EasyManuals Logo

Cisco Nexus 1000V User Manual

Cisco Nexus 1000V
280 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #182 background imageLoading...
Page #182 background image
16-4
Cisco Nexus 1000V Troubleshooting Guide, Release 5.2(1)SV3(1.1)
OL-31593-01
Chapter 16 ACLs
Troubleshooting ACL Logging
• ACL Logging Troubleshooting Scenarios, page 16-5
Using the CLI to Troubleshoot ACL Logging on a VEM
The commands in this section will help you to troubleshoot ACL logging by examining ACL flows.
Viewing Current Flows
You can troubleshoot ACL logging by viewing the current flows on a VEM.
vemcmd show aclflows stats
EXAMPLE
The following example shows how to troubleshoot ACL logging:
[root@esx /]# vemcmd show aclflows stats
Current Flow stats:
Permit Flows: 1647
Deny Flows: 0
Current New Flows: 419 --- current new flows yet to be reported.
Viewing Active Flows
You can display all the active flows on a VEM.
vemcmd show aclflows [permit | deny]
If you do not specify permit or deny, the command displays both.
EXAMPLE
The following example shows how to display all the active flows on a VEM:
[root@esx /]# vemcmd show aclflows [permit | deny]
If SrcIP DstIP SrcPort DstPort Proto Direction Action Stats
Veth4 192.168.1.20 192.168.1.10 5345 8080 6 Ingress permit 1
Veth4 192.168.1.10 192.168.1.20 8080 5769 6 Egress permit 1
Veth4 192.168.1.20 192.168.1.10 6256 8080 6 Ingress permit 1
Veth4 192.168.1.10 192.168.1.20 8080 5801 6 Egress permit 1
Veth4 192.168.1.20 192.168.1.10 5217 8080 6 Ingress permit 1
Veth4 192.168.1.10 192.168.1.20 8080 57211 6 Egress permit 1
Veth4 192.168.1.10 192.168.1.20 8080 5865 6 Egress permit 1
Veth4 192.168.1.10 192.168.1.20 8080 5833 6 Egress permit 1
Veth4 192.168.1.20 192.168.1.10 5601 8080 6 Ingress permit 1
Veth4 192.168.1.10 192.168.1.20 8080 5705 6 Egress permit 1
Veth4 192.168.1.10 192.168.1.20 8080 5737 6 Egress permit 1
Veth4 192.168.1.20 192.168.1.10 5473 8080 6 Ingress permit 1
Veth4 192.168.1.20 192.168.1.10 57211 8080 6 Ingress permit 1
Flushing All ACL Flows
You can use the vemcmd flush aclflows command to detect any new flows that affect the VEM. Clear
all the existing flows, and then you can detect new flows that match any expected traffic. Syslog
messages are not sent when you do this action.

Table of Contents

Other manuals for Cisco Nexus 1000V

Preview: Configuration Guide
Configuration Guide96 pages
Preview: Deployment Guide
Deployment Guide49 pages
Preview: Installing Manual
Installing Manual26 pages
Preview: Datasheet
Datasheet8 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Nexus 1000V and is the answer not in the manual?

Cisco Nexus 1000V Specifications

General IconGeneral
TypeVirtual Switch
ManageableYes
NetFlowYes
SPANYes
ERSPANYes
Operating SystemCisco NX-OS
Form FactorVirtual
Hypervisor SupportVMware ESXi
FeaturesVXLAN
Security FeaturesPort Security, Private VLANs, ACLs

Related product manuals