Filters, QoS, and Security

Table 1. Filters, QoS, and Security Maximums

Attribute

Product

Maximum number supported

For more information, see Filter Scaling.

Total IPv4 Ingress rules/ACEs (Port/VLAN/InVSN based, Security/QoS filters)

5320 Series

48-port models: 3,072

16- and 24-port models: 1024

5420 Series

2,048 Primary Bank

1,024 Secondary Bank

5520 Series

1,024 Primary Bank

512 Secondary Bank

5720 Series

5720MW Series models

Primary Bank: 3,072

Secondary Bank: 1,536

5720MXW Series models

Primary Bank: 4,096

Secondary Bank: 2,048

Total IPv4 Egress rules/ACEs (Port based, Security filters)

5320 Series

48-port models: 400, 144 if you enable the ipv6-egress-filter or macsec boot configuration flag

16- and 24-port models: 190, 62 if you enable the ipv6-egress-filter or macsec boot configuration flag

5420 Series

400

144 if you enable the ipv6-egress-filter or macsec boot configuration flag

5520 Series

336

80 if you enable the ipv6-egress-filter boot configuration flag

5720 Series

5720MW Series models:

2,982

1,446 if you enable the ipv6-egress-filter boot configuration flag

5720MXW Series models:

6,000

2,982 if you enable the ipv6-egress-filter boot configuration flag

Total IPv6 Ingress rules/ACEs (Port/VLAN/InVSN based, Security filters)

5320 Series

1,024

5420 Series

512

5520 Series

512

5720 Series

1,536 for 5720MW Series models

2,048 for 5720MXW Series models:

Total IPv6 egress rules/ACEs (Port based, Security filters)

5320 Series

48-port models: 256, 0 with MACsec

16- and 24-port models: 128, 0 with MACsec

5420 Series

256, 0 with MACsec

5520 Series

256

5720 Series

1,536 for 5720MW Series models

3,072 for 5720MXW Series models:

EAP (clients per port)
Note:

The total of EAP clients plus NEAP clients per port or per switch cannot exceed 8,192.

5320 Series

32

5420 Series

32

5520 Series

32

5720 Series

32

Table 2. NEAP Maximums

Product

Max # supported

Details

5320 Series

Note:

The total of EAP clients plus NEAP clients per port or per switch cannot exceed 8,192.

Note:

Resources are shared with Switched UNI Endpoints.

800

MACsec: NO

spbm-node-scaling bootflags: NO

Platform VLAN: N/A

800

MACsec: YES

spbm-node-scaling bootflags: NO

Platform VLAN: NO

700

MACsec: YES

spbm-node-scaling bootflags: NO

Platform VLAN: YES

400

MACsec: N/A

spbm-node-scaling bootflags: YES

Platform VLAN: N/A

5420 Series

800

MACsec: NO

spbm-node-scaling bootflags: NO

Platform VLAN: N/A

800

MACsec: YES

spbm-node-scaling bootflags: NO

Platform VLAN: NO

700

MACsec: YES

spbm-node-scaling bootflags: NO

Platform VLAN: YES

400

MACsec: N/A

spbm-node-scaling bootflags: YES

Platform VLAN: N/A

5520 Series

4,900

N/A

5720 Series

8192

N/A