Zoning Types - Cisco MDS 9000 Series Configuration Manual

Zoning Types

• When the TCAM usage crosses 80% in the module, direction, region, and forwarding engine listed, the
• When TCAM usage falls below the 80% threshold in the module, region, direction, and forwarding
• When the overall TCAM usage indicated in the forwarding engine crosses 60% in the module, direction,
• When the overall TCAM usage indicated in the forwarding engine falls below 60% in the module,
Use the show system internal acl tcam-usage command to display the ACLTCAM usage except for Cisco
MDS 9148S and MDS 9250i switches. For Cisco MDS 9148S and MDS 9250i switches, use the show system
internal acltcam-soc tcam-usage command.
If you see the TCAM usage alerting syslog messages, the zoning, port-channel port allocation, and analytics
configurations may need to be investigated. If TCAM usage reaches 100%, it is likely that some devices will
not be able to communicate with other devices that they are zoned with. Follow the recommendations listed
in this section to reduce the TCAM usage.
Zoning Types
The Cisco MDS platform uses two types of zoning - 'Hard' and 'Soft' zoning.
Soft zoning - In this mode only control plane traffic is policed by the switch supervisor services. In particular,
the Fibre Channel Name Server (FCNS) will limit the list of permitted devices in an FCNS reply to only those
that are in the zone configuration. However, the end device data plane traffic is unpoliced. This means a rogue
end device may connect to other devices it is not zoned with.
Hard zoning - In this mode both control plane and data plane traffic are policed. Control plane traffic is policed
by the switch supervisor and data plane traffic is policed on each ingress port with hardware assistance. The
policing rules are set by the zoneset which programmed into each linecard. The destination of each frame is
checked by hardware and, if it is not permitted by zoning, it is dropped. In this mode any device can only
communicate with end devices it is authorized to.
By default, both types of zoning are enabled, with hard zoning used in priority over soft zoning. In the event
that the user disables hard zoning or the system is unable to use hard zoning due to hardware resource exhaustion
it will be disabled and the system will fall back to use soft zoning
The following example shows how Cisco MDS programs TCAM on a port:
Cisco MDS 9000 Series Fabric Configuration Guide, Release 8.x
138
following system message is generated. This system message does not indicate that TCAM was exhausted
or any TCAM programming failed.
%ACLTCAM-SLOT1-4-REGION_RISING_THRESHOLD: ACL (region) (input | output) region usage
(num of in use entries of total entries) exceeded 80% on forwarding engine (num)
engine indicated, the following system message is generated. This system message does not indicate that
TCAM was exhausted or any TCAM programming failed.
%ACLTCAM-SLOT1-4-REGION_FALLING_THRESHOLD: ACL (region) (input | output) region usage
(num of in use entries of total entries) fell below 80% on forwarding engine (num)
and forwarding engine indicated, the following system message is generated:
%ACLTCAM-SLOT1-4-TOTAL_RISING_THRESHOLD: ACL total (input | output) usage (num of in
use entries of total entries) exceeded 60% on forwarding engine (num)
direction, and forwarding engine indicated, the following system message is generated:
%ACLTCAM-SLOT1-4-TOTAL_FALLING_THRESHOLD: ACL total (input | output) usage (num of in
use entries of total entries) fell below 60% on forwarding engine (num)
Configuring and Managing Zones