About the problem that the number of entries in the ACL of the Huawei 5700 vswitch is 0, disable weiacl

Source: Internet
Author: User

About the problem that the number of entries in the ACL of the Huawei 5700 vswitch is 0, disable weiacl

For a stream policy, you can add a count action to count packets matching the ACL. The matched in the display acl displays statistics on packets matching the master CPU, rather than the statistical count of the stream policy. Therefore, when a large number of packets matching the ACL are passed, the count of the command display acl is always 0. Some packets that match the ACL do not necessarily match the master CPU. Therefore, these packets are not counted.

Solution:

Statistic enable must be enabled under traffic behavior

Enable the traffic policy under the corresponding vlan in the acl entry

Test the number of ACLs in vlan 315:

1. traffic Configuration

Traffic classifier DB1 operator and

If-match ACLs DB-permit1

Traffic classifier DB2 operator and

If-match ACLs DB-deny1

Traffic classifier DB3 operator and

#

Traffic behavior deny

Deny

Statistic enable

Traffic behavior permit

Permit

Statistic enable

#

---------------------------------------------------------------------------

The difference between permit and deny on traffic behavior.

Permit indicates that the data is allowed according to the acl DB rules. If the database permits this permission, it is forbidden.

However, if deny is used, permit or deny in DB rules are discarded and not forwarded.

----------------------------------------------------------------------------

Traffic policy DB

Classifier DB1 behavior permit

Classifier DB2 behavior deny

2. enable policy in vlan 315

Vlan 315

Traffic-policy DB outbound

3. view the number of ACLs

Display traffic policy statistics vlan 315 outbound

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.