Example of acl performance monitoring, Example of acl performance monitoring -95 – HP 6200YL User Manual

IPv6 Access Control Lists (ACLs)

Testing and Troubleshooting ACLs

ACE Counter Operation: For a given ACE in an assigned
ACL, the counter increments by 1 each time the switch detects
a packet that matches the criteria in that ACE, and maintains
a running total of the matches since the last counter reset.

For example, in ACL line 10 below, there has been a total of 37
matches on the ACE since the last time the ACL’s counters were
reset.

Total

(

37)

10 permit icmp ::/0 fe80::20:2/128 128

Notes: This ACL monitoring feature does not include hits on

the “implicit deny” that is included at the end of all ACLs.

Also, if the

show statistics command does not show any ACE

hit activity at first use, re-execute the command.

Resetting ACE Hit Counters to Zero:

• Removing an ACL from an interface zeros the ACL’s ACE

counters for that interface only.

• For a given ACL, either of the following actions clear the ACE

counters to zero for all interfaces to which the ACL is
assigned.

– adding or removing a permit or deny ACE in the ACL

– rebooting the switch

Example of ACL Performance Monitoring

Figure 8-41 shows a sample of performance monitoring output for an IPv6 ACL
assigned as a VACL.

8-95