Enabling acl duplication check, Acl accounting, Displaying accounting statistics for all acls – Brocade BigIron RX Series Configuration Guide User Manual

Page 714: Enabling acl, Duplication check

Advertising
background image

636

BigIron RX Series Configuration Guide

53-1002484-04

Enabling ACL duplication check

22

For a list of supported QoS ACL options refer to

“Using ACL QoS options to filter packets”

on

page 608

Enabling ACL duplication check

If desired, you can enable software checking for duplicate ACL entries. To do so, enter the following
command at the Global CONFIG level of the CLI.

BigIron RX(config)# acl-duplication-check-disable

Syntax: [no] acl-duplication-check-disable

This command is disabled by default.

ACL accounting

The BigIron RX monitors the number of times an ACL is used to filter incoming or outgoing traffic on
an interface.This feature is disabled by default.

To enable ACL accounting, enter a commnad such as the folllowing.

BigIron RX(config)# acl-accounting-enable

Syntax: [no] acl-accounting-enable

Use the no form of this command to disable ACL accounting.

The show access-list accounting command displays the number of “hits” or how many times ACL
filters permitted or denied packets that matched the conditions of the filters.

NOTE

ACL accounting does not tabulate nor display the number of Implicit denials by an ACL.

The counters that are displayed on the ACL accounting report are:

1s – Number of hits during the last second. This counter is updated every second.

1m – Number of hits during the last minute. This counter is updated every one minute.

5m – Number of hits during the last five minutes. This counter is updated every five minutes.

ac – Accumulated total number of hits. This counter begins when an ACL is bound to an
interface and is updated every one minute. This total is updated until it is cleared.

The accumulated total is updated every minute. For example, a minute after an ACL is bound to
a port, it receives 10 hits per second and continues to receive 10 hits per second. After one
minute, the accumulated total hits is 600. After 10 minutes, there will be 6000 hits.

The counters can be cleared when the device is rebooted, when an ACL is bound to or unbound
from an interface, or by entering a clear access-list command.

Displaying accounting statistics for all ACLs

To display a summary of the number of hits in all ACLs on a Multi-Service device, enter the following
command.

Advertising
Popular Brands
Popular manuals