When insufficient resources are available

The switch has ample resources for configuring features and supporting:
  • RADIUS-authenticated clients (with or without the optional IDMapplication)

  • VT and blocking on individual clients.


Virus throttling does not operate on IPv6 traffic.

If the resources supporting these features become fully subscribed:
  • The current feature configuration, RADIUS-authenticated client sessions, and VT instances continue to operate normally.

  • The switch generates an event log notice to say that current resources are fully subscribed.

  • Currently engaged resources must be released before any of the following actions are supported:
    • Modifying currently configured ACLs, IDM, VT, and other software features, such as Management VLAN, DHCP snooping, and dynamic ARP protection.

      You can modify currently configured classifier-base QoS and mirroring policies if a policy has not been applied to an interface. However, sufficient resources must be available when you apply a configured policy to an interface.

    • Acceptance of new RADIUS-based client authentication requests (displayed as a new resource entry for IDM.)

      Failure to authenticate a client that presents valid credentials may indicate that insufficient resources are available for the features configured for the client in the RADIUS server. To troubleshoot, check the event log.

    • Throttling or blocking of newly detected clients with high rate-of-connection requests (as defined by the current VT configuration.)

      The switch continues to generate Event Log notifications (and SNMP trap notification, if configured) for new instances of high-connection-rate behavior detected by the VT feature.