Falha ao concluir a operação da política de Port ACL na porta. Excede o número máximo de entradas de ACL

0

No log de eventos do Windows:

Source: Hyper-V-VmSwitch
Error: Failed to complete Port ACL policy operation on port 42C1C0BA-BCDE-4741-9E57-C3EA0068B559 (Friendly Name: Dynamic Ethernet Switch Port) on switch 68976A1C-CE9C-402B-84DA-8D64347AD36E (Friendly Name: NAT) - Direction: Outgoing, Applicability: Remote, AclType: IPv4, Action: Deny, LocalAddress: '', LocalPrefixLength: 0, RemoteAddress: 'XXX.XX.XXX.0', RemotePrefixLength: 22. Reason: Exceeds maximum number of ACL entries.

Source: Hyper-V-VmSwitch
Error: Failed to complete operation 'Policy Add' on port 42C1C0BA-BCDE-4741-9E57-C3EA0068B559 (Friendly Name: Dynamic Ethernet Switch Port) on switch 68976A1C-CE9C-402B-84DA-8D64347AD36E (Friendly Name: NAT) Property Id {998bef4a-5d55-492a-9c43-8b2f5eae9f2b} Instance Id {18ed5508-ee81-484c-a3e7-26bb6a9a33e7}. Status = Insufficient quota exists to complete the operation

Source: Hyper-V-VMMS
Warning: Failed while applying switch port settings 'Ethernet Switch Port ACL Settings' on switch 'NAT': Not enough quota is available to process this command. (0x80070718).

Source: WMI-Activity
Error: ClientProcessId = 10964; Component = Unknown; Operation = Start IWbemServices::CreateInstanceEnum - root\virtualization\v2 : Msvm_VirtualSystemManagementService; ResultCode = 0x80041032; PossibleCause = Throttling Idle Tasks, refer to CIMOM regkey: ArbTaskMaxIdle

Precisamos adicionar apenas cerca de 8000 ACLs de saída para esse único comutador virtual.

Eu também apliquei essa correção:

$config = gwmi -Class "__ProviderHostQuotaConfiguration" -Namespace root
$config | select -Property * -ExcludeProperty __* | ft -AutoSize
$config.HandlesPerHost = 8*1024
$config.Put()

Após a reinicialização, obtivemos os mesmos erros.

Existe alguma maneira de aumentar o 'número máximo de entradas de ACL' permitido para o comutador virtual do Hyper-V?

    
por VAV 13.04.2018 / 04:14

0 respostas