KB.15.15

Example 12 Example of ACL Performance Monitoring

The following figure shows a sample of performance monitoring output for an IPv6 ACL assigned

as a VACL.

The following figure shows a sample of performance monitoring output for an IPv4 ACL assigned

as a VACL.

IPv6 Counter Operation with Multiple Interface Assignments

NOTE: The examples of counters in this section use small values to help illustrate counter operation.

The counters in real-time network applications are generally much more active and show higher

values.

Where the same IPv6 ACL is assigned to multiple interfaces, the switch maintains a separate

instance of each ACE counter in the ACL. When there is a match with traffic on one of the ACL's

assigned interfaces, only the affected ACE counters for that interface are incremented. Other

instances of the same ACL applied to other interfaces are not affected.

For example, suppose that:

• An ACL named "V6-01" is configured as shown in Figure 243 (page 334) to block Telnet

access to a workstation at FE80::20:2 on VLAN 20.

• The ACL is assigned as a PACL on port B2:

Figure 243 ACL "V6-01" and command for PACL assignment on port B2

334 IPv4 Access Control Lists (ACLs)