Optimizing rule consumption

XX-Series rev. 2 devices support up to 511 “one port to one port” rules, or “interface links”. Each rule can contain one or more interface links.

To evaluate the number of actual hardware entries used by a rule, we can multiply the number of input and output ports.

In the case of a load balancing group used as output, we can use the number of ports that belong to that group.

Users can create as many rules as necessary within the XX-Series rev. 2 GUI, however, when applying a rule set, the system will validate the number of interface link combinations specified in the rule set. If these exceed the device's limitations, the system will prevent the rules from being applied and will notify the user with an error message.

The following is a step-by-step guide using an example scenario for optimizing the use of interface links.

Example scenario




  • Rule 1: input ports 1, 2, 3, 4, 5, output ports 6, 7, 8, any filters;
  • Rule 2: input ports 1, 2, 3, 4, 5, output ports 6, 7, 8, any filters;
  • Rule 3: input ports 1, 2, 3, 4, 5, output ports 6, 7, 8, any filters;
  • Rule 4: input ports 1, 2, 3, 4, 5, output ports 6, 7, 8, any filters;
  • Rule 5: input ports 1, 2, 3, 4, 5, output ports 6, 7, 8, any filters;
  • Rule 6: input ports 1, 2, 3, 4, 5, output ports 6, 7, 8, any filters;
  • Rule 7: input ports 1, 2, 3, 4, 5, output ports 6, 7, 8, any filters;
  • Rule 8: input ports 1, 2, 3, 4, 5, output ports 6, 7, 8, any filters;
  • Rule 9: input ports 1, 2, 3, 4, 5, output ports 6, 7, 8, any filters;
  • Rule 10: input ports 1, 2, 3, 4, 5, output ports 6, 7, 8, any filters.

Each rule above consumes 5 x 3 = 15 interface links. In total, 150 interface links are consumed.

Input port aggregation




We can aggregate the input ports into a single port and modify the current rules' input ports.

First, we physically loop two ports with a cable. In this example, we will use ports 51 and 52.

The following is the new version of our traffic rules. We have replaced the input ports used previously with a single input port where the aggregated traffic will be arriving on, and added rule 11 for aggregating the input traffic.

  • Rule 1: input port 52, output ports 6, 7, 8, any filters;
  • Rule 2: input port 52, output ports 6, 7, 8, any filters;
  • Rule 3: input port 52, output ports 6, 7, 8, any filters;
  • Rule 4: input port 52, output ports 6, 7, 8, any filters;
  • Rule 5: input port 52, output ports 6, 7, 8, any filters;
  • Rule 6: input port 52, output ports 6, 7, 8, any filters;
  • Rule 7: input port 52, output ports 6, 7, 8, any filters;
  • Rule 8: input port 52, output ports 6, 7, 8, any filters;
  • Rule 9: input port 52, output ports 6, 7, 8, any filters;
  • Rule 10: input port 52, output ports 6, 7, 8, any filters;
  • Rule 11: input ports 1, 2, 3, 4, 5, output port 51, no filters.

Note that the rule order is not important. Rules run simultaneously.

The new interface link consumption is now:

  • Rules 1 to 10: 1 x 3 = 3 each, 3 x 10 = 30 in total;
  • Rule 11: 5 x 1 = 5.

In total, 35 interface links are now consumed.

Output port aggregation




We can go further and aggregate the outputs as well. We will use ports 53 and 54 for this. We physically loop ports 53 and 54 with a cable.

The following is the new version of our traffic rules. We have replaced the output ports used previously with a single output port where the aggregated traffic will be sent to, and added rule 12 for duplicating the output traffic.

  • Rule 1: input port 52, output port 53, any filters;
  • Rule 2: input port 52, output port 53, any filters;
  • Rule 3: input port 52, output port 53, any filters;
  • Rule 4: input port 52, output port 53, any filters;
  • Rule 5: input port 52, output port 53, any filters;
  • Rule 6: input port 52, output port 53, any filters;
  • Rule 7: input port 52, output port 53, any filters;
  • Rule 8: input port 52, output port 53, any filters;
  • Rule 9: input port 52, output port 53, any filters;
  • Rule 10: input port 52, output port 53, any filters;
  • Rule 11: input ports 1, 2, 3, 4, 5, output port 51, no filters;
  • Rule 12: input port 54, output ports 6, 7, 8, no filters.

The new interface link consumption is now:

  • Rules 1 to 10: 1 each, 1 x 10 = 10 in total;
  • Rule 11: 5 x 1 = 5;
  • Rule 12: 1 x 3 = 3.

In total, 18 interface links are now consumed.

Conclusion

Optimizing rule consumption in the way described in this article can help avoid reaching the hardware limit of the device. However, it does require using additional physical ports for looping the traffic. You will have to determine when to use this process depending on your particular situation.

  • Last modified: November 13, 2025

© 2025 Profitap HQ B.V. and its licensors. All Rights Reserved — Profitap HQ B.V., High Tech Campus 84, 5656 AG Eindhoven, The Netherlands | Privacy Policy | Terms and Conditions