CISCO Nexus 3600 Series Top of Rack Platforms User Guide

Nexus 3600 Series Top of Rack Platforms

Specifications

Product: Cisco Nexus 3600 Series NX-OS Verified
Scalability Guide

Release: 9.3(14)

Models: N3K-C3636C-R, N3K-C36180YC-R

Product Information

This document provides the verified scalability limits for the
Cisco Nexus 3600 1U Top of Rack platforms, including specific
configuration limits for the mentioned models. The values listed
are validated by Cisco and are subject to increase with future
testing and validation.

Product Usage Instructions

Verified Scalability Limits (Unidimensional)

The verified scalability limits for various features are
provided in tables for Cisco NX-OS Release 9.3(14). These limits
are validated for a unidimensional configuration, focusing on the
scalability of individual features.

Interfaces Verified Scalability Limits

Table 1 outlines the verified scalability limits for features
such as DHCP servers/relay IPs, MAC addresses, port channel member
links, SVIs, and vPCs.

Label Switching Verified Scalability Limits

Table 2 presents the verified limits for LDP sessions, FECs, and
ECMPs in a unidimensional setup.

Layer 2 Switching Verified Scalability Limits

Table 3 displays the scalability limits for MAC addresses, MST
instances, VLANs, and more in a unidimensional configuration.

Layer 3 Multicast Verified Scalability Limits

Table 4 provides details on IPv4 multicast routes, PIM
neighbors, MVPN settings, and other multicast-related limits.

Security Verified Scalability Limits

Table 5 lists the verified scalability limits for security
features like IPv4 ingress and egress access control entries, ACLs,
RACLs, and system ACLs.

FAQ

What should I do if I encounter scalability issues beyond the

verified limits?

If you face scalability challenges exceeding the validated
limits, consider optimizing your configuration or reaching out to
Cisco support for further assistance.

Cisco Nexus 3600 Series NX-OS Verified Scalability Guide, Release 9.3(14)
Introduction 2 Verified Scalability Limits (Unidimensional) 2 Verified Scalability Limits (Multidimensional) 7

Revised: September 17, 2024,
Introduction
This document describes the Cisco NX-OS configuration limits for the Cisco Nexus 3600 1U Top of Rack platforms, N3K-C3636C-R, and N3K-C36180YC-R. The values provided in this guide should not be interpreted as theoretical system limits for Cisco Nexus 3600 platform hardware or Cisco NX-OS software. These limits refer to values that have been validated by Cisco. They can increase over time as more testing and validation is done.

Note All the limits are for the N3K-C36180YC-R TOR. The values specific to N3K-C3636C-R are indicated against the specific limit and the table.

Verified Scalability Limits (Unidimensional)
The tables in this section list the verified scalability limits for Cisco NX- OS Release 9.3(14). These limits are validated with a unidimensional configuration. The values provided in these tables focus on the scalability of one particular feature at a time.
Each number is the absolute maximum currently supported by this Cisco NX-OS release for the corresponding feature. If the hardware is capable of a higher scale, future software releases might increase this verified maximum limit. Results might differ from the values listed here when trying to achieve maximum scalability with multiple features enabled.
Table 1: Interfaces Verified Scalability Limits (Unidimensional)

Feature DHCP servers/relay IPs per switch MAC address – table limit per port MAC address – table system, VLAN limit Port channel member links SVIs vPCs
1 This limit has not been tested
Table 2: Label Switching Verified Scalability Limits (Unidimensional)

Verified Limit 5 (IPv4) + 5 (IPv6)1 2,000 – (Nexus 3636C-R and 36180YC-R switches) 2,000 – (Nexus 3636C-R and 36180YC-R switches) 32 3967 48

Feature LDP sessions Forwarding Equivalence Classes (FECs) Equal-cost multipaths (ECMPs)

Verified Limit 200 1,000 8

2

Feature FECs ECMPs IAS option B labels Layer 3 VPN routes ECMPs
Table 3: Layer 2 Switching Verified Scalability Limits (Unidimensional)
Feature MAC addresses (default template) MAC addresses (L2-scale template) MST instances MST virtual ports RPVST virtual ports VLANs VLANs in RPVST mode
Table 4: Layer 3 Multicast Verified Scalability Limits (Unidimensional)
Feature IPv4 multicast routes Outgoing interfaces (OIFs) PIM neighbors SVI IGMP snooping groups MVPN- unidimensional Multicast VRFs Default MDT groups MVPN Peers (PIM neighbors) per device
Table 5: Security Verified Scalability Limits (Unidimensional)
Feature IPv4 ingress access control entries (ACEs)

Verified Limit 4,000 450,000 100,000 2,000
Verified Limit 196,000 384,000 64 218,185 13,750 3,967 250
Verified Limit 32,000 (Layer 3) 16 OIFs for 32K mroutes or 287 OIFs for 1000 mroutes 500 50-60 8000
100 (N3K-C3636C-R and N3K-C36180YC-R) 100 (N3K-C3636C-R and N3K-C36180YC-R) 100 (N3K-C3636C-R and N3K-C36180YC-R)
Verified Limit RACL-2000, PACL-1024 (without TCAM Carving)

3

Feature IPv6 ingress access control entries (ACEs) ACL Egress ACLs RACLs System ACLs

Verified Limit
RACL-1000, PACL-1024 (without TCAM Carving) 12,000 (with TCAM Carving) 20,000 (N3K-C3636C-R and N3K-C36180YC-R) 4,000 (N3K-C3636C-R and N3K-C36180YC-R) 4,000 TCAM entries in internal TCAM and 64,000 TCAM entries in external TCAM (N3K-C3636C-R and N3K-C36180YC-R)

Table 6: System Management Verified Scalability Limits (Unidimensional)

Feature

Verified Limit

SPAN and ERSPAN

Configurable SPAN or ERSPAN sessions

32

Active SPAN or ERSPAN sessions

32

Active localized SPAN or ERSPAN session per line card

32 sessions across ports on single line card

Active localized SPAN or ERSPAN session (Rx and Tx, Rx, or 32 sessions, 128 sources and 1 destination Tx)

Destination interfaces per SPAN session

1

Source VLANs per SPAN or ERSPAN

6

Table 7: Layer 3 Unicast Routing Verified Scalability Limits (Unidimensional) – For Default system routing template

Feature BFD sessions (echo mode)
BGP neighbors HSRP groups IPv4 ARP IPv4 host routes IPv6 host routes IPv6 ND IPv4 unicast routes (LPM) IPv6 unicast routes (LPM)

Verified Limit 288 100 MHBFD sessions (N3K-C3636C-R and N3K-C36180YC-R) 256 498 75,000 750,000 62,000 32,000 192,000 62,000

4

Feature OSPFv2 neighbors OSPFv3 neighbors OSPF/OSPFv3 LSA/LSDB size OSPF/OSPFv3 areas VRFs VRRP VRRP groups per interface or I/O module

Verified Limit 1,000 1,000 250,000 15 3,967
15

Table 8: Layer 3 Unicast Routing Verified Scalability Limits (Unidimensional) – For Internet-peering system routing template

Feature Routes (internet-peering mode) IPv4 routes (internet-peering mode) IPv6 routes (internet-peering mode)

Verified Limit 852000 781000 71000

Table 9: HSRP Verified Scalability Limits (Unidimensional)

Feature

Verified Limit

Groups with default timers (3s/10s) and multiple group

7,928

optimization. [There are 2 primary, one for IPv4 and the other for

IPv6, and 7926 secondary]

Groups with aggressive timers (1s/3s) and multiple groups

7,928

optimization. [There are 2 primary, one for IPv4 and the other for IPv6, and 7926 secondary]2

Groups per interface or I/0 module

Maximum 16 (Because 16 is the unique virtual MAC address limit)

2 If the user has Multi-protocol configuration, user should configure appropriate COPP policies so as to avoid any control plane traffic drops.

Table 10: VXLAN Verified Scalability Limits (Unidimensional)

Feature

Verified Limit 3

IGMP snooping over VXLAN VXLAN VLANs

1,000

VTEP peers

256

5

Feature

Verified Limit 3

Underlay multicast groups

128

VXLAN Flood and Learn Virtual network identifiers (VNIs) or VXLAN-mapped VLANs Not applicable

Virtual network identifiers (VNIs) or VXLAN-mapped VLANs Not applicable

Underlay multicast groups.

Not applicable

Overlay MAC addresses

Not applicable

Remote VXLAN tunnel endpoints (VTEPs)

Not applicable

Ingress replication peers

Not applicable

Ingress replication Layer 2 VNIs

Not applicable

MAC addresses for ingress replication

Not applicable

Port VLAN translations under an interface

Not applicable

Port VLAN translations in a switch

Not applicable

Static MAC addresses pointing to a remote VTEP

Not applicable

VXLAN VLAN logical port VP count

Not applicable

VXLAN VLANs per FEX port (host interface)

Not applicable

Layer 2 routed VNIs for vPC-centralized gateway

Not applicable

IGMP groups

Not applicable

VXLAN BGP eVPN Layer 2 VNIs

2,000

Xconnect VLANs

Not applicable

SVI with Distributed Anycast Gateway; Layer 2 VNI extended 2,000

Layer 3 VNIs / VRFs

900

Underlay multicast groups

128

VTEPs

256

MAC addresses

90,000

IPv4 host routes

350,000

IPv6 host routes

48,000

Overlay IPv4 LPM routes

180,000

6

Feature

Verified Limit 3

Overlay IPv6 LPM routes

48,000

VXLAN VLAN logical port VP count

Not applicable

VXLAN VLANs per FEX port (host interface)

Not applicable

IGMP groups

8192

VXLAN BGP eVPN Ingress Replication Layer 2 VNIs

Not applicable

Xconnect VLANs

Not applicable

SVI with Distributed Anycast Gateway; Layer 2 VNI extended Not applicable

Layer 3 VNIs / VRFs

Not applicable

VTEPs

Not applicable

MAC addresses

Not applicable

IPv4 host routes

Not applicable

IPv6 host routes

Not applicable

Overlay IPv4 LPM routes

Not applicable

Overlay IPv6 LPM routes

Not applicable

VXLAN VLAN logical port VP count

Not applicable

VXLAN VLANs per FEX port (host interface)

Not applicable

IGMP groups

Not applicable

3 For Cisco Nexus 3636C-R and Cisco Nexus 36180YC-R switches

Verified Scalability Limits (Multidimensional)
The tables in this section list the verified scalability limits for Cisco NX- OS Release 9.3(14). These limits are validated with a multidimensional configuration. The values provided in these tables focus on the scalability of one particular feature at a time.
Each number is the absolute maximum currently supported by this Cisco NX-OS release for the corresponding feature. If the hardware is capable of a higher scale, future software releases might increase this verified maximum limit. Results might differ from the values listed here when trying to achieve maximum scalability with multiple features enabled.

Attention These numbers are not the maximum verified values if each feature is viewed in isolation. For these numbers, see the “Verified Scalability Limits” section.

7

Table 11: MSDC Profile Verified Scalability Limits (Multidimensional)
Feature Number of 100G ports
vPC port channels ISIS IPv4 /32 unicast routes ISIS IPv6 /128 unicast routes Multicast IPv4 SSM VRF IPv4/IPv6 PIM neighbors IGMP snooping database entries VRRP v4 and v6 Multicast SSM HSRP v4 and v6 SVI Sub-interfaces MAC BGP IPv4/IPv6 VLSM routes BGP IPv4/IPv6 Unicast routes ECMP SPAN sessions
Table 12: MPLS Verified Scalability Limits (Multidimensional)
Feature MPLS Layer 3 VPN VPE PE nodes PE routes ACL (IPv4) ACL (IPv6)

Verified Limit 6 36 (N3K-C3636C-R) 10 1,291 1,291 10,000 100 100 240 1,000 vlans 10,000 1,000 vlans 100 (N3K-C3636C-R) 100 (N3K-C3636C-R) 1000 (N3K- C3636C-R) 1000 (N3K-C3636C-R) 10,000 (N3K-C3636C-R) 16-way Upstream (N3K- C3636C-R) 1 local SPAN session (N3K-C3636C-R)
Verified Limit 3,715 3,715 Nil Nil 1,100 440

8

Feature HSRP and IPv6 VIP vPC uRPF Strict uRPF VRF SVI Layer 3 VPN routes IP ECMP MPLS LSR ECMP VPN IPv4 routes VPN IPv6 routes EBGP neighbors

Verified Limit 3.715 each for v4 and v6 Nil Yes 3,715 3,715 <500 <500 65,000 25,000 Nil

Table 13: Layer 2/Layer 3 TOR Boundary Verified Scalability Limits (Multidimensional)

Feature ECMP vPC port channels OSPFv2 neighbors OSPFv3 neighbors OSPF IPv4 /32 unicast routes OSPF IPv4 VLSM unicast routes OSPF IPv6 /128 unicast routes OSPF IPv6 VLSM unicast routes BFD sessions
VLAN SVI
Sub-interfaces VRRP IPv4 groups

Verified Limit 16-way (Upstream) 44 16 16 45,000 1,000 25,000 1,000 230 100 MHBFD sessions (N3K-C3636C-R and N3K-C36180YC-R) 1,250 1,000 1250 (N3K- C3636C-R) 250 per interface and 500 across the system (N3K-C3636C-R) 1,000 VRRS / 8 VRRPv3

9

Feature VRRP IPv6 groups PIM neighbors IPv4 (*,G) multicast routes IPv4 (S,G) multicast routes IGMP snooping database entries Sflow enabled interfaces
UDLD enabled interfaces
SPAN sessions MVR VLANs MVR receiver ports MVR multicast groups MAC Q-in-Q tunnel ports RSTP VLANS (tunneled over L2PT)

Verified Limit 1,000 VRRS / 8 VRRPv3 230 300 2,320 6,300 63 45 (N3K-C3636C-R) 65 48 (N3K-C3636C-R) 1 local SPAN session 250 10 1,000 20,000 (N3K-C3636C-R) 26 3,960

Table 14: Layer 2/Layer 3 Spine Boundary (for N3K-C3636C-R) Verified Scalability Limits (Multidimensional)

Feature Number of 100G ports Number of 10G ports ECMP vPC port channels OSPFv2 neighbors OSPFv3 neighbors OSPF IPv4 /32 unicast routes OSPF IPv4 VLSM unicast routes OSPF IPv6 /128 unicast routes OSPF IPv6 VLSM unicast routes

Verified Limit 36 36 x 4 (Breakout) 16-way (Upstream) 40 100 100 45,000 1,000 25,000 1,000

10

Feature BFD sessions
VLAN SVI Sub-interfaces VRRP IPv4 groups VRRP IPv6 groups HSRP IPv4 HSRP IPv6 PIM neighbors IPv4 (*,G) multicast routes IPv4 (S,G) multicast routes IGMP snooping database entries sFlow enabled interfaces UDLD enabled interfaces SPAN sessions MAC
Table 15: Segment Routing Verified Scalability Limits (Multidimensional)
Feature LACP LACP members eBGP IPv6 neighbors eBGP IPv4 LU neighbors IPv4 (LU) routes IPv4 (LU) paths IPv6 routes IPv6 paths

Verified Limit 280 100 MHBFD sessions (N3K-C3636C-R and N3K-C36180YC-R) 3,967 3,967 250 per interface and 511 across system 1,996 VRRS / 4 VRRPv3 1,996 VRRS / 4 VRRPv3 1,743 Secondary Groups / 7 Primary Groups 1,743 Secondary Groups / 7 Primary Groups 230 2,000 30,000 6,300 45 48 1 local SPAN session 50,000
Verified Limit 26 1 or 4 25 24 1,537 6,987 1,486 6,915

11

Feature SR ECMP (max) MPLS HW entries

Verified Limit 18 6,868

Table 16: Segment Routing (for N3K-C3636C-R) Verified Scalability Limits (Multidimensional)

Feature VLAN SVI MAC entries ARP entries HSRPv4, HSRPv6 VIPs LACP LACP members eBGP IPv6 neighbors eBGP IPv4 neihbors IPv4 (LU) routes IPv4 (LU) paths IPv6 routes IPv6 paths SR ECMP MPLS HW entries

Verified Limit 100 100 10,000 70 100, 100 3 4 2 2 6,848 8,187 6,640 7,975 2 2,682

Table 17: VXLAN Profile Verified Scalability Limits (Multidimensional)
Feature Number of ports ECMP BGP neighbors BGP EVPN Layer 2 VPN host routes BGP IPv4 VLSM unicast routes or ospf BGP IPv6 VLSM unicast routes or ospf

Verified Limit 16 8-way (Upstream) 2 60,000 10,000 2,000

12

Feature BFD sessions PIM neighbors IPv4 (*,G) multicast routes (co-existing) IPv4 (S,G) multicast routes (co-existing) Layer 3 VNI Layer 2 VNI Local VTEP Remote VTEPs VLAN SVI MAC vPC hosts

Verified Limit 10 10 4,000 2,000 100 400 1 205 400 100 80,000 1

13

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE- NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (https://www.openssl.org/)
This product includes software written by Tim Hudson (tjh@cryptsoft.com).
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: https://www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
© 2024 Cisco Systems, Inc. All rights reserved.

Americas Headquarters Cisco Systems, Inc. San Jose, CA 95134-1706 USA

Asia Pacific Headquarters CiscoSystems(USA)Pte.Ltd. Singapore

Europe Headquarters CiscoSystemsInternationalBV Amsterdam,TheNetherlands

Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco Website at www.cisco.com/go/offices.

Read User Manual Online (PDF format)

Read User Manual Online (PDF format)  >>

Download This Manual (PDF format)

Download this manual  >>