beautypg.com

Acl accounting, Enabling or disabling acl accounting, Resetting acl counters – Brocade Network Advisor SAN + IP User Manual v12.3.0 User Manual

Page 944

background image

872

Brocade Network Advisor SAN + IP User Manual

53-1003155-01

ACL Accounting

21

ACL Accounting

NOTE

ACL accounting is only supported on Ethernet router, Ethernet core router, or Ehternet Backbone
router products running 5.4 or later.

Ethernet router, Ethernet core router, or Ehternet Backbone router products monitor the number of
times an ACL is used to filter incoming or outgoing traffic on an interface. When ACL rules are
configured, ACL accounting enables you to perform the following functions:

Diagnostics — Track the number of hits to the ACL rule by the flowing packets going to the
destination IP, Flood VLAN, Port, or LAG. This enables you to determine if the configured ACL
rules are working correctly.

Traffic Pattern — Track the number of hit transmit and receive statistics flowing from a
particular source to the destination. This enables you to determine if the traffic is as expected
or if it needs to be reconfigured.

On demand statistics collection — Filter data from the product based on a counter (1 second,
1 minute, 5 minutes, and cumulative).

Multiple port hit statistics — Aggregate statistics for multiple ports based on filtered ports and
selected counter.

Enabling or disabling ACL accounting

1. Select an Ethernet router, Ethernet core router, or Ehternet Backbone router product and select

Configure > Security > ACL Accounting.

The ACL Accounting dialog box displays and obtains the ACL accounting status from product.

If ACL accounting is enabled, the Disabled option is selected.

If ACL accounting is disabled, the Enabled option is selected.

2. Click OK on the ACL Accounting dialog box.

Resetting ACL counters

NOTE

Counters are automatically cleared when you reboot the product.

Counters, which are stored in the hardware, track of the number of times an ACL filter is used. ACL
accounting counters include:

1 second — Number of hits during the last second. This counter is updated every second.

1 minute — Number of hits during the last minute. This counter is updated every minute.

5 minutes — Number of hits during the last five minutes. This counter is updated five minutes.

Cumulative — Total number of accumulated hits. This counter begins when an ACL is bound to
an interface and is updated every minute until it is cleared.

1. Select an Ethernet router, Ethernet core router, or Ehternet Backbone router product and select

Configure > Security > ACL Accounting.

The ACL Accounting dialog box displays.