8 vPC)

16 (8 vPC)

16 (8 vPC)

16 (8 vPC)

16 (8 vPC)

16 (8 vPC)

16 (8 vPC)

N/A

N/A

N/A

Number of ports in promiscuous trunk mode

150 (8 vPC)

150 (8 vPC)

150 (8 vPC)

150 (8 vPC)

150 (8 vPC)

150 (8 vPC)

150 (8 vPC)

N/A

N/A

N/A

Number of ports in trunk secondary mode

30 (8 vPC)

30 (8 vPC)

30 (8 vPC)

30 (8 vPC)

30 (8 vPC)

30 (8 vPC)

30 (8 vPC)

N/A

N/A

N/A

Number of private VLAN mappings per promiscuous trunk

16 (on non-vPC interface)

16 (on non-vPC interface)

16 (on non-vPC interface)

16 (on non-vPC interface)

16

16

16

16

16

16

Configuration Limits for QoS

Table 17. Configuration Limits for QoS
Parameter Verified Limit (Cisco NX-OS 8.4(2) Verified Limit (Cisco NX-OS 8.4(1) Verified Limit (Cisco NX-OS 8.3(1) Verified Limit (Cisco NX-OS 7.3.x) Verified Limit (Cisco NX-OS 7.2.x) Verified Limit (Cisco NX-OS Release 6.2) Verified Limit (Cisco NX-OS Release 6.1) Verified Limit (Cisco NX-OS Release 6.0) Verified Limit (Cisco NX-OS Release 5.2)

Number of class maps per policy

4096

4096

4096

4096

4096

128

4096 in 6.2(8) and later releases

128

128

128

Number of class-maps across all policies in SUP1/SUP2/SUP2E/SUP3 modules

6,000 / 6,000 / 8,000 / 8,000

6,000 / 6,000 / 8,000 / 8,000

6,000 / 6,000 / 8,000 / 8,000

6,000 / 6,000 / 8,000

6,000 / 6,000 / 8,000

128

6,000 / 6,000 / 8,000 from 6.2(8) onwards

128

128

128

Number of matches in a class map

1024

1024

1024

1024

1024

1024

1024

1024

1024

Number of policers on M1 I/O module

12288

12288

12288

12288

12288

12288

12288

12288

12288

Number of policers on M2 I/O module

12288

12288

12288

12288

12288

12288

12288

12288

12288

Number of policers on F1 I/O module

0

0

0

0

0

0

0

0

0

Number of policers for F2/F2E I/O module

12288*

12288*

12288*

12288*

12288*

12288*

12288

12288

N/A

Number of policers for F3 - N7K 40G I/O module

6144*

6144*

6144*

6144*

6144*

6144*

N/A

N/A

N/A

Number of policers for F3 - N77 10G I/O module

6144*

6144*

6144*

6144*

6144*

6144*

N/A

N/A

N/A

Number of policers for F3 - N77 40G I/O module

12288*

12288*

12288*

12288*

12288*

12288*

N/A

N/A

N/A

Number of policers for F3 - N77 100G I/O module

12288*

12288*

12288*

12288*

12288*

12288*

N/A

N/A

N/A

Number of policers for F4 - N77 100G I/O module

10000

10000

10000

N/A

N/A

N/A

N/A

N/A

N/A

* 1,000 policers per SOC

Configuration Limits for Remote Integrated Service Engine

Table 18. Configuration Limits for Remote Integrated Service Engine
Feature Cisco NX-OS 8.3(1) Cisco NX-OS 8.0(1) Cisco NX-OS 7.3 releases Cisco NX-OS 7.2 releases Verified Limit (Cisco NX-OS 6.2 releases)

Number of Remote Integrated Service Engine (RISE) clients

32

32

32

32

N/A

Number of APBR ACEs per RISE client

2000

2000

2000

2000

1100

Number of APBR ACEs per RISE client per device

4000

4000

4000

4000

1100

Number of APBR ACEs per SVI

2000

2000

2000

2000

1100

Number of SVIs supported with ABPR per NetScaler instance

250

250

250

250

20

Number of SVIs supported with ABPR

1000

1000

1000

1000

40

No. of RHIs supported

1000

1000

1000

1000

N/A

Configuration Limits for Security

Table 19. Configuration Limits for Security
Feature Parameter Verified Limit (Cisco NX-OS 8.4(2)) Verified Limit (Cisco NX-OS 8.4(1)) Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3(0)DX(1)) Verified Limit (Cisco NX-OS 7.3(0)D1(1)) Verified Limit (Cisco NX-OS 7.2(0)D1(1)) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
ACLs Number of ACL 4000 4000 4000 4000 4000 N/A N/A N/A N/A N/A N/A
Number of ACL per LC N/A14 N/A15 N/A16 N/A17 N/A18 N/A N/A N/A N/A N/A N/A
Number of ACEs 320,000 320,000 320,000 320,000 310,000 N/A N/A N/A N/A N/A N/A
Number of ACEs per LC 128,000 128,000 128,000 128,000 128,000 N/A N/A N/A N/A N/A N/A
Number of interfaces with ACL applied 20,000 20,000 20,000 20,000 20,000 N/A N/A N/A N/A N/A N/A
Number of ACL + total Number of ACEs + Number of interfaces 4K ACLs with 60 ACEs per each ACL and applied to 15 physical interfaces, 15 port-channels, and 1100 SVI's 4K ACLs with 60 ACEs per each ACL and applied to 15 physical interfaces, 15 port-channels, and 1100 SVI's 4K ACLs with 60 ACEs per each ACL and applied to 15 physical interfaces, 15 port-channels, and 1100 SVI's 4K ACLs with 60 ACEs per each ACL and applied to 15 physical interfaces, 15 port-channels, and 1100 SVI's 4K ACLs with 60 ACEs per each ACL and applied to 20 physical interfaces and 1100 SVI's. N/A N/A N/A N/A N/A N/A
Number of Non L4Ops ACL labels in a M3/F4 module 4000 4000 4000 N/A N/A N/A N/A N/A N/A N/A N/A
Number of L4Ops ACLs / IPv6 ACLs in a M3/F4 module 2000 2000 2000 N/A N/A N/A N/A N/A N/A N/A N/A

Scale ACL (SACL)

Number of unique SACL ACL

2K per instance

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

Number of unique SACL per LC

2K per instance/ number of instance

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

Max number of Source/Dest IPv4 in object group/ACE

16k src/dst Host IPv4

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

Max number of Source/Dest IPv6 in object group/ACE

8k src/dst Host IPv6

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

Number of IPv4 ACEs per LC

256,000,000 unique hosts combination with SACL ACL compression mode

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

Number of IPv6 ACEs per LC

64,000,000 hosts combination with SACL ACL compression mode

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

Number of interfaces with SACL applied

48 Port M3

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

Number of L4Ops labels

2K per instance limit

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

Number of Object groups

5000 with 3 host each

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

Pre-search TCAM V4

32k unique entry

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

Pre-search TCAM V6

16k unique entry

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

32 bit exhaust

maximun 32bits for compression logic for SACL with overlapping ip subnets between object groups

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

64 bit exhaust

maximun 64bits for compression logic for SACL with Overlapping ipv6 subnets between object groups

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

Cisco TrustSec Number of IP-SGT mappings for M1/M2/M3 I/O module 200,000 200,000 200,000 200,000 200,000 200,000 200,000 50,000 Not tested Not tested Not tested
Number of IP-SGT mappings for F2/F2e I/O module 32,000 32,000 32,000 32,000 32,000 32,000 32,000 32,000 Not tested Not tested Not tested
Number of IP-SGT mappings for F3 I/O module 64,000 64,000 64,000 64,000 64,000 64,000 64,000 64,000 Not tested Not tested Not tested
Number of SXP connections 980 980 980 980 980 980 980 980 Not tested Not tested Not tested
Number of IP-SGT mappings learned using SXP 200,000 200,000 200,000 200,000 200,000 200,000 200,000 50,000 Not tested Not tested Not tested
Number of SGT Groups 3,000 SGT/DGT 3,000 SGT/DGT 3,000 SGT/DGT 3,000 SGT/DGT 3,000 SGT/DGT 3,000 SGT/DGT 3,000 SGT/DGT 3,000 SGT/DGT Not tested Not tested Not tested
DHCP Number of total bindings for DHCPv4 snooping 50,000 50,000 50,000 50,000 60,000 50,000 50,000 50,000 4000 Not tested Not tested
Number of VLANs for DHCP snooping 4000 4000 4000 4000 3968 4000 4000 4000 1000 Not tested Not tested
Number of total clients for DHCPv4 relay 50,000 50,000 50,000 50,000 50,000 50,000 50,000 50,000 4000 Not tested Not tested
Number of total clients for DHCPv6 relay 10,000 10,000 10,000 10,000 10,000 10,000 10,000 10,000 N/A N/A N/A
Number of DHCP relay agents 3960 3960 3960 3960 3968 3960 3960 3960 1000 Not tested Not tested
Number of DHCP helper addresses for SVI 16 16 16 16 16 16 16 16 16 Not tested Not tested
UDP Relay Maximum number of object groups that can be created 4096 4096 4096 4096 Not supported 4096 N/A N/A N/A N/A N/A
Number of object groups that an L3/SVI interface can be associated with 1 1 1 1 Not supported 1 N/A N/A N/A N/A N/A
Maximum number of UDP relay IP addresses that an interface can be associated with 300 300 300 300 Not supported 300 N/A N/A N/A N/A N/A
Maximum number of UDP ports supported 200 200 200 200 Not supported 200* N/A N/A N/A N/A N/A
14 Number of ACL is not limited to LC. LC has only TCAM limitation (128,000). Starting from Cisco NX-OS Release 8.3(2), F4 modules TCAM limitation is 96,000.
15 Number of ACL is not limited to LC. LC has only TCAM limitation (128,000). Starting from Cisco NX-OS Release 8.3(2), F4 modules TCAM limitation is 96,000.
16 Number of ACL is not limited to LC. LC has only TCAM limitation (128,000).
17 Number of ACL is not limited to LC. LC has only TCAM limitation (128,000).
18 Number of ACL is not limited to LC. LC has only TCAM limitation (128,000).

Note


* This number includes seven default ports.



Note


  • Maximum number of supported MACsec enabled ports for Nexus 7700 M3 48-Port 1G/10G module is 768.

  • Maximum number of supported MACsec enabled ports for Nexus 7700 M3 24-Port 40G module is 384.

  • Cisco Trustsec is not supported on F4 series modules in Cisco NX-OS Release 8.3(1).


Each DHCP scale value might vary when combined with other parameters. See this example of a scenario tested for Cisco NX-OS Release 7.2(0)D1(1)) for better guidance.

Table 20. Example of a scenario tested for DHCP scale
Parameter Verified Limit (Cisco NX-OS 8.4(2) Verified Limit (Cisco NX-OS 8.4(1) Verified Limit (Cisco NX-OS 8.3(1) Verified Limit (Cisco NX-OS 7.3.x) Verified Limit (Cisco NX-OS 7.2.x) Verified Limit (Cisco NX-OS 6.2)
Number of SVIs with IPv4 and IPv6 DHCP relay configured together 3960 3960 3960 3960 3960 3960

Guidelines and Limitations for DHCP Configuration Limits

For Cisco NX-OS Release 6.2 and later releases, you must enable the insertion of Option 82 information for DHCP packets to support the highest DHCP snooping scale.

Configuration Limits for System Management

Table 21. Configuration Limits for System Management
Feature Parameter Verified Limit (Cisco NX-OS 8.4(2)) Verified Limit (Cisco NX-OS 8.4(1)) Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3.x) Verified Limit (Cisco NX-OS 7.2.x) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
IP SLA Maximum number of probes configured in SUP1/SUP2/SUP2E/SUP3 modules 500 / 500 / 1000/ 100019 500 / 500 / 1000/ 100020 500 / 500 / 1000/ 100021 500 / 500 / 100022 500 / 500 / 100023 500 / 500 / 100024 500 / 500 / 1000 500 N/A N/A
SPAN and ERSPAN Number of active SPAN or ERSPAN source sessions 14 (Nexus 7000); 16 (Nexus 7700) 14 (Nexus 7000); 16 (Nexus 7700) 14 (Nexus 7000); 16 (Nexus 7700) 14 (Nexus 7000); 16 (Nexus 7700) 14 (Nexus 7000); 16 (Nexus 7700) 14 (Nexus 7000); 16 (Nexus 7700) 14 (Nexus 7000); 16 (Nexus 7700) 2 2 2
Number of configured (not active) SPAN sessions per VDC 48 48 48 48 48 48 48 48 48 48
Number of active ERSPAN destination sessions 23 (Nexus 7000); 16 (Nexus 7700) 23 (Nexus 7000); 16 (Nexus 7700) 23 (Nexus 7000); 16 (Nexus 7700) 23 (Nexus 7000); 16 (Nexus 7700) 23 (Nexus 7000); 16 (Nexus 7700) 23 (Nexus 7000); 16 (Nexus 7700) 23 (Nexus 7000); 16 (Nexus 7700) 23 23 23
Number of source interfaces per SPAN or ERSPAN session 128 128 128 128 128 128 128 128 128 128
Number of destination interfaces per SPAN or ERSPAN session 32 32 32 32 32 32 32 32 32 32
Number of source VLANs per SPAN or ERSPAN session 32 32 32 32 32 32 32 32 32 32
PTP/IEEE 1588 Number of clients in SUP1/SUP2/SUP2E/SUP3 modules 100 / 100 / 512 / 512 100 / 100 / 512 / 512 100 / 100 / 512 / 512 100 / 100 / 512 100 / 100 / 512 100 / 100 / 512 100 / 100 / 512 100 / 100 / 512 Not tested Not tested
NetFlow Number of pps for sampled Netflow (M3/F3/F4) 50K pps 50K pps 50K pps 50K pps Not tested Not tested Not tested Not tested Not tested Not tested
The expose netflow sampling rate of 1:128K on (M3/F3/F4) 1:128K 1:128K 1:128K 1:128K Not tested Not tested Not tested Not tested Not tested Not tested
19 The highest scale was verified with UDP jitter and ICMP probes.
20 The highest scale was verified with UDP jitter and ICMP probes.
21 The highest scale was verified with UDP jitter and ICMP probes.
22 The highest scale was verified with UDP jitter and ICMP probes.
23 The highest scale was verified with UDP jitter and ICMP probes.
24 The highest scale was verified with UDP jitter and ICMP probes.

Guidelines and Limitations for IP SLA Configuration Limits

  • To achieve the highest IP SLA probe scale, you might need to add a specific CoPP configuration to allow the IP SLA generated packets to pass through. Otherwise, probes might experience timeouts. See the Cisco Nexus 7000 Series NX-OS IP SLAs Configuration Guide for more details.

  • Even if CoPP is not dropping any IP SLA traffic, round-trip times (RTTs) might vary, so it is important to test locally and set the proper timeout value for IP SLA probes. Generally, Cisco does not recommend setting the IP SLA probe timeout below 1 second.

  • Cisco recommends using Supervisor 2e/Supervisor 3 to achieve the highest scale and the lowest RTT for IP SLA probes.

Guidelines and Limitations for SPAN Configuration Limits

The number of SPAN sessions refers to unidirectional sessions. On the Cisco Nexus 7000 Series switch, two SPAN extended sessions can be combined to create a bidirectional session, and a SPAN standard session can behave either as unidirectional or bidirectional. The Cisco Nexus 7700 switch does not have standard and extended sessions. All SPAN sessions are unidirectional, and any two can be combined to create a bidirectional session. See the Cisco Nexus 7000 Series NX-OS System Management Configuration Guide for more information.

Configuration Limits for Unicast Routing

Table 22. Configuration Limits for Unicast Routing
Feature Parameter Verified Limit (Cisco NX-OS 8.4(2)) Verified Limit (Cisco NX-OS 8.4(1)) Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.2(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3.x) Verified Limit (Cisco NX-OS 7.2.x) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
ARP/ND Number of entries in ARP table

128,000

128,000

128,000

128,000

128,000

128,000 128,000 128,000 128,000 128,000 128,000
Number of ARP packets per second 300025 300026 300027

1500

1500

1500 1500 1500 1500 Not tested Not tested
Number of ARP glean packets for second 2500 2500 2500

1500

1500

1500 1500 1500 1500 Not tested Not tested
Number of IPv6 ND packets per second

1500

1500

1500

1500

1500

1500 1500 1500 1500 Not tested Not tested
Number of IPv6 glean packets per second

1500

1500

1500

1500

1500

1500 1500 1500 1500 Not tested Not tested
OSPFv2 Number of neighbors / total LSAs28

1000/100,000

1000/100,000

1000/100,000

1000/100,000

1000/100,000

1000 / 100,000 1000 / 100,000 1000 / 100,000 300 / 15,000 300 / 15,000 300 / 15,000
Number of neighbors / total LSAs with aggressive timers (1s/4s)

250/50,000

250/50,000

250/50,000

250/50,000

250/50,000

250 / 50,000 250 / 50,000 250 / 50,000 16 / 6000 16 / 6000 16 / 6000
Number of passive interfaces

3780

3780

3780

3780

3780

3780 3780 3780 500 500 500
Number of process instances per VDC

16

16

16

16

16

16 16 16 16 4 4
Number of process instances

16

16

16

16

16

16 16 16 16 16 16
Number of equal cost paths

32

32

32

32

32

32 32 32 16 16 16
OSPFv3 Number of neighbors / total LSAs

300 / 50,000

300 / 50,000

300 / 50,000

300 / 50,000

300 / 50,000

300 / 50,000 300 / 50,000 300 / 50,000 300 / 15,000 300 / 15,000 300 / 15,000
Number of passive interfaces

1280

1280

1280

1280

1280

1280 1280 1280 300 300 300
Number of process instances per VDC

16

16

16

16

16

16 16 16 16 4 4
Number of process instances

16

16

16

16

16

16 16 16 16 16 16
Number of equal cost paths

32

32

32

32

32

32 32 32 16 16 16
IS-IS Number of neighbors

1000

1000

1000

1000

1000

300 300 300 300 300 300
Number of neighbors with aggressive timers (1s/3s)

250

250

250

250

250

250 250 250 Not tested Not tested Not tested
Number of passive interfaces

4000

4000

4000

4000

4000

600 600 600 Not tested Not tested Not tested
Number of routes

64,000

64,000

64,000

64,000

64,000

30,000 30,000 30,000 Not tested Not tested Not tested
Number of process instances per VDC

16

16

16

16

16

16 16 16 4 4 4
Number of process instances

16

16

16

16

16

16 16 16 16 16 16
Number of equal cost paths

32

32

32

32

32

32 32 32 16 16 16
EIGRP Number of neighbors with default timers

2000

2000

2000

2000

200

2000

2000

500

2000 in 6.2(6) and later releases

300 50 50
Number of neighbors with aggressive timers (1s/3s)

100

100

100

100

100

250 250 250 Not tested Not tested Not tested
Number of passive interfaces with default timers

4000

4000

4000

4000

4000

3960 3960 3960 Not tested Not tested Not tested
Number of passive interfaces with aggressive timers 1000 1000 1000 1000 1000 N/A N/A N/A N/A N/A N/A
Number of routes (with default and aggressive timers)

50,000

50,000

50,000

50,000

50,000

100,000

100,000

50,000

100,000 in 6.2(6) and later releases

15,000 15,000 15,000
Number of process instances per VDC

16

16

16

16

16

16 16 16 4 4 4
Number of process instances

16

16

16

16

16

16 16 16 16 16 16
Number of equal cost paths

32

32

32

32

32

32 32 32 16 16 16
Static routing Number of static routes

4000

4000

4000

4000

4000

4000 4000 4000 1000 1000 1000
BGP Number of peers

2500

2500

2500

2500

2500

2000 2000 2000 1000 1000 1000
Number of AS-path entries

256

256

256

256

256

512 512 512 512 512 512
Number of prefix-list entries in a single prefix list

20,000

20,000

20,000

20,000

20,000

20,000 20,000 20,000 20,000 20,000 20,000
Number of prefixes per peer (one peer, eBGP or iBGP, IPv4)

1.7 million

1.7 million

1.7 million

900,000

900,000

900,000 900,000 900,000 900,000 900,000 900,000
Number of routes in BGP RIB

5.2 million

5.2 million

5.2 million

5.2 million

5.2 million

5.2 million 5.2 million 5.2 million 3 million 3 million 3 million
Number of unique attributes stored in BGP database

1,600,000

1,600,000

1,600,000

1,600,000

1,600,000

920,000 920,000 920,000 512,000 512,000 512,000
Number of equal cost paths

32

32

32

32

32

32 32 32 16 16 16
Number of paths advertised with BGP addpath29

32

32

32

32

32

32 32 32 32 N/A N/A

HSRP

Number of groups per interface or I/O module

No limit

No limit

No limit

No limit

No limit

No limit No limit No limit 500 500 500
Number of groups with default timers (3s/10s) and multiple group optimization 800030 800031 800032 800033 800034 4000 4000 2000 / 2000 / 4000 (with maximum 2000 master groups) N/A N/A N/A
Number of groups with default timers (3s/10s)

2000

2000

2000

2000

2000

2000 2000 2000 2000 2000 2000
Number of groups with aggressive timers (1s/3s) and extended hold timer features (in-service software upgrade [ISSU] / stateful switchover [SSO] support)

1000

1000

1000

1000

1000

1000 1000 1000 1000 1000 1000
Anycast HSRP Number of routers in Anycast HSRP group

8

8

8

8

8

4 4 4 N/A N/A N/A
Number of Anycast HSRP bundles

128

128

128

128

128

64 (Nexus 7000)

128 (Nexus 7700)

64 (Nexus 7000)

128 (Nexus 7700)

64 (Nexus 7000)

128 (Nexus 7700)

N/A N/A N/A
Number of groups per bundle

2000

2000

2000

2000

2000

200 200 200 N/A N/A N/A
Number of groups across all Anycast HSRP bundles

2000

2000

2000

2000

2000

2000 2000 2000 N/A N/A N/A
VRRPv2 Number of groups per interface or I/O module

255

255

255

255

255

100 100 100 100 100 100
Number of groups with default timers (1s/3s)

255

255

255

255

255

255 255 255 255 255 255
VRRPv3 Number of groups with relaxed timers (3s/10s) and pathways in SUP1/SUP2/SUP2E/SUP3 modules 255 / 255 / 4000 (with maximum 2000 leader groups) /4000 (with maximum 2000 leader groups) 255 / 255 / 4000 (with maximum 2000 leader groups) /4000 (with maximum 2000 leader groups) 255 / 255 / 4000 (with maximum 2000 leader groups) /4000 (with maximum 2000 leader groups) 255 / 255 / 4000 (with maximum 2000 leader groups) 255 / 255 / 4000 (with maximum 2000 leader groups) 255 / 255 / 4000 (with maximum 2000 leader groups) 255 / 255 / 4000 (with maximum 2000 leader groups) 255 / 255 / 4000 (with maximum 2000 leader groups) N/A N/A N/A
Number of groups with relaxed timers (3s/10s) in SUP1/SUP2/SUP2E/SUP3 modules 255 / 255 / 2000/2000 255 / 255 / 2000/2000 255 / 255 / 2000/2000 255 / 255 / 2000 255 / 255 / 2000 255 / 255 / 2000 255 / 255 / 2000 255 / 255 / 2000 N/A N/A N/A
Number of groups with default timers (1s/3s) in SUP1/SUP2/SUP2E/SUP3 modules 255 / 255 / 1000 /1000 255 / 255 / 1000 /1000 255 / 255 / 1000 /1000 255 / 255 / 1000 255 / 255 / 1000 255 / 255 / 1000 255 / 255 / 1000 255 / 255 / 1000 N/A N/A N/A
GLBP Number of groups per interface or I/O module

200

200

200

200

200

200 200 200 200 200 200
Number of groups with default timers (3s/10s)

1000

1000

1000

1000

1000

1000 1000 1000 1000 1000 1000
Number of groups with aggressive timers (1s/3s)

500

500

500

500

500

500 500 500 500 500 500
Number of groups with aggressive timers (1s/3s) and extended hold timer feature (ISSU/SSO support)

500

500

500

500

500

500 500 500 500 500 500

PBR

Number of configured sequences per policy ( by default)

100

100

23

23

23

23 23 23 23 (starting with Cisco NX-OS 6.1.3) Not tested Not tested

Number of configured sequences per policy (if hardware access-list allow deny ace is configured.)

23

23

23

23

23

23 23 23 23 (starting with Cisco NX-OS 6.1.3) Not tested Not tested
Object tracking Number of objects tracked

500

500

500

500

500

500 500 500 Not tested Not tested Not tested
VRFs

Number of VRFs3536

4000

4000

4000

4000

4000

4000 4000 4000 1000 1000 1000

FIB scale (IPv4)

1.7M

1.7M

1.7M

1M

1M

N/A

N/A

N/A

N/A

N/A

N/A

Number of ECMP Paths (F2, F2E, F3, F4, M3)

64 (for BGP)

32 (for OSPF)

64 (for BGP)

32 (for OSPF)

32

32

32

32

32

32

32

32

32

ECMP Routes

64 ECMP Path (ECMP Route Scale is up to 180k for M3; 10k for F3; 80k for F4)

32 ECMP Path (ECMP Route Scale is up to 480k for M3; 16k for F3)

64 ECMP Path for F4

64 ECMP Path (ECMP Route Scale is up to 180k for M3; 10k for F3

32 ECMP Path (ECMP Route Scale is up to 480k for M3; 16k for F3)

Not tested

Not tested

Not tested

Not tested

Not tested

Not tested

Not tested

Not tested

Not tested

25 The default COPP limit for ARP is unchanged. To achieve 3000 ARP PPS with a single module, ARP COPP needs to be changed accordingly. As the COPP is applied at the module, this 3000 PPS can be achieved with multiple modules with the default COPP limits. 3000 ARP PPS is system level supported PPS.
26 The default COPP limit for ARP is unchanged. To achieve 3000 ARP PPS with a single module, ARP COPP needs to be changed accordingly. As the COPP is applied at the module, this 3000 PPS can be achieved with multiple modules with the default COPP limits. 3000 ARP PPS is system level supported PPS.
27 The default COPP limit for ARP is unchanged. To achieve 3000 ARP PPS with a single module, ARP COPP needs to be changed accordingly. As the COPP is applied at the module, this 3000 PPS can be achieved with multiple modules with the default COPP limits. 3000 ARP PPS is system level supported PPS.
28 The number of LSAs equals the number of routes.
29 Only 16 paths are active and programmed to the hardware in Cisco NX-OS Release 6.1. Beginning with Cisco NX-OS Release 6.2 with F2 or F2e Series modules, 32 paths can be active and programmed to the hardware.
30 Beginning with Cisco NX-OS Release 8.0(1), on Cisco Nexus 7000 Series Switches M3 Series Line card with HSRP Multiple Group Optimization (MGO) feature, you can scale HSRP groups up to 8000 (dual stacked on 4000 SVIs). With one HSRP-V4 group and one HSRP-V6 group as master and the rest 7998 groups as slave groups. Verified scale is done with two secondary Virtual IPVx addresses on each HSRP group along with the Primary Virtual IPVx address .
  • You must create a custom control plane policing (CoPP) policy to change the Committed Information Rate (CIR) to allow more control plane packets.

  • Change the u6route-mem command value for VDC from 64 to the default value of 24.

31 Beginning with Cisco NX-OS Release 8.0(1), on Cisco Nexus 7000 Series Switches M3 Series Line card with HSRP Multiple Group Optimization (MGO) feature, you can scale HSRP groups up to 8000 (dual stacked on 4000 SVIs). With one HSRP-V4 group and one HSRP-V6 group as master and the rest 7998 groups as slave groups. Verified scale is done with two secondary Virtual IPVx addresses on each HSRP group along with the Primary Virtual IPVx address .
  • You must create a custom control plane policing (CoPP) policy to change the Committed Information Rate (CIR) to allow more control plane packets.

  • Change the u6route-mem command value for VDC from 64 to the default value of 24.

32 Beginning with Cisco NX-OS Release 8.0(1), on Cisco Nexus 7000 Series Switches M3 Series Line card with HSRP Multiple Group Optimization (MGO) feature, you can scale HSRP groups up to 8000 (dual stacked on 4000 SVIs). With one HSRP-V4 group and one HSRP-V6 group as master and the rest 7998 groups as slave groups. Verified scale is done with two secondary Virtual IPVx addresses on each HSRP group along with the Primary Virtual IPVx address .
  • You must create a custom control plane policing (CoPP) policy to change the Committed Information Rate (CIR) to allow more control plane packets.

  • Change the u6route-mem command value for VDC from 64 to the default value of 24.

33 Beginning with Cisco NX-OS Release 8.0(1), on Cisco Nexus 7000 Series Switches M3 Series Line card with HSRP Multiple Group Optimization (MGO) feature, you can scale HSRP groups up to 8000 (dual stacked on 4000 SVIs). With one HSRP-V4 group and one HSRP-V6 group as master and the rest 7998 groups as slave groups. Verified scale is done with two secondary Virtual IPVx addresses on each HSRP group along with the Primary Virtual IPVx address .
  • You must create a custom control plane policing (CoPP) policy to change the Committed Information Rate (CIR) to allow more control plane packets.

  • Change the u6route-mem command value for VDC from 64 to the default value of 24.

34 Beginning with Cisco NX-OS Release 8.0(1), on Cisco Nexus 7000 Series Switches M3 Series Line card with HSRP Multiple Group Optimization (MGO) feature, you can scale HSRP groups up to 8000 (dual stacked on 4000 SVIs). With one HSRP-V4 group and one HSRP-V6 group as master and the rest 7998 groups as slave groups. Verified scale is done with two secondary Virtual IPVx addresses on each HSRP group along with the Primary Virtual IPVx address .
  • You must create a custom control plane policing (CoPP) policy to change the Committed Information Rate (CIR) to allow more control plane packets.

  • Change the u6route-mem command value for VDC from 64 to the default value of 24.

35 With each new VDC configured, the number of configurable VRFs is reduced by two as each VDC has a default VRF and management VRFs that are not removable. For example, with 4 configured VDCs on Cisco NX-OS Release 6.2, you can configure up to 3992 additional VRFs (either all in one VDC or across VDCs).,
36 Not all dynamic routing protocols can support having peers in all of the supported VRFs. Refer to the individual protocol scale for more information.

Note


EIGRP scale was dropped to 200 in release 8.0(1) due to a crash issue and fixed in release 8.2(1). Now the EIGRP neighbor scale is raised to 2000 from release 8.2(1) onwards.



Note


For BGP, you must consider FIB Scale as the final parameter. BGP Prefixes will hit the FIB scale limit.



Note


  • Number of Layer 3 ARP entries in a M3 module is 128,000.

  • Number of Layer 3 ND entries in a M3 module is 128,000.



Note


Layer 3 parameters have the following scale numbers for Cisco NX-OS Release 8.0(1):

  • The number of entities attached to one tracking object is 500.

  • Total number of FIB entries in hardware is 1 million.

Total number of FIB entries supported in hardware in Cisco NX-OS Release 8.2(1) are:

  • Ipv4 routes in a M3 module is 1 million, F3 module is 64K , F2e module is 32K.

  • IPv6 routes in a M3 module is 500K , F3 module is 32K , F2e module is 16K.



Note


Total number of FIB entries in a M3 module is 1.7 million IPv4-only routes or 500k IPv6-only routes in Cisco NX-OS Release 8.3(1). When configured together the route scale is 1.1 million ( IPv4 ) + 300K ( IPv6 ) for M3 module in Cisco NX-OS Release 8.3(1).


For Cisco NX-OS Release 8.1(2), 250,000 OSPF LSA is supported only with specific below listed parameters:

Platform N77-M3
LSA type

Type 5

Type 3

Interface type SVI
OSPF Neighours 150
Number of Areas 2
Number of VDCs 1
OSPF timers Default timers
Number of ECMP 2
OSPF type OSPF v2

Guidelines and Limitations for All Unicast Routing Configuration Limits

  • High availability (graceful restart, stateful switchover, and ISSU) is not supported when protocol aggressive timers are configured at any scale.

Guidelines and Limitations for OSPF Configuration Limits

  • Cisco recommends using Supervisor 2e/Supervisor 3 module for the highest scale and fastest convergence.

  • To achieve the highest scale, Cisco recommends using a single OSPF instance instead of multiple instances.

  • Each OSPFv2 and OSPFv3 scale value might vary when combined with other parameters. See examples of scenarios tested for Cisco NX-OS Release 6.2 for better guidance. All scenarios were tested with a single OSPF instance.

  • The graceful restart timeout value might need to be increased in multi-dimensional scenarios.

  • The passive interface default was used.

Table 23. Guidelines and Limitations for OSPF Configuration Limits
Feature Parameter Verified Limit (Cisco NX-OS 8.4(2) Verified Limit (Cisco NX-OS 8.4(1) Verified Limit (Cisco NX-OS 8.3(1) Verified Limit (Cisco NX-OS 7.3.x) Verified Limit (Cisco NX-OS 7.2.x) Verified Limit (Cisco NX-OS 6.2)
OSPFv2 Number of maximum neighbors + passive interfaces + total LSAs + VRFs 1000 + 2899 + 100,000 + 300 1000 + 2899 + 100,000 + 300 1000 + 2899 + 100,000 + 300 1000 + 2899 + 100,000 + 300 1000 + 2899 + 100,000 + 300 1000 + 2899 + 100,000 + 300
OSPFv2 Number of maximum neighbors + passive interfaces + total LSAs 1003 + 2899 + 100,000 1003 + 2899 + 100,000 1003 + 2899 + 100,000 1003 + 2899 + 100,000 1003 + 2899 + 100,000 1003 + 2899 + 100,000
OSPFv2 Number of maximum passive interfaces + neighbors + total LSAs 3780 + 22 + 100,000 3780 + 22 + 100,000 3780 + 22 + 100,000 3780 + 22 + 100,000 3780 + 22 + 100,000 3780 + 22 + 100,000
OSPFv2 Number of neighbors + passive interfaces + total LSAs + VRFs with aggressive timers (1s/4s) 250 + 750 + 50,000 + 250 250 + 750 + 50,000 + 250 250 + 750 + 50,000 + 250 250 + 750 + 50,000 + 250 250 + 750 + 50,000 + 250 250 + 750 + 50,000 + 250
OSPFv3 Number of maximum neighbors + passive interfaces + total LSAs + VRFs 300 + 1000 + 50,000 + 300 300 + 1000 + 50,000 + 300 300 + 1000 + 50,000 + 300 300 + 1000 + 50,000 + 300 300 + 1000 + 50,000 + 300 300 + 1000 + 50,000 + 300
OSPFv3 Number of maximum passive interfaces + neighbors + total LSAs 1280 + 20 + 50,000 1280 + 20 + 50,000 1280 + 20 + 50,000 1280 + 20 + 50,000 1280 + 20 + 50,000 1280 + 20 + 50,000
OSPFv3 Number of neighbors + passive interfaces + total LSAs + VRFs with aggressive timers (1s/4s) 100 + 300 + 25,000 + 100 100 + 300 + 25,000 + 100 100 + 300 + 25,000 + 100 100 + 300 + 25,000 + 100 100 + 300 + 25,000 + 100 100 + 300 + 25,000 + 100

Guidelines and Limitations for IS-IS Configuration Limits

  • Cisco recommends using Supervisor 2e/Supervisor 3 module for the highest scale and fastest convergence.

  • Each IS-IS scale value might vary when combined with other parameters. See these examples of scenarios tested for Cisco NX-OS Release 6.2 for better guidance. All scenarios were tested with a single IS-IS instance with IPv4 and IPv6 address families enabled on all peers and the total number of routes being a mix of IPv4 and IPv6 routes.

Table 24. Guidelines and Limitations for IS-IS Configuration Limits
Parameter Verified Limit (Cisco NX-OS 8.4(2) Verified Limit (Cisco NX-OS 8.4(1) Verified Limit (Cisco NX-OS 8.3(1) Verified Limit (Cisco NX-OS 7.3.x) Verified Limit (Cisco NX-OS 7.2.x) Verified Limit (Cisco NX-OS 6.2)
Number of maximum neighbors + passive interfaces + total routes 300 + 600 + 30,000 300 + 600 + 30,000 300 + 600 + 30,000 300 + 600 + 30,000 300 + 600 + 30,000 300 + 600 + 30,000
Number of maximum passive interfaces + neighbors + total routes 300 + 600 + 30,000 300 + 600 + 30,000 300 + 600 + 30,000 300 + 600 + 30,000 300 + 600 + 30,000 300 + 600 + 30,000

Guidelines and Limitations for EIGRP Configuration Limits

  • The passive interface default was used.

  • To achieve the highest scale with high availability, you must increase the graceful restart signal timer to 60 seconds.

  • Each EIGRP scale value might vary when combined with other parameters. See these examples of scenarios tested for Cisco NX-OS Release 6.2 for better guidance. All scenarios were tested with a single EIGRP instance.

Table 25. Guidelines and Limitations for EIGRP Configuration Limits
Parameter Verified Limit (Cisco NX-OS 8.4(2) Verified Limit (Cisco NX-OS 8.4(1) Verified Limit (Cisco NX-OS 8.3(1) Verified Limit (Cisco NX-OS 7.3.x) Verified Limit (Cisco NX-OS 7.2.x) Verified Limit (Cisco NX-OS 6.2)

Number of neighbors + passive interfaces + routes + VRFs

300 + 2000 + 30,000 + 30

300 + 2000 + 30,000 + 30

300 + 2000 + 30,000 + 30

300 + 2000 + 30,000 + 30

300 + 2000 + 30,000 + 30

300 + 2000 + 30,000 + 30

2000+3960+100,000+1000 in 6.2(6) and later releases

Number of neighbors + passive interfaces + routes + VRFs with aggressive timers (1s/3s)

250 + 1000 + 50,000 + 250

250 + 1000 + 50,000 + 250

250 + 1000 + 50,000 + 250

250 + 1000 + 50,000 + 250

250 + 1000 + 50,000 + 250

250 + 1000 + 50,000 + 250

Guidelines and Limitations for BGP Configuration Limits

  • Each BGP scale value might vary when combined with other parameters. See these examples of scenarios tested for Cisco NX-OS Release 6.2 for better guidance.

  • All values were tested with default BGP keepalive and hold timers.

  • All scenarios were tested with the minimum and maximum configured u4route-mem and u6route-mem under the VDC as 350 MB/110 MB respectively.

Table 26. Guidelines and Limitations for BGP Configuration Limits
Parameter Verified Limit (Cisco NX-OS 8.4(2) Verified Limit (Cisco NX-OS 8.4(1) Verified Limit (Cisco NX-OS 8.3(1) Verified Limit (Cisco NX-OS 7.3.x) Verified Limit (Cisco NX-OS 7.2.x) Verified Limit (Cisco NX-OS 6.2)
Number of maximum eBGP peers + iBGP peers + total routes (75% IPv4, 25% IPv6) 1750 + 250 + 50,000 1750 + 250 + 50,000 1750 + 250 + 50,000 1750 + 250 + 50,000 1750 + 250 + 50,000 1750 + 250 + 50,000
Number of maximum iBGP peers + eBGP peers + total routes (75% IPv4, 25% IPv6) 1750 + 250 + 50,000 1750 + 250 + 50,000 1750 + 250 + 50,000 1750 + 250 + 50,000 1750 + 250 + 50,000 1750 + 250 + 50,000
Number of routes in BGP RIB (75% IPv4, 25% IPv6) 5.2 million 5.2 million 5.2 million 5.2 million 5.2 million 5.2 million
Number of eBGP peers with Internet feed (440,000 IPv4 routes, 12,000 IPv6 routes) 12 12 12 12 12 12

Guidelines and Limitations for HSRP, VRRP, and GLBP Configuration Limits

  • The number of HSRPv2 and VRRPv3 groups can be IPv4 only, IPv6 only, or a combination of both. For example, if Cisco NX-OS supports 4000 HSRP groups, it can also support 4000 VLANs with each running HSRP IPv4 groups or 2000 dual-stacked VLANs.

  • The same FHRP group ID or different group IDs can be used in different VLANs and within the same VLAN for IPv4 and IPv6 groups.

Configuration Limits for VDCs

Table 27. Configuration Limits for VDCs
Feature Verified Limit (Cisco NX-OS 8.4(2) and above Verified Limit (Cisco NX-OS 8.4(1) Verified Limit (Cisco NX-OS 8.3(x) Verified Limit (Cisco NX-OS 8.2.x) Verified Limit (Cisco NX-OS 7.3.x) Verified Limit (Cisco NX-OS 7.2.x) Verified Limit (Cisco NX-OS 6.2) Verified Limit (Cisco NX-OS 6.1) Verified Limit (Cisco NX-OS 6.0) Verified Limit (Cisco NX-OS 5.2)
VDCs with Supervisor 1 N/A N/A N/A N/A N/A N/A 4+1 (with admin VDC feature) 4 (including 1 default VDC) 4 (including 1 default VDC) 4 (including 1 default VDC)
VDCs with Supervisor 2 3+1 (with admin VDC feature) 4+1 (with admin VDC feature) 4+1 (with admin VDC feature) 4+1 (with admin VDC feature) 4+1 (with admin VDC feature) 4+1 (with admin VDC feature) 4+1 (with admin VDC feature) 4+1 (with admin VDC feature) N/A N/A
VDCs with Supervisor 2e / Supervisor 3 8+1 (with admin VDC feature) 8+1 (with admin VDC feature) 8+1 (with admin VDC feature) 8+1 (with admin VDC feature) 8+1 (with admin VDC feature) 8+1 (with admin VDC feature) 8+1 (with admin VDC feature) 8+1 (with admin VDC feature) N/A N/A
VDC resource templates 64 64 64 64 64 64 64 64 64 64

Guidelines and Limitations for VDCs

  • For Cisco NX-OS Releases 8.4(2) to 8.4(5), when you attempt to add 5th VDC when system is running on low memory, the system crashes.

  • For Cisco NX-OS Release 8.4(6), when you attempt to add 5th VDC when system is running on low memory, an error message is displayed.

Configuration Limits for VXLAN

Table 28. Configuration Limits for VXLAN EVPN
Parameter Verified Limit (Cisco NX-OS 8.4(2)) Verified Limit (Cisco NX-OS 8.4(1)) Verified Limit (Cisco NX-OS 8.3(1)) Verified Limit (Cisco NX-OS 8.2(1)) Verified Limit (Cisco NX-OS 8.1(1)) Verified Limit (Cisco NX-OS 8.0(1)) Verified Limit (Cisco NX-OS 7.3(1))
F4 F3 M3 F4 F3 M3 F4 F3 M3 F3 M3 F3 M3 F3 M3 F3 M3
Number of VNIs (L2 & L3 VNI) 1600

1600

1600 (L3 VNI) 1600

1600

1600 (L3 VNI) 1600

1600

1600 (L3 VNI) 1600 1600 1600 1600 1600 1600 F3 1600 (L3 VNI)
Number of VSI interfaces 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100
Number of encapsulation profiles 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4
Number of Bridge Domains / BDI 1600 1600 1600 (BD) 1600 1600 1600 (BD) 1600 1600 1600 (BD) 1600 1600 1600 1600 1600 1600 1600 1600 (BD)
Number of Remote VTEPs 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256 256
Numbers of IPv4 Host Routes 64000 64000 64000 64000 64000 64000 64000 64000 64000 64000 64000 64000 64000 64000 64000 64000 64000
Numbers of IPv6 Host Routes 32000 32000 32000 32000 32000 32000 32000 32000 32000 32000 32000 32000 32000 32000 32000 32000 32000
Number of Local VTEPs 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
Number of MAC Addresses 64000 64000 64000 64000 64000 64000 64000 64000 64000 64000 64000 64000 64000 64000 64000 64000 NA
Number of VRFs (VRF-Lite handoff) 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000
Number of VXLAN VRF (L3VNI) 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000
Number of VRFs (MPLS handoff) 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 NA
Number of OTV overlay interfaces 6 6 6 6
Number of VXLAN overlay interfaces 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1