CLI Guide

ManualsBrandsDell ManualsAccess PlatformsNetworking S3100 Series

371

372

373

374

375

376

377

378

379

380

in which you are creating the rule is applied to the

monitored interface.

Defaults

By default, 10 ACL logs are generated if you do not specify the threshold explicitly.

The default frequency at which ACL logs are generated is 5 minutes. By default,

flow-based monitoring is not enabled.

Command Modes ACCESS-LIST

Command History

This guide is platform-specific. For command information about other platforms,

see the relevant Dell Networking OS Command Line Reference Guide.

Version Description

9.8(2.0) Introduced on the S3100 series.

9.8(0.0P5) Introduced on the S4048-ON.

9.8(0.0P2) Introduced on the S3048-ON.

9.7(0.0) Introduced on the S6000–ON.

9.4(0.0) Added support for flow-based monitoring on the S4810,

S4820T, S6000, and Z9000 platforms.

9.5(0.1) Introduced on the Z9500.

9.3.0.0 Added support for logging of ACLs on the S4810, S4820T,

and Z9000 platforms.

Usage Information

When the configured maximum threshold is exceeded, generation of logs is

stopped. When the interval at which ACL logs are configured to be recorded

expires, the subsequent, fresh interval timer is started and the packet count for that

new interval commences from zero. If ACL logging was stopped previously

because the configured threshold is exceeded, it is re-enabled for this new interval.

If ACL logging is stopped because the configured threshold is exceeded, it is re-

enabled after the logging interval period elapses. ACL logging is supported for

standard and extended IPv4 ACLs, IPv6 ACLs, and MAC ACLs. You can configure

ACL logging only on ACLs that are applied to ingress interfaces; you cannot enable

logging for ACLs that are associated with egress interfaces.

You can activate flow-based monitoring for a monitoring session by entering the

flow-based enable command in the Monitor Session mode. When you enable this

capability, traffic with particular flows that are traversing through the ingress and

egress interfaces are examined and, appropriate ACLs can be applied in both the

ingress and egress direction. Flow-based monitoring conserves bandwidth by

monitoring only specified traffic instead all traffic on the interface. This feature is

particularly useful when looking for malicious traffic. It is available for Layer 2 and

Layer 3 ingress and egress traffic. You may specify traffic using standard or

extended access-lists. This mechanism copies all incoming or outgoing packets on

Access Control Lists (ACL)

373