About the problem that the number of entries in the ACL of the Huawei 5700 vswitch is 0, disable weiacl

About the problem that the number of entries in the ACL of the Huawei 5700 vswitch is 0, disable weiacl

For a stream policy, you can add a count action to count packets matching the ACL. The matched in the display acl displays statistics on packets matching the master CPU, rather than the statistical count of the stream policy. Therefore, when a large number of packets matching the ACL are passed, the count of the command display acl is always 0. Some packets that match the ACL do not necessarily match the master CPU. Therefore, these packets are not counted.

Solution:

Statistic enable must be enabled under traffic behavior

Enable the traffic policy under the corresponding vlan in the acl entry

Test the number of ACLs in vlan 315:

1. traffic Configuration

Traffic classifier DB1 operator and

If-match ACLs DB-permit1

Traffic classifier DB2 operator and

If-match ACLs DB-deny1

Traffic classifier DB3 operator and

#

Traffic behavior deny

Deny

Statistic enable

Traffic behavior permit

Permit

Statistic enable

#

---------------------------------------------------------------------------

The difference between permit and deny on traffic behavior.

Permit indicates that the data is allowed according to the acl DB rules. If the database permits this permission, it is forbidden.

However, if deny is used, permit or deny in DB rules are discarded and not forwarded.

----------------------------------------------------------------------------

Traffic policy DB

Classifier DB1 behavior permit

Classifier DB2 behavior deny

2. enable policy in vlan 315

Vlan 315

Traffic-policy DB outbound

3. view the number of ACLs

Display traffic policy statistics vlan 315 outbound