Dell FCX624-S Laptop User Manual


  Open as PDF
of 1494
 
PowerConnect B-Series FCX Configuration Guide 583
53-1002266-01
Displaying ACL information
16
PowerConnect#show access-list 100
Extended IP access list 100 (hw usage : 2)
deny ip any any (hw usage : 1
The first command enables hardware usage statistics, and the second command displays the
hardware usage for IP access list 100.4
Syntax: show access-list hw-usage on | off
Syntax: show access-list <access-list-id> | all
By default, hardware usage statistics are disabled. To disable hardware usage statistics after is has
been enabled, use the show access-list hw-usage off command.
The <access-list-id> variable is a valid ACL name or number.
Displaying ACL information
To display the number of Layer 4 CAM entries used by each ACL, enter the following command.
Syntax: show access-list <ACL-num> | <ACL-name> | all
The Rule cam use field lists the number of CAM entries used by the ACL or entry. The number of
CAM entries listed for the ACL itself is the total of the CAM entries used by the ACL entries.
For flow-based ACLs, the Total flows and Flows fields list the number of Layer 4 session table flows
in use for the ACL.
The Total packets and Packets fields apply only to flow-based ACLs.
Troubleshooting ACLs
Use the following methods to troubleshoot ACLs:
To display the number of Layer 4 CAM entries being used by each ACL, enter the show
access-list <ACL-num> | <ACL-name> | all command. Refer to “Displaying ACL information”
on page 583.
To determine whether the issue is specific to fragmentation, remove the Layer 4 information
(TCP or UDP application ports) from the ACL, then reapply the ACL.
If you are using another feature that requires ACLs, either use the same ACL entries for filtering and
for the other feature, or change to flow-based ACLs.
PowerConnect#show access-list all
Extended IP access list 100 (Total flows: N/A, Total packets: N/A, Total rule cam
use: 3)
permit udp host 192.168.2.169 any (Flows: N/A, Packets: N/A, Rule cam use: 1)
permit icmp any any (Flows: N/A, Packets: N/A, Rule cam use: 1)
deny ip any any (Flows: N/A, Packets: N/A, Rule cam use: 1)