How many ACL rules are allowed in Powerconnect 6224

Question

Hi All   Once Again after lots of disapoinment with this switch we decided to use and do some basic thing out of this box but now here comes another problem   today i was creating access-list and to my dismay after i enter 13 lines of acl it start giving me MAXIMUM rule reached? what does this mean? Named and advertised as enterprize class switch which can not even take more than 13 lines of acls am i doing some thing wrong here?   I couldn't find the way of importing acl from text file so i decided to type line by line as below   access-list vlan200 deny ip 172.16.60.0 0.0.3.255 10.0.21.0 0.0.0.255 access-list vlan200 deny ip 172.16.66.0 0.0.0.255 10.0.21.0 0.0.0.255 access-list vlan200 deny ip 172.16.71.0 0.0.0.255 10.0.21.0 0.0.0.255   Can any one tell me is that me who is doing something wrong or this switch should be taken out of enterprize class switch and named it as home office layer three switch.   Will appreciate your view   Thank you

stormytoad · Answer

On my 6224s and 6248s the maximum I can set per rule is 10.

I was also very disappointed to figure that out!

You can have up to 100 different access lists according to the manual. I figure I can apply two access lists to the same interface, but that will make administration more confusing.

Message Edited by stormytoad on 06-15-2007 03:20 PM

agurung · Answer

Thanks for sharing that and we now decided we are not going to buy dell switces for our server infrastructure any more. we may still by switches for our floor cabinets.   We did biggest mistake by buying dell switches this time we should have stick with HP or Cisco switches which we usually used for our server infrastructure.   Ohter disapointing is also documentation and support for the switches. we were not able to find any proper documentation e.g. DHCP we could not find any where it says this switches only supports one DHCP server, we had to find that after testing and trailing for a month.    I think Dell switches still have to walk fear bit before they can be counted as enterprize switches. that is how i feel any way    Thank yu

jpugsley · Answer

Confirmed that there is indeed a 10 Rule limit per ACL. After speaking with Technical Support they mentioned you can only apply a single ACL to an interface now. But in 1.0.2.4 Firmware release you will be able to apply more than one ACL to an interface. Which seems a pretty round-about way of defining a set of 74 rules from my end. I'll now need to manage 8 separate ACL's. Assuming this ability is indeed included in this new upcoming firmware release.   Pretty disappointing.   There are some features in these switches which I've found to be extremely useful, still while other basic functionality I've grown accustomed to is poorly implemented.   I agree with most folks on this forum that the support and documentation is pretty poor. Especially when compared to Cisco.   Anyway - Please implement a reasonable ACL capability which will allow a reasonable amount of Rules to be applied. If this switch is a Layer-3 Enteprise switch the firmware needs to offer such basics as robust ACLs.

agurung · Answer

Hi

Thanks again, after months of testing and trailing, (if we looked at time we spend cost of our time is actually more than switch itself) we finally decided we will never buy dell switches for our core network because it is simply not good enough. we have sent back the switches we bought and thanks to our account manager he was happy to take it back and credit us.

Now we have firmly applied policy which says "Never Never Dells switches for core network till Dell switches prove themselves of its worthiness" we have already order HP Switches and will stick with HP or Cisco for our core network for foreseeable future.

Thank you

Networking General

Was this post helpful?