15-83
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
OL-8978-04
Chapter 15 Configuring Access Control
Configuring ACL Statistics
Enabling ACL Statistics on a Per-ACL Basis
Note The ARP entry statistics collection is always enabled because the ARP ACE entry is added after the ACL
merge and is always the first ACE in the TCAM list.
Enter the set security acl statistics {acl_name | all} command to enable the aggregated ACL statistics
on a per-ACL basis or for all ACLs. In the aggregated statistics mode, the statistics are enabled for all
the ACEs in the specified ACL. This command is effective only after you enter the commit command to
commit all ACEs to NVRAM.
Note The set security acl statistics {acl_name | all} command overwrites the per-ACE command, set
security acl ip/mac acl_name … [statistics].
Note The aggregated statistics mode disables the merge optimization and can result in a larger number of
ACEs. In some cases, an ACL that was previously installed in the TCAM, might not fit in the TCAM
after the aggregated statistics mode is enabled.
To enable the aggregated ACL statistics on a per-ACL basis, perform this task in privileged mode:
This example shows how to enable the aggregated ACL statistics on a per-ACL basis:
Console> (enable) set security acl statistics ACL1
ACL1 editbuffer modified. Use 'commit' command to save changes.
Console> (enable) commit security acl ACL1
ACL commit in progress.
ACL 'ACL1' successfully committed.
Console> (enable)
Console> (enable) show security acl info ACL1
set security acl ip ACL1 statistics
---------------------------------------------------
arp permit
1. permit ip any any
Console> (enable)
Task Command
Enable the aggregated ACL statistics
on a per-ACL basis.
set security acl statistics {acl_name | all}
To Next Page
Loading...
Need help?
General