No log de eventos do Windows:
Source: Hyper-V-VmSwitch
Error: Failed to complete Port ACL policy operation on port 42C1C0BA-BCDE-4741-9E57-C3EA0068B559 (Friendly Name: Dynamic Ethernet Switch Port) on switch 68976A1C-CE9C-402B-84DA-8D64347AD36E (Friendly Name: NAT) - Direction: Outgoing, Applicability: Remote, AclType: IPv4, Action: Deny, LocalAddress: '', LocalPrefixLength: 0, RemoteAddress: 'XXX.XX.XXX.0', RemotePrefixLength: 22. Reason: Exceeds maximum number of ACL entries.
Source: Hyper-V-VmSwitch
Error: Failed to complete operation 'Policy Add' on port 42C1C0BA-BCDE-4741-9E57-C3EA0068B559 (Friendly Name: Dynamic Ethernet Switch Port) on switch 68976A1C-CE9C-402B-84DA-8D64347AD36E (Friendly Name: NAT) Property Id {998bef4a-5d55-492a-9c43-8b2f5eae9f2b} Instance Id {18ed5508-ee81-484c-a3e7-26bb6a9a33e7}. Status = Insufficient quota exists to complete the operation
Source: Hyper-V-VMMS
Warning: Failed while applying switch port settings 'Ethernet Switch Port ACL Settings' on switch 'NAT': Not enough quota is available to process this command. (0x80070718).
Source: WMI-Activity
Error: ClientProcessId = 10964; Component = Unknown; Operation = Start IWbemServices::CreateInstanceEnum - root\virtualization\v2 : Msvm_VirtualSystemManagementService; ResultCode = 0x80041032; PossibleCause = Throttling Idle Tasks, refer to CIMOM regkey: ArbTaskMaxIdle
Precisamos adicionar apenas cerca de 8000 ACLs de saída para esse único comutador virtual.
Eu também apliquei essa correção:
$config = gwmi -Class "__ProviderHostQuotaConfiguration" -Namespace root
$config | select -Property * -ExcludeProperty __* | ft -AutoSize
$config.HandlesPerHost = 8*1024
$config.Put()
Após a reinicialização, obtivemos os mesmos erros.
Existe alguma maneira de aumentar o 'número máximo de entradas de ACL' permitido para o comutador virtual do Hyper-V?