No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Command Reference

CloudEngine 8800, 7800, 6800, and 5800 V200R002C50

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ACL-based Simplified Traffic Policy Commands

ACL-based Simplified Traffic Policy Commands

NOTE:

The CE6880EI does not support ACL-based Simplified Traffic Policy.

display traffic-statistics

Function

The display traffic-statistics command displays ACL-based traffic statistics on the device.

Format

For non-CE6870EI switches:

display traffic-statistics { global [ slot slotid ] | vlan vlan-id | interface interface-type interface-number | qos group group-id } [ inbound | outbound ] [ rule-base ]

For CE6870EI switches:

display traffic-statistics { vlan vlan-id | interface interface-type interface-number | qos group group-id } [ inbound | outbound ] [ rule-base ]

display traffic-statistics global [ slot slotid ] [ inbound ] [ rule-base ]

Parameters

Parameter

Description

Value

global

Displays statistics on packets matching a specified ACL in the system.

-

slot slotid

Displays statistics on packets matching a specified ACL in the system. slot-id specifies the stack ID.

The value is an integer.You can enter the question mark (?) and select the value as prompted.

vlan vlan-id

Displays ACL-based traffic statistics in a specified VLAN.

The value is an integer that ranges from 1 to 4094.

interface interface-type interface-number

Displays ACL-based traffic statistics on a specified interface.
  • interface-type specifies the interface type.
  • interface-number specifies the interface number.

-

qos group group-id

Displays ACL-based traffic statistics in a specified QoS group.

The value is a string of 1 to 31 case-sensitive characters without spaces and must start with a letter.

inbound

Displays ACL-based traffic statistics in the inbound direction.

-

outbound

Displays ACL-based traffic statistics in the outbound direction.

-

rule-base

Displays statistics on packets matching a specified ACL rule. If this parameter is specified, the statistics on packets matching each rule are displayed.

-

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

The display traffic policy statistics command displays ACL-based traffic statistics. The command output helps you determine forwarded and discarded packets matching an ACL and locate faults.

Prerequisites

The ACL-based traffic statistics function has been enabled using the traffic-statistics command.

Example

# Display ACL-based traffic statistics in the inbound direction of VLAN 10.

<HUAWEI> display traffic-statistics vlan 10 inbound
Inbound(IPv4):                                                                        
--------------------------------------------------------------------------------
 Slot: 1                                                                        
 Item                  Packets                Bytes           pps           bps 
 -------------------------------------------------------------------------------
 Matched                     0                    0             0             0 
  Passed                     0                    0             0             0 
  Dropped                    0                    0             0             0 
   Filter                    0                    0             0             0 
   CAR                       0                    0             0             0 
 -------------------------------------------------------------------------------
Inbound(IPv6):                                                                        
--------------------------------------------------------------------------------
 Slot: 1                                                                        
 Item                  Packets                Bytes           pps           bps 
 -------------------------------------------------------------------------------
 Matched                     0                    0             0             0 
  Passed                     0                    0             0             0 
  Dropped                    0                    0             0             0 
   Filter                    0                    0             0             0 
   CAR                       0                    0             0             0 
 -------------------------------------------------------------------------------

# Display statistics on packets matching a specified ACL rule in the inbound direction of VLAN 10.

<HUAWEI> display traffic-statistics vlan 10 inbound rule-base
Inbound(Ipv4):                                                                        
--------------------------------------------------------------------------------
  Slot: 1                                                                       
  ------------------------------------------------------------------------------
  ACL 3000, rule 15 permit tcp source-port eq ftp-data destination-port eq 30   
  Passed Packets                       0, Passed Bytes                       0  
  Passed pps                           0, Passed bps                         0  
  Dropped Packets                      0, Dropped Bytes                      0  
  Dropped pps                          0, Dropped bps                        0  
  ------------------------------------------------------------------------------
Inbound(Ipv6):                                                                        
--------------------------------------------------------------------------------
  Slot: 1                                                                       
  ------------------------------------------------------------------------------
  ACL 3000, rule 15 permit tcp source-port eq ftp-data destination-port eq 30   
  Passed Packets                       0, Passed Bytes                       0  
  Passed pps                           0, Passed bps                         0  
  Dropped Packets                      0, Dropped Bytes                      0  
  Dropped pps                          0, Dropped bps                        0  
  ------------------------------------------------------------------------------
Table 17-32  Description of the display traffic-statistics command output

Item

Description

Inbound(IPv4)

Direction where the ACL-based traffic statistics function is applied.

Inbound(IPv6)

Direction where the ACL6-based traffic statistics function is applied.

Slot

ID of the device where the traffic policy takes effect.

Item

Statistical item.

Packets

Number of packets.

Bytes

Number of bytes.

pps

Rate of packets, in pps.

bps

Rate of packets, in bit/s.

Matched

Numbers of packets and bytes that match the ACL. Packet statistics have been collected after the previous statistics were cleared last time.

Passed

Numbers of forwarded packets and bytes that match the ACL. Packet statistics have been collected after the previous statistics were cleared last time.

Dropped

Numbers of discarded packets and bytes that match the ACL. Packet statistics have been collected after the previous statistics were cleared last time. The dropped packets include the packets dropped by filtering and CAR.

Filter

Numbers of packets and bytes that match the ACL and are discarded by filtering. Packet statistics have been collected after the previous statistics were cleared last time.

CAR

Numbers of packets and bytes that match the ACL and are discarded by CAR. Packet statistics have been collected after the previous statistics were cleared last time.

ACL 3000, rule 15 permit tcp source-port eq ftp-data destination-port eq 30

ACL number and rule.

Passed Packets

Number of forwarded packets that match the traffic classifier.

Passed Bytes

Number of forwarded bytes that match the traffic classifier.

Passed pps

Rate of forwarded packets that match traffic classification rules, in pps.

Passed bps

Rate of forwarded packets that match traffic classification rules, in bit/s.

Dropped Packets

Number of discarded packets that match the traffic classifier.

Dropped Bytes

Number of discarded bytes that match the traffic classifier.

Dropped pps

Rate of discarded packets that match traffic classification rules, in pps.

Dropped bps

Rate of discarded packets that match traffic classification rules, in bit/s.

reset traffic-statistics

Function

The reset traffic-statistics command clears ACL-based traffic statistics on the device.

Format

For non-CE6870EI switches:

reset traffic-statistics { global [ slot slotid ] | vlan vlan-id | interface interface-type interface-number | qos group group-id } [ inbound | outbound ]

For CE6870EI switches:

reset traffic-statistics { vlan vlan-id | interface interface-type interface-number | qos group group-id } [ inbound | outbound ]

reset traffic-statistics global [ slot slotid ] [ inbound ]

Parameters

Parameter

Description

Value

global

Clears statistics on packets matching a specified ACL in the system.

-

slot slotid

Clears statistics on packets matching a specified ACL in the system. slot-id specifies the stack ID.

The value is an integer. You can enter the question mark (?) and select the value as prompted.

vlan vlan-id

Clears ACL-based traffic statistics in a specified VLAN.

The value is an integer that ranges from 1 to 4094. The VLAN cannot be the reserved VLAN configured by the vlan reserved command.

interface interface-type interface-number

Clears ACL-based traffic statistics on a specified interface.
  • interface-type specifies the interface type.
  • interface-number specifies the interface number.

-

qos group group-id

Clears ACL-based traffic statistics in a specified QoS group.

The value is a string of 1 to 31 case-sensitive characters without spaces and must start with a letter.

inbound

Clears ACL-based traffic statistics in the inbound direction.

-

outbound

Clears ACL-based traffic statistics in the outbound direction.

-

Views

All views

Default Level

3: Management level

Usage Guidelines

Usage Scenario

Before recollecting ACL-based traffic statistics on the device, run the reset traffic-statistics command to clear existing ACL-based traffic statistics. Then run the display traffic-statistics command to view ACL-based traffic statistics.

Precautions

After the reset traffic-statistics command is executed, statistics are cleared and cannot be restored. Exercise caution when you use this command.

Example

# Clear ACL-based traffic statistics in the inbound direction of the 10GE1/0/1.

<HUAWEI> reset traffic-statistics interface 10ge 1/0/1 inbound

traffic-filter (interface view)

Function

The traffic-filter command configures ACL-based packet filtering on an interface.

The undo traffic-filter command cancels ACL-based packet filtering on an interface.

By default, ACL-based packet filtering is not configured on an interface.

Format

traffic-filter acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { inbound [ priority { low | high } ] | outbound }

traffic-filter ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { inbound [ priority { low | high } ] | outbound }

undo traffic-filter acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { inbound [ priority { low | high } ] | outbound }

undo traffic-filter ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { inbound [ priority { low | high } ] | outbound }

Parameters

Parameter

Description

Value

ipv6

Filters packets based on a specified ACL6.

-

acl basic-acl

Filters packets based on a specified basic ACL.

The value is an integer that ranges from 2000 to 2999.

acl advanced-acl

Filters packets based on a specified advanced ACL.

The value is an integer that ranges from 3000 to 3999.

acl l2-acl

Filters packets based on a specified Layer 2 ACL.

The value is an integer that ranges from 4000 to 4999.

acl acl-name

Filters packets based on a specified named ACL.

The value is a string of 1 to 32 case-sensitive characters except spaces. The value must start with a letter (case-sensitive).

inbound

Configures ACL-based packet filtering in the inbound direction on an interface.

-

outbound

Configures ACL-based packet filtering in the outbound direction on an interface.

-

priority { low | high }

NOTE:

Only the CE6870EI supports this parameter.

Specifies the priority of packet filtering:

-

Views

interface view, port group view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

  • After the traffic-filter command is executed on an interface, the device filters packets matching a specified ACL rule:

    • If the ACL rule defines the deny action, the device discards packets matching the ACL rule.
    • If the ACL rule defines the permit action, the device forwards packets matching the ACL rule.
    • The packets that do not match any rule are allowed to pass through.
  • When both MQC-based and simplified ACL-based traffic policies are configured on the device, the system may deliver the two policies to the same bank resource of the TCAM. When this occurs, the simplified ACL-based traffic policy takes effect. For example, both the MQC-based traffic policy defining redirection and simplified ACL-based traffic policy defining traffic statistics are configured on the device. When packets match the simplified ACL-based traffic policy, redirection is not performed.

    To address the preceding issue, specify priority { low | high } during the configuration of the simplified ACL-based traffic policy. Then the system delivers the two policies to different bank resources of the TCAM so that both MQC-based and simplified ACL-based traffic policies take effect.

    NOTE:
    In the following situations, only one traffic policy takes effect:
    • MQC-based and simplified ACL-based traffic policies define the same action such as traffic statistics.
    • MQC-based and simplified ACL-based traffic policies define one of packet filtering, redirection, and PBR. For example, the MQC-based traffic policy defines PBR, and the simplified ACL-based traffic policy defines packet filtering.

    If priority is set to low, the MQC-based traffic policy takes effect. If priority is set to high, the simplified ACL-based traffic policy takes effect.

Prerequisites

An ACL has been created using the acl (system view) or acl ipv6 command.

Precautions

  • For CE6870EI switches, this command cannot be configured on an Eth-Trunk member interface.
  • If you run the traffic-filter command for packets of the same type in the same view multiple times, only the latest configuration takes effect.

  • The ACL-based simplified traffic policy can be configured on only the physical interface, Eth-Trunk, and Layer 3 sub-interface in the outbound direction on the CE6870EI and CE6875EI.

  • The ACL6-based simplified traffic policy can be configured on only the physical interface and Eth-Trunk of the CE6870EI and CE6875EI.

Example

# Configure packet filtering based on advanced ACL 3000 in the inbound direction of 10GE1/0/1.

<HUAWEI> system-view
[~HUAWEI] acl number 3000
[*HUAWEI-acl4-advance-3000] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-3000] quit
[*HUAWEI] interface 10ge 1/0/1
[*HUAWEI-10GE1/0/1] traffic-filter acl 3000 inbound
Related Topics

traffic-filter (system view)

Function

The traffic-filter command configures ACL-based packet filtering in the system or a specified slot.

The undo traffic-filter command cancels ACL-based packet filtering in the system or a specified slot.

By default, ACL-based packet filtering is not configured in the system or a specified slot.

Format

traffic-filter acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * global [ slot slot-id ] { inbound [ priority { low | high } ] | outbound }

traffic-filter ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } global [ slot slot-id ] { inbound [ priority { low | high } ] | outbound }

undo traffic-filter acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * global [ slot slot-id ] { inbound [ priority { low | high } ] | outbound }

undo traffic-filter ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } global [ slot slot-id ] { inbound [ priority { low | high } ] | outbound }

Parameters

Parameter

Description

Value

ipv6

Filters packets based on a specified ACL6.

-

acl basic-acl

Filters packets based on a specified basic ACL.

The value is an integer that ranges from 2000 to 2999.

acl advanced-acl

Filters packets based on a specified advanced ACL.

The value is an integer that ranges from 3000 to 3999.

acl l2-acl

Filters packets based on a specified Layer 2 ACL.

The value is an integer that ranges from 4000 to 4999.

acl acl-name

Filters packets based on a specified named ACL.

The name of an ACL must already exist.

global

Configures ACL-based packet filtering in the system.

-

slot slot-id

Configures ACL-based packet filtering on a specified device. slot-id specifies the stack ID of the device.

The value is an integer. You can enter a question mark (?) and select the value as prompted.

inbound

Configures ACL-based packet filtering in the inbound direction.

-

outbound

Configures ACL-based packet filtering in the outbound direction.

-

priority { low | high }

NOTE:

Only the CE6870EI supports this parameter.

Specifies the priority of packet filtering:

-

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

  • After the traffic-filter command is executed in the system view, the device filters packets matching a specified ACL rule:

    • If the ACL rule defines the deny action, the device discards packets matching the ACL rule.
    • If the ACL rule defines the permit action, the device forwards packets matching the ACL rule.
    • The packets that do not match any rule are allowed to pass through.
  • When both MQC-based and simplified ACL-based traffic policies are configured on the device, the system may deliver the two policies to the same bank resource of the TCAM. When this occurs, the simplified ACL-based traffic policy takes effect. For example, both the MQC-based traffic policy defining redirection and simplified ACL-based traffic policy defining traffic statistics are configured on the device. When packets match the simplified ACL-based traffic policy, redirection is not performed.

    To address the preceding issue, specify priority { low | high } during the configuration of the simplified ACL-based traffic policy. Then the system delivers the two policies to different bank resources of the TCAM so that both MQC-based and simplified ACL-based traffic policies take effect.

    NOTE:
    In the following situations, only one traffic policy takes effect:
    • MQC-based and simplified ACL-based traffic policies define the same action such as traffic statistics.
    • MQC-based and simplified ACL-based traffic policies define one of packet filtering, redirection, and PBR. For example, the MQC-based traffic policy defines PBR, and the simplified ACL-based traffic policy defines packet filtering.

    If priority is set to low, the MQC-based traffic policy takes effect. If priority is set to high, the simplified ACL-based traffic policy takes effect.

Prerequisites

An ACL has been created using the acl (system view) or acl ipv6 command.

When outbound ACL6-based packet filtering is configured in the system view on the CE6870EI, first run the traffic-policy ipv6-enhance-mode command in the system view.

Precautions

If you run the traffic-filter command for packets of the same type in the same view multiple times, only the latest configuration takes effect.

Example

# Configure packet filtering based on advanced ACL 3000 in the inbound direction of the system.

<HUAWEI> system-view
[~HUAWEI] acl number 3000
[*HUAWEI-acl4-advance-3000] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-3000] quit
[*HUAWEI] traffic-filter acl 3000 global inbound
Related Topics

traffic-filter (VLAN view)

Function

The traffic-filter command configures ACL-based packet filtering in a VLAN.

The undo traffic-filter command cancels ACL-based packet filtering in a VLAN.

By default, ACL-based packet filtering is not configured in a VLAN.

Format

traffic-filter acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { inbound [ priority { low | high } ] | outbound }

traffic-filter ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { inbound [ priority { low | high } ] | outbound }

undo traffic-filter acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { inbound [ priority { low | high } ] | outbound }

undo traffic-filter ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { inbound [ priority { low | high } ] | outbound }

Parameters

Parameter

Description

Value

ipv6

Filters packets based on a specified ACL6.

-

acl basic-acl

Filters packets based on a specified basic ACL.

The value is an integer that ranges from 2000 to 2999.

acl advanced-acl

Filters packets based on a specified advanced ACL.

The value is an integer that ranges from 3000 to 3999.

acl l2-acl

Filters packets based on a specified Layer 2 ACL.

The value is an integer that ranges from 4000 to 4999.

acl acl-name

Filters packets based on a specified named ACL.

The value is a string of 1 to 32 case-sensitive characters except spaces. The value must start with a letter (case-sensitive).

inbound

Configures ACL-based packet filtering in the inbound direction of a VLAN.

-

outbound

Configures ACL-based packet filtering in the outbound direction of a VLAN.

-

priority { low | high }

NOTE:

Only the CE6870EI supports this parameter.

Specifies the priority of packet filtering:

-

Views

VLAN view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

  • After the traffic-filter command is executed in the VLAN view, the device filters packets matching a specified ACL rule:

    • If the ACL rule defines the deny action, the device discards packets matching the ACL rule.
    • If the ACL rule defines the permit action, the device forwards packets matching the ACL rule.
    • The packets that do not match any rule are allowed to pass through.
  • When both MQC-based and simplified ACL-based traffic policies are configured on the device, the system may deliver the two policies to the same bank resource of the TCAM. When this occurs, the simplified ACL-based traffic policy takes effect. For example, both the MQC-based traffic policy defining redirection and simplified ACL-based traffic policy defining traffic statistics are configured on the device. When packets match the simplified ACL-based traffic policy, redirection is not performed.

    To address the preceding issue, specify priority { low | high } during the configuration of the simplified ACL-based traffic policy. Then the system delivers the two policies to different bank resources of the TCAM so that both MQC-based and simplified ACL-based traffic policies take effect.

    NOTE:
    In the following situations, only one traffic policy takes effect:
    • MQC-based and simplified ACL-based traffic policies define the same action such as traffic statistics.
    • MQC-based and simplified ACL-based traffic policies define one of packet filtering, redirection, and PBR. For example, the MQC-based traffic policy defines PBR, and the simplified ACL-based traffic policy defines packet filtering.

    If priority is set to low, the MQC-based traffic policy takes effect. If priority is set to high, the simplified ACL-based traffic policy takes effect.

Prerequisites

An ACL has been created using the acl (system view) or acl ipv6 command.

Precautions

If you run the traffic-filter command for packets of the same type in the same view multiple times, only the latest configuration takes effect.

Example

# Configure packet filtering based on advanced ACL 3000 in the inbound direction of VLAN 10.

<HUAWEI> system-view
[~HUAWEI] acl number 3000
[*HUAWEI-acl4-advance-3000] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-3000] quit
[*HUAWEI] vlan 10
[*HUAWEI-vlan10] traffic-filter acl 3000 inbound
Related Topics

traffic-filter (QoS group view)

Function

The traffic-filter command configures ACL-based packet filtering in a QoS group.

The undo traffic-filter command cancels ACL-based packet filtering in a QoS group.

By default, ACL-based packet filtering is not configured in a QoS group.

Format

traffic-filter acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * inbound [ priority { low | high } ]

undo traffic-filter acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * inbound [ priority { low | high } ]

Parameters

Parameter

Description

Value

acl basic-acl

Filters packets based on a specified basic ACL.

The value is an integer that ranges from 2000 to 2999.

acl advanced-acl

Filters packets based on a specified advanced ACL.

The value is an integer that ranges from 3000 to 3999.

acl l2-acl

Filters packets based on a specified Layer 2 ACL.

The value is an integer that ranges from 4000 to 4999.

acl acl-name

Filters packets based on a specified named ACL.

The value is a string of 1 to 32 case-sensitive characters except spaces. The value must start with a letter (case-sensitive).

inbound

Configures packet filtering in the inbound direction of a QoS group.

-

priority { low | high }

NOTE:

Only the CE6870EI supports this parameter.

Specifies the priority of packet filtering:

-

Views

QoS group view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

  • After the traffic-filter command is executed in the QoS group view, the device filters packets matching an ACL:

    • If the ACL defines the deny action, the device discards packets matching the rule.
    • If the ACL defines the permit action, the device forwards packets matching the rule.
    • If no rule is matched, packets are allowed to pass through.
  • When both MQC-based and simplified ACL-based traffic policies are configured on the device, the system may deliver the two policies to the same bank resource of the TCAM. When this occurs, the simplified ACL-based traffic policy takes effect. For example, both the MQC-based traffic policy defining redirection and simplified ACL-based traffic policy defining traffic statistics are configured on the device. When packets match the simplified ACL-based traffic policy, redirection is not performed.

    To address the preceding issue, specify priority { low | high } during the configuration of the simplified ACL-based traffic policy. Then the system delivers the two policies to different bank resources of the TCAM so that both MQC-based and simplified ACL-based traffic policies take effect.

    NOTE:
    In the following situations, only one traffic policy takes effect:
    • MQC-based and simplified ACL-based traffic policies define the same action such as traffic statistics.
    • MQC-based and simplified ACL-based traffic policies define one of packet filtering, redirection, and PBR. For example, the MQC-based traffic policy defines PBR, and the simplified ACL-based traffic policy defines packet filtering.

    If priority is set to low, the MQC-based traffic policy takes effect. If priority is set to high, the simplified ACL-based traffic policy takes effect.

Prerequisites

An ACL has been created using the acl (system view) command.

Precautions

If you run the traffic-filter command for packets of the same type in the same view multiple times, only the latest configuration takes effect.

Example

# Configure packet filtering based on advanced ACL 3000 in the inbound direction of the QoS group.

<HUAWEI> system-view
[~HUAWEI] acl number 3000
[*HUAWEI-acl4-advance-3000] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-3000] quit
[*HUAWEI] qos group qosgroup1
[*HUAWEI-qos-group-qosgroup1] traffic-filter acl 3000 inbound
Related Topics

traffic-redirect (interface view)

Function

The traffic-redirect command configures ACL-based redirection on an interface.

The undo traffic-redirect command cancels ACL-based redirection on an interface.

By default, the ACL-based redirection function is not configured on an interface.

Format

traffic-redirect acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { cpu | interface interface-type interface-number [ fail-action forward ] } inbound

traffic-redirect ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { cpu | interface interface-type interface-number [ fail-action forward ] } inbound

undo traffic-redirect acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { cpu | interface interface-type interface-number [ fail-action forward ] } inbound

undo traffic-redirect ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { cpu | interface interface-type interface-number [ fail-action forward ] } inbound

Parameters

Parameter

Description

Value

ipv6

Filters packets based on a specified ACL6.

-

acl basic-acl

Redirects packets based on a specified basic ACL.

The value is an integer that ranges from 2000 to 2999.

acl advanced-acl

Redirects packets based on a specified advanced ACL.

The value is an integer that ranges from 3000 to 3999.

acl l2-acl

Redirects packets based on a specified Layer 2 ACL.

The value is an integer that ranges from 4000 to 4999.

acl acl-name

Redirects packets based on a specified named ACL.

The value is a string of 1 to 32 case-sensitive characters except spaces. The value must start with a letter (case-sensitive).

cpu

Redirects packets to the CPU.

-

interface interface-type interface-number

Redirects packets to a specified interface.
  • interface-type specifies the interface type.

  • interface-number specifies the interface number.

-

fail-action forward

Indicates that packets are forwarded according to the original forwarding process when the redirect-to-interface becomes Down.

-

inbound

Configures ACL-based redirection in the inbound direction on an interface.

-

Views

Interface view, port group view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After the traffic-redirect command is executed on an interface, the device redirects packets matching a specified ACL.

Prerequisites

An ACL has been created using the acl (system view) or acl ipv6 command.

Precautions

  • When a traffic policy containing redirection to the CPU is applied, the device redirects packets matching traffic classification rules to the CPU, affecting the CPU. Exercise caution when applying the traffic policy containing redirection to the CPU.
  • For CE6870EI switches, this command cannot be configured on an Eth-Trunk member interface.
  • If you run the traffic-filter command for packets of the same type in the same view multiple times, only the latest configuration takes effect.

Example

# Configure ACL-based redirection in the inbound direction on the 10GE1/0/1 to redirect packets matching ACL 3000 to 10GE1/0/2.

<HUAWEI> system-view
[~HUAWEI] acl number 3000
[*HUAWEI-acl4-advance-3000] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-3000] quit
[*HUAWEI] interface 10ge 1/0/1
[*HUAWEI-10GE1/0/1] traffic-redirect acl 3000 interface 10ge 1/0/2 inbound
Related Topics

traffic-redirect (system view)

Function

The traffic-redirect command configures ACL-based redirection in the system or a specified slot.

The undo traffic-redirect command cancels ACL-based redirection in the system or a specified slot.

By default, the ACL-based redirection function is not configured in the system or a specified slot.

Format

traffic-redirect acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { cpu | interface interface-type interface-number [ fail-action forward ] } global [ slot slot-id ] inbound

traffic-redirect ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { cpu | interface interface-type interface-number [ fail-action forward ] } global [ slot slot-id ] inbound

undo traffic-redirect acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { cpu | interface interface-type interface-number [ fail-action forward ] } global [ slot slot-id ] inbound

undo traffic-redirect ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { cpu | interface interface-type interface-number [ fail-action forward ] } global [ slot slot-id ] inbound

Parameters

Parameter

Description

Value

ipv6

Filters packets based on a specified ACL6.

-

acl basic-acl

Redirects packets based on a specified basic ACL.

The value is an integer that ranges from 2000 to 2999.

acl advanced-acl

Redirects packets based on a specified advanced ACL.

The value is an integer that ranges from 3000 to 3999.

acl l2-acl

Redirects packets based on a specified Layer 2 ACL.

The value is an integer that ranges from 4000 to 4999.

acl acl-name

Redirects packets based on a specified named ACL.

The name of an ACL must already exist.

cpu

Redirects packets to the CPU.

-

interface interface-type interface-number

Redirects packets to a specified interface.
  • interface-type specifies the interface type.

  • interface-number specifies the interface number.

-

fail-action forward

Indicates that packets are forwarded according to the original forwarding process when the redirect-to-interface becomes Down.

-

global

Configures ACL-based redirection in the system.

-

slot slot-id

Configures ACL-based redirection on a specified device. slot-id specifies the stack ID of the device.

The value is an integer. You can enter a question mark (?) and select a value as prompted.

inbound

Redirects packets to the inbound direction.

-

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After the traffic-redirect command is executed in the system view, the device redirects packets matching a specified ACL.

Prerequisites

An ACL has been created using the acl (system view) or acl ipv6 command.

Precautions

  • When a traffic policy containing redirection to the CPU is applied, the device redirects packets matching traffic classification rules to the CPU, affecting the CPU. Exercise caution when applying the traffic policy containing redirection to the CPU.
  • If you run the traffic-filter command for packets of the same type in the same view multiple times, only the latest configuration takes effect.

Example

# Configure ACL-based redirection in the inbound direction of the system to redirect packets matching ACL 3000 to 10GE1/0/1.

<HUAWEI> system-view
[~HUAWEI] acl number 3000
[*HUAWEI-acl4-advance-3000] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-3000] quit
[*HUAWEI] traffic-redirect acl 3000 interface 10ge 1/0/1 global inbound
Related Topics

traffic-redirect (VLAN view)

Function

The traffic-redirect command configures ACL-based redirection in a VLAN.

The undo traffic-redirect command cancels ACL-based redirection in a VLAN.

By default, the ACL-based redirection function is not configured in a VLAN.

Format

traffic-redirect acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { cpu | interface interface-type interface-number [ fail-action forward ] } inbound

traffic-redirect ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { cpu | interface interface-type interface-number [ fail-action forward ] } inbound

undo traffic-redirect acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { cpu | interface interface-type interface-number [ fail-action forward ] } inbound

undo traffic-redirect ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { cpu | interface interface-type interface-number [ fail-action forward ] } inbound

Parameters

Parameter

Description

Value

ipv6

Filters packets based on a specified ACL6.

-

acl basic-acl

Redirects packets based on a specified basic ACL.

The value is an integer that ranges from 2000 to 2999.

acl advanced-acl

Redirects packets based on a specified advanced ACL.

The value is an integer that ranges from 3000 to 3999.

acl l2-acl

Redirects packets based on a specified Layer 2 ACL.

The value is an integer that ranges from 4000 to 4999.

acl acl-name

Redirects packets based on a specified named ACL.

The value is a string of 1 to 32 case-sensitive characters except spaces. The value must start with a letter (case-sensitive).

cpu

Redirects packets to the CPU.

-

interface interface-type interface-number

Redirects packets to a specified interface.
  • interface-type specifies the interface type.

  • interface-number specifies the interface number.

-

fail-action forward

Indicates that packets are forwarded according to the original forwarding process when the redirect-to-interface becomes Down.

-

inbound

Configures ACL-based redirection in the inbound direction in a VLAN.

-

Views

VLAN view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After the traffic-redirect command is executed in the VLAN view, the device redirects packets matching a specified ACL.

Prerequisites

An ACL has been created using the acl (system view) or acl ipv6 command.

Precautions

  • When a traffic policy containing redirection to the CPU is applied, the device redirects packets matching traffic classification rules to the CPU, affecting the CPU. Exercise caution when applying the traffic policy containing redirection to the CPU.
  • If you run the traffic-filter command for packets of the same type in the same view multiple times, only the latest configuration takes effect.

Example

# Configure ACL-based redirection in the inbound direction in VLAN 100 to redirect packets matching ACL 3000 to 10GE2/0/0.

<HUAWEI> system-view
[~HUAWEI] acl number 3000
[*HUAWEI-acl4-advance-3000] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-3000] quit
[*HUAWEI] vlan 100
[*HUAWEI-vlan100] traffic-redirect acl 3000 interface 10ge 2/0/0 inbound
Related Topics

traffic-redirect (QoS group view)

Function

The traffic-redirect command configures ACL-based redirection in a QoS group.

The undo traffic-redirect command cancels ACL-based redirection in a QoS group.

By default, ACL-based redirection is not configured in a QoS group.

Format

traffic-redirect acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { cpu | interface interface-type interface-number [ fail-action forward ] } inbound

undo traffic-redirect acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { cpu | interface interface-type interface-number [ fail-action forward ] } inbound

Parameters

Parameter

Description

Value

acl basic-acl

Redirects packets based on a specified basic ACL.

The value is an integer that ranges from 2000 to 2999.

acl advanced-acl

Redirects packets based on a specified advanced ACL.

The value is an integer that ranges from 3000 to 3999.

acl l2-acl

Redirects packets based on a specified Layer 2 ACL.

The value is an integer that ranges from 4000 to 4999.

acl acl-name

Redirects packets based on a specified named ACL.

The value is a string of 1 to 32 case-sensitive characters except spaces. The value must start with a letter (case-sensitive).

cpu

Redirects packets to the CPU.

-

interface interface-type interface-number

Redirects packets to a specified interface.
  • interface-type specifies the interface type.

  • interface-number specifies the interface number.

-

fail-action forward

Forwards packets based on the original forwarding process when the redirect-to-interface goes Down.

-

inbound

Configures redirection in the inbound direction of a QoS group.

-

Views

QoS group view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After the traffic-redirect command is executed in the QoS group view, the device redirects packets matching an ACL.

Prerequisites

An ACL has been created using the acl (system view) command.

Precautions

  • After the traffic policy containing traffic-redirect is used, packets matching traffic classification rules are redirected to the CPU, affecting the CPU. Exercise caution when you run this command.
  • If you run the traffic-filter command for packets of the same type in the same view multiple times, only the latest configuration takes effect.

Example

# Configure ACL-based redirection in the inbound direction of a QoS group to redirect packets matching ACL 3000 to 10GE1/0/2.

<HUAWEI> system-view
[~HUAWEI] acl number 3000
[*HUAWEI-acl4-advance-3000] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-3000] quit
[*HUAWEI] qos group qosgroup1
[*HUAWEI-qos-group-qosgroup1] traffic-redirect acl 3000 interface 10ge 1/0/2 inbound
Related Topics

traffic-statistics (interface view)

Function

The traffic-statistics command configures ACL-based traffic statistics on an interface.

The undo traffic-statistics command cancels ACL-based traffic statistics on an interface.

By default, the ACL-based traffic statistics function is not configured on an interface.

Format

traffic-statistics acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { inbound [ priority { low | high } ] | outbound }

traffic-statistics ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { inbound [ priority { low | high } ] | outbound }

undo traffic-statistics acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { inbound [ priority { low | high } ] | outbound }

undo traffic-statistics ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { inbound [ priority { low | high } ] | outbound }

Parameters

Parameter

Description

Value

ipv6

Filters packets based on a specified ACL6.

-

acl basic-acl

Collects packet statistics based on a specified basic ACL.

The value is an integer that ranges from 2000 to 2999.

acl advanced-acl

Collects packet statistics based on a specified advanced ACL.

The value is an integer that ranges from 3000 to 3999.

acl l2-acl

Collects packet statistics based on a specified Layer 2 ACL.

The value is an integer that ranges from 4000 to 4999.

acl acl-name

Collects packet statistics based on a specified named ACL.

The value is a string of 1 to 32 case-sensitive characters except spaces. The value must start with a letter (case-sensitive).

inbound

Configures ACL-based traffic statistics in the inbound direction on an interface.

-

outbound

Configures ACL-based traffic statistics in the outbound direction on an interface.

-

priority { low | high }

NOTE:

Only the CE6870EI supports this parameter.

Specifies the priority of traffic statistics:

-

Views

interface view, port group view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

  • After the traffic-statistics command is executed on an interface, the device collects statistics on packets matching a specified ACL rule.

  • When both MQC-based and simplified ACL-based traffic policies are configured on the device, the system may deliver the two policies to the same bank resource of the TCAM. When this occurs, the simplified ACL-based traffic policy takes effect. For example, both the MQC-based traffic policy defining redirection and simplified ACL-based traffic policy defining traffic statistics are configured on the device. When packets match the simplified ACL-based traffic policy, redirection is not performed.

    To address the preceding issue, specify priority { low | high } during the configuration of the simplified ACL-based traffic policy. Then the system delivers the two policies to different bank resources of the TCAM so that both MQC-based and simplified ACL-based traffic policies take effect.

    NOTE:
    In the following situations, only one traffic policy takes effect:
    • MQC-based and simplified ACL-based traffic policies define the same action such as traffic statistics.
    • MQC-based and simplified ACL-based traffic policies define one of packet filtering, redirection, and PBR. For example, the MQC-based traffic policy defines PBR, and the simplified ACL-based traffic policy defines packet filtering.

    If priority is set to low, the MQC-based traffic policy takes effect. If priority is set to high, the simplified ACL-based traffic policy takes effect.

Prerequisites

An ACL has been created using the acl (system view) or acl ipv6 command.

Precautions

  • For CE6870EI switches, this command cannot be configured on an Eth-Trunk member interface.
  • If you run the traffic-filter command for packets of the same type in the same view multiple times, only the latest configuration takes effect.

  • The ACL-based simplified traffic policy can be configured on only the physical interface, Eth-Trunk, and Layer 3 sub-interface in the outbound direction on the CE6870EI and CE6875EI.

  • The ACL6-based simplified traffic policy can be configured on only the physical interface and Eth-Trunk of the CE6870EI and CE6875EI.

Example

# Configure traffic statistics based on advanced ACL 3000 in the inbound direction of 10GE1/0/1.

<HUAWEI> system-view
[~HUAWEI] acl number 3000
[*HUAWEI-acl4-advance-3000] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-3000] quit
[*HUAWEI] interface 10ge 1/0/1
[*HUAWEI-10GE1/0/1] traffic-statistics acl 3000 inbound
Related Topics

traffic-statistics (system view)

Function

The traffic-statistics command configures ACL-based traffic statistics in the system or a specified slot.

The undo traffic-statistics command cancels ACL-based traffic statistics in the system or a specified slot.

By default, the ACL-based traffic statistics function is not configured in the system or a specified slot.

Format

For non-CE6870EI switches:

traffic-statistics acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * global [ slot slot-id ] { inbound | outbound }

traffic-statistics ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } global [ slot slot-id ] { inbound | outbound }

undo traffic-statistics acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * global [ slot slot-id ] { inbound | outbound }

undo traffic-statistics ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } global [ slot slot-id ] { inbound | outbound }

For CE6870EI switches:

traffic-statistics acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * global [ slot slot-id ] inbound [ priority { low | high } ]

traffic-statistics ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } global [ slot slot-id ] inbound [ priority { low | high } ]

undo traffic-statistics acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * global [ slot slot-id ] inbound [ priority { low | high } ]

undo traffic-statistics ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } global [ slot slot-id ] inbound [ priority { low | high } ]

Parameters

Parameter

Description

Value

ipv6

Filters packets based on a specified ACL6.

-

acl basic-acl

Collects packet statistics based on a specified basic ACL.

The value is an integer that ranges from 2000 to 2999.

acl advanced-acl

Collects packet statistics based on a specified advanced ACL.

The value is an integer that ranges from 3000 to 3999.

acl l2-acl

Collects packet statistics based on a specified Layer 2 ACL.

The value is an integer that ranges from 4000 to 4999.

acl acl-name

Collects packet statistics based on a specified named ACL.

The name of an ACL must already exist.

global

Configures ACL-based traffic statistics in the system.

-

slot slot-id

Configures ACL-based traffic statistics on a specified device. slot-id specifies the stack ID of the device.

The value is an integer. You can enter a question mark (?) and select a value as prompted.

inbound

Configures ACL-based traffic statistics in the inbound direction.

-

outbound

Configures ACL-based traffic statistics in the outbound direction.

-

priority { low | high }

NOTE:

Only CE6870EI supports this parameter.

Specifies the priority of traffic statistics:

-

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

  • After the traffic-statistics command is executed in the system view, the device collects statistics on packets matching a specified ACL rule.

  • When both MQC-based and simplified ACL-based traffic policies are configured on the device, the system may deliver the two policies to the same bank resource of the TCAM. When this occurs, the simplified ACL-based traffic policy takes effect. For example, both the MQC-based traffic policy defining redirection and simplified ACL-based traffic policy defining traffic statistics are configured on the device. When packets match the simplified ACL-based traffic policy, redirection is not performed.

    To address the preceding issue, specify priority { low | high } during the configuration of the simplified ACL-based traffic policy. Then the system delivers the two policies to different bank resources of the TCAM so that both MQC-based and simplified ACL-based traffic policies take effect.

    NOTE:
    In the following situations, only one traffic policy takes effect:
    • MQC-based and simplified ACL-based traffic policies define the same action such as traffic statistics.
    • MQC-based and simplified ACL-based traffic policies define one of packet filtering, redirection, and PBR. For example, the MQC-based traffic policy defines PBR, and the simplified ACL-based traffic policy defines packet filtering.

    If priority is set to low, the MQC-based traffic policy takes effect. If priority is set to high, the simplified ACL-based traffic policy takes effect.

Prerequisites

An ACL has been created using the acl (system view) or acl ipv6 command.

Precautions

If you run the traffic-filter command for packets of the same type in the same view multiple times, only the latest configuration takes effect.

Example

# Configure traffic statistics based on advanced ACL 3000 in the inbound direction of the system.

<HUAWEI> system-view
[~HUAWEI] acl number 3000
[*HUAWEI-acl4-advance-3000] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-3000] quit
[*HUAWEI] traffic-statistics acl 3000 global inbound
Related Topics

traffic-statistics (VLAN view)

Function

The traffic-statistics command configures ACL-based traffic statistics in a VLAN.

The undo traffic-statistics command cancels ACL-based traffic statistics in a VLAN.

By default, the ACL-based traffic statistics function is not configured in a VLAN.

Format

traffic-statistics acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { inbound [ priority { low | high } ] | outbound }

traffic-statistics ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { inbound [ priority { low | high } ] | outbound }

undo traffic-statistics acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * { inbound [ priority { low | high } ] | outbound }

undo traffic-statistics ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { inbound [ priority { low | high } ] | outbound }

Parameters

Parameter

Description

Value

ipv6

Filters packets based on a specified ACL6.

-

acl basic-acl

Collects packet statistics based on a specified basic ACL.

The value is an integer that ranges from 2000 to 2999.

acl advanced-acl

Collects packet statistics based on a specified advanced ACL.

The value is an integer that ranges from 3000 to 3999.

acl l2-acl

Collects packet statistics based on a specified Layer 2 ACL.

The value is an integer that ranges from 4000 to 4999.

acl acl-name

Collects packet statistics based on a specified named ACL.

The value is a string of 1 to 32 case-sensitive characters except spaces. The value must start with a letter (case-sensitive).

inbound

Configures ACL-based traffic statistics in the inbound direction of a VLAN.

-

outbound

Configures ACL-based traffic statistics in the outbound direction of a VLAN.

-

priority { low | high }

NOTE:

Only the CE6870EI supports this parameter.

Specifies the priority of traffic statistics:

-

Views

VLAN view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

  • After the traffic-statistics command is executed in the VLAN view, the device collects statistics on packets matching a specified ACL rule.

  • When both MQC-based and simplified ACL-based traffic policies are configured on the device, the system may deliver the two policies to the same bank resource of the TCAM. When this occurs, the simplified ACL-based traffic policy takes effect. For example, both the MQC-based traffic policy defining redirection and simplified ACL-based traffic policy defining traffic statistics are configured on the device. When packets match the simplified ACL-based traffic policy, redirection is not performed.

    To address the preceding issue, specify priority { low | high } during the configuration of the simplified ACL-based traffic policy. Then the system delivers the two policies to different bank resources of the TCAM so that both MQC-based and simplified ACL-based traffic policies take effect.

    NOTE:
    In the following situations, only one traffic policy takes effect:
    • MQC-based and simplified ACL-based traffic policies define the same action such as traffic statistics.
    • MQC-based and simplified ACL-based traffic policies define one of packet filtering, redirection, and PBR. For example, the MQC-based traffic policy defines PBR, and the simplified ACL-based traffic policy defines packet filtering.

    If priority is set to low, the MQC-based traffic policy takes effect. If priority is set to high, the simplified ACL-based traffic policy takes effect.

Prerequisites

An ACL has been created using the acl (system view) or acl ipv6 command.

Precautions

If you run the traffic-filter command for packets of the same type in the same view multiple times, only the latest configuration takes effect.

Example

# Configure traffic statistics based on advanced ACL 3000 in the inbound direction of VLAN 10.

<HUAWEI> system-view
[~HUAWEI] acl number 3000
[*HUAWEI-acl4-advance-3000] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-3000] quit
[*HUAWEI] vlan 10
[*HUAWEI-vlan10] traffic-statistics acl 3000 inbound
Related Topics

traffic-statistics (QoS group view)

Function

The traffic-statistics command configures ACL-based traffic statistics in a QoS group.

The undo traffic-statistics command cancels ACL-based traffic statistics in a QoS group.

By default, the ACL-based traffic statistics function is not configured in a QoS group.

Format

traffic-statistics acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * inbound [ priority { low | high } ]

undo traffic-statistics acl { { { basic-acl | acl-name } | { advanced-acl | acl-name } } | { l2-acl | acl-name } } * inbound [ priority { low | high } ]

Parameters

Parameter

Description

Value

acl basic-acl

Collects packet statistics based on a specified basic ACL.

The value is an integer that ranges from 2000 to 2999.

acl advanced-acl

Collects packet statistics based on a specified advanced ACL.

The value is an integer that ranges from 3000 to 3999.

acl l2-acl

Collects packet statistics based on a specified Layer 2 ACL.

The value is an integer that ranges from 4000 to 4999.

acl acl-name

Collects packet statistics based on a specified named ACL.

The value is a string of 1 to 32 case-sensitive characters except spaces. The value must start with a letter (case-sensitive).

inbound

Configures traffic statistics in the inbound direction of a QoS group.

-

priority { low | high }

NOTE:

Only the CE6870EI supports this parameter.

Specifies the priority of traffic statistics:

-

Views

QoS group view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

  • After the traffic-statistics command is executed in the QoS group view, the device collects statistics on packets matching an ACL.

  • When both MQC-based and simplified ACL-based traffic policies are configured on the device, the system may deliver the two policies to the same bank resource of the TCAM. When this occurs, the simplified ACL-based traffic policy takes effect. For example, both the MQC-based traffic policy defining redirection and simplified ACL-based traffic policy defining traffic statistics are configured on the device. When packets match the simplified ACL-based traffic policy, redirection is not performed.

    To address the preceding issue, specify priority { low | high } during the configuration of the simplified ACL-based traffic policy. Then the system delivers the two policies to different bank resources of the TCAM so that both MQC-based and simplified ACL-based traffic policies take effect.

    NOTE:
    In the following situations, only one traffic policy takes effect:
    • MQC-based and simplified ACL-based traffic policies define the same action such as traffic statistics.
    • MQC-based and simplified ACL-based traffic policies define one of packet filtering, redirection, and PBR. For example, the MQC-based traffic policy defines PBR, and the simplified ACL-based traffic policy defines packet filtering.

    If priority is set to low, the MQC-based traffic policy takes effect. If priority is set to high, the simplified ACL-based traffic policy takes effect.

Prerequisites

An ACL has been created using the acl (system view) command.

Precautions

If you run the traffic-filter command for packets of the same type in the same view multiple times, only the latest configuration takes effect.

Example

# Configure traffic statistics based on advanced ACL 3000 in the inbound direction of the QoS group.

<HUAWEI> system-view
[~HUAWEI] acl number 3000
[*HUAWEI-acl4-advance-3000] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-3000] quit
[*HUAWEI] qos group qosgroup1
[*HUAWEI-qos-group-qosgroup1] traffic-statistics acl 3000 inbound
Related Topics
Translation
Download
Updated: 2019-03-21

Document ID: EDOC1000166501

Views: 52436

Downloads: 339

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next