2. H3C
  3. SR6600 SPE-FWM

H3C SR6600 SPE-FWM Command Reference Manual

  • Hello! I am an AI chatbot trained to assist you with the H3C SR6600 SPE-FWM Command Reference Manual. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
H3C SR6600 Routers
ACL and QoS
Command Reference
Hangzhou H3C Technologies Co., Ltd.
http://www.h3c.com
Software version: SR6600-CMW520-R2603
Document version: 20110627-C-1.11
Copyright © 2007-2011, Hangzhou H3C Technologies Co., Ltd. and its licensors
All rights reserved
No part of this manual may be reproduced or transmitted in any form or by any means without prior
written consent of Hangzhou H3C Technologies Co., Ltd.
Trademarks
H3C,
, Aolynk, , H
3
Care,
, TOP G, , IRF, NetPilot, Neocean, NeoVTL,
SecPro, SecPoint, SecEngine, SecPath, Comware, Secware, Storware, NQA, VVG, V
2
G, V
n
G, PSPT,
XGbus, N-Bus, TiGem, InnoVision and HUASAN are trademarks of Hangzhou H3C Technologies Co.,
Ltd.
All other trademarks that may be mentioned in this manual are the property of their respective owners
Notice
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Preface
The H3C SR6600 documentation set includes 13 command references, which describe the commands
and command syntax options available for the H3C SR6600 Routers.
The ACL and QoS Command Reference describes the QoS configuration commands.
This preface includes:
Audience
Conventions
About the H3C SR6600 documentation set
Obtaining documentation
Technical support
Documentation feedback
Audience
This documentation is intended for:
Network planners
Field technical support and servicing engineers
Network administrators working with the SR6600
Conventions
This section describes the conventions used in this documentation set.
Command conventions
Convention Description
Boldface Bold text represents commands and keywords that you enter literally as shown.
Italic Italic text represents arguments that you replace with actual values.
[ ] Square brackets enclose syntax choices (keywords or arguments) that are optional.
{ x | y | ... }
Braces enclose a set of required syntax choices separated by vertical bars, from which
you select one.
[ x | y | ... ]
Square brackets enclose a set of optional syntax choices separated by vertical bars, from
which you select one or none.
{ x | y | ... } *
Asterisk marked braces enclose a set of required syntax choices separated by vertical
bars, from which you select at least one.
[ x | y | ... ] *
Asterisk marked square brackets enclose optional syntax choices separated by vertical
bars, from which you may select multiple choices or none.
&<1-n>
The argument or keyword and argument combination before the ampersand (&) sign can
be entered 1 to n times.
# A line that starts with a pound (#) sign is comments.
Symbols
Convention Description
WARNING
An alert that calls attention to important information that if not understood or followed can
result in personal injury.
CAUTION
An alert that calls attention to important information that if not understood or followed can
result in data loss, data corruption, or damage to hardware or software.
IMPORTANT
An alert that calls attention to essential information.
NOTE
An alert that contains additional or supplementary information.
TIP
An alert that provides helpful information.
About the H3C SR6600 documentation set
The H3C SR6600 documentation set includes:
Category Documents Purposes
Marketing brochures Describe product specifications and benefits.
Technology white papers
Provide an in-depth description of software features
and technologies.
Product description and
specifications
Card datasheets
Describe card specifications, features, and
standards.
Compliance and safety
manual
Provides regulatory information and the safety
instructions that must be followed during installation.
Installation guide
Provides a complete guide to hardware installation
and hardware specifications.
Card manuals Provide the hardware specifications of cards.
Hardware specifications
and installation
H3C N68 Cabinet
Installation and Remodel
Introduction
Guides you through installing and remodeling H3C
N68 cabinets.
Configuration guides
Describe software features and configuration
procedures.
Software configuration
Command references
Provide a quick reference to all available
commands.
H3C SR6602 Release
notes
Operations and
maintenance
H3C SR6608 Release
notes
Provide information about the product release,
including the version history, hardware and software
compatibility matrix, version upgrade information,
technical support information, and software
upgrading.
Obtaining documentation
You can access the most up-to-date H3C product documentation on the World Wide Web at
http://www.h3c.com.
Click the links on the top navigation bar to obtain different categories of product documentation:
[Technical Support & Documents > Technical Documents] – Provides hardware installation, software
upgrading, and software feature configuration and maintenance documentation.
[Products & Solutions] Provides information about products and technologies, as well as solutions.
[Technical Support & Documents > Software Download] – Provides the documentation released with the
software version.
Technical support
customer_service@h3c.com
http://www.h3c.com
Documentation feedback
You can e-mail your comments about product documentation to [email protected].
We appreciate your comments.
i
Contents
ACL configuration commands····································································································································· 1
acl ··············································································································································································1
acl accelerate ···························································································································································2
acl copy·····································································································································································3
acl ipv6······································································································································································3
acl ipv6 copy····························································································································································4
acl ipv6 name···························································································································································5
acl name····································································································································································6
description·································································································································································6
display acl·································································································································································7
display acl accelerate··············································································································································8
display acl ipv6 ····················································································································································· 10
display acl resource ·············································································································································· 11
display time-range················································································································································· 13
reset acl counter ···················································································································································· 14
reset acl ipv6 counter············································································································································ 15
rule (Ethernet frame header ACL view) ··············································································································· 15
rule (IPv4 advanced ACL view)···························································································································· 16
rule (IPv4 basic ACL view)···································································································································· 21
rule (IPv6 advanced ACL view)···························································································································· 22
rule (IPv6 basic ACL view)···································································································································· 26
rule comment·························································································································································· 27
step·········································································································································································· 27
time-range ······························································································································································ 28
QoS policy configuration commands·······················································································································31
Class configuration commands····································································································································· 31
display traffic classifier ········································································································································· 31
if-match ··································································································································································· 32
traffic classifier······················································································································································· 38
Traffic behavior configuration commands··················································································································· 39
accounting······························································································································································ 39
car··········································································································································································· 40
display traffic behavior········································································································································· 42
filter ········································································································································································· 43
gts············································································································································································ 44
redirect ··································································································································································· 45
remark dot1p ························································································································································· 46
remark drop-precedence ······································································································································ 46
remark dscp ··························································································································································· 47
remark ip-precedence ··········································································································································· 48
remark local-precedence ······································································································································ 48
remark qos-local-id ················································································································································ 49
traffic behavior ······················································································································································ 50
traffic-policy···························································································································································· 50
QoS policy configuration and application commands ······························································································ 51
classifier behavior ················································································································································· 51
display qos policy ················································································································································· 52
display qos policy interface ································································································································· 54
ii
display qos vlan-policy ········································································································································· 56
qos apply policy (interface view) ························································································································ 58
qos apply policy (user-profile view)····················································································································· 60
qos policy······························································································································································· 60
qos vlan-policy······················································································································································· 61
reset qos vlan-policy·············································································································································· 62
Priority mapping configuration commands ··············································································································63
Priority mapping table configuration commands········································································································ 63
display qos map-table··········································································································································· 63
import······································································································································································ 65
qos map-table ························································································································································ 65
Port priority configuration commands·························································································································· 66
qos priority····························································································································································· 66
Per-port priority trust mode configuration commands ································································································ 67
display qos trust interface····································································································································· 67
qos trust ·································································································································································· 68
Traffic policing, GTS and line rate configuration commands·················································································69
Traffic policing configuration commands ···················································································································· 69
display qos car interface ······································································································································ 69
display qos carl ····················································································································································· 70
qos car···································································································································································· 71
qos carl··································································································································································· 73
qos resequencing ·················································································································································· 75
GTS configuration commands ······································································································································ 75
display qos gts interface······································································································································· 75
qos gts ···································································································································································· 77
Line rate configuration commands ······························································································································· 78
display qos lr interface ········································································································································· 78
qos lr······································································································································································· 79
Congestion management configuration commands ································································································81
FIFO queuing configuration commands······················································································································· 81
qos fifo queue-length············································································································································· 81
PQ configuration commands ········································································································································ 82
display qos pq interface ······································································································································· 82
display qos pql ······················································································································································ 83
qos pq····································································································································································· 84
qos pql default-queue············································································································································ 84
qos pql protocol ···················································································································································· 85
qos pql queue························································································································································ 86
CQ configuration commands ······································································································································· 87
display qos cq interface ······································································································································· 87
display qos cql ······················································································································································ 88
qos cq····································································································································································· 89
qos cql default-queue ············································································································································ 90
qos cql protocol····················································································································································· 90
qos cql queue ························································································································································ 91
qos cql queue serving··········································································································································· 92
WFQ configuration commands ···································································································································· 93
display qos wfq interface ····································································································································· 93
qos wfq··································································································································································· 94
CBQ configuration commands ····································································································································· 95
display qos cbq interface ····································································································································· 95
qos max-bandwidth··············································································································································· 96
iii
qos reserved-bandwidth ······································································································································· 97
queue af ································································································································································· 98
queue ef·································································································································································· 99
queue wfq ····························································································································································100
queue-length·························································································································································100
wred······································································································································································101
wred dscp ····························································································································································102
wred ip-precedence ············································································································································103
wred weighting-constant·····································································································································104
RTP queuing configuration commands·······················································································································105
display qos rtpq interface···································································································································105
qos rtpq ································································································································································106
QoS token configuration commands ·························································································································107
qos qmtoken·························································································································································107
Packet information pre-extraction configuration command ·····················································································108
qos pre-classify ····················································································································································108
Hardware congestion management configuration commands············································································ 109
SP queuing configuration commands ························································································································109
display qos sp······················································································································································109
qos sp ···································································································································································110
WRR queuing configuration commands ····················································································································110
display qos wrr interface····································································································································110
qos wrr ·································································································································································112
qos wrr group sp·················································································································································112
qos wrr weight·····················································································································································113
WFQ configuration commands ··································································································································114
display qos wfq interface ···································································································································114
qos bandwidth queue ·········································································································································115
qos wfq·································································································································································116
qos wfq weight ····················································································································································116
CBQ configuration commands ···································································································································117
queue af ·······························································································································································117
queue ef································································································································································118
queue wfq ····························································································································································118
wred······································································································································································119
Congestion avoidance configuration commands ································································································· 121
WRED configuration commands ································································································································121
display qos wred interface·································································································································121
qos wred enable··················································································································································122
qos wred dscp ·····················································································································································123
qos wred ip-precedence ·····································································································································124
qos wred weighting-constant ·····························································································································124
DAR configuration commands································································································································ 126
dar enable····························································································································································126
dar p2p signature-file··········································································································································126
dar protocol-group ··············································································································································127
dar protocol-statistic ············································································································································127
display dar protocol-statistic·······························································································································128
protocol ································································································································································129
reset dar protocol-statistic ···································································································································130
QPPB configuration command······························································································································· 131
QPPB configuration command····································································································································131
iv
bgp-policy ····························································································································································131
MPLS QoS configuration commands ····················································································································· 133
MPLS QoS configuration commands ·························································································································133
if-match mpls-exp ·················································································································································133
qos cql protocol mpls exp ··································································································································133
qos pql protocol mpls exp··································································································································134
remark mpls-exp ··················································································································································135
FR QoS configuration commands ·························································································································· 136
FR QoS configuration commands·······························································································································136
cbs·········································································································································································136
cir ··········································································································································································136
cir allow································································································································································137
congestion-threshold············································································································································138
display fr class-map·············································································································································139
display fr fragment-info·······································································································································140
display fr switch-table ·········································································································································142
display qos policy interface ·······························································································································143
ebs ········································································································································································145
fifo queue-length ··················································································································································146
fr class···································································································································································146
fr congestion-threshold ········································································································································147
fr de del································································································································································148
fr del inbound-interface·······································································································································148
fr del protocol ······················································································································································149
fr traffic-policing···················································································································································150
fr traffic-shaping···················································································································································151
fragment ·······························································································································································151
fr-class···································································································································································152
traffic-shaping adaptation ··································································································································153
Index ········································································································································································ 154
1
ACL configuration commands
acl
Syntax
acl number acl-number [ name acl-name ] [ match-order { auto | config } ]
undo acl { all | name acl-name | number acl-number }
View
System view
Default level
2: System level
Parameters
number acl-number: Specifies the number of an IPv4 access control list (ACL):
1
2000 to 2999 for IPv4 basic ACLs
3000 to 3999 for IPv4 advanced ACLs
4000 to 4999 for Ethernet frame header ACLs
name acl-name: Assigns a name for the IPv4 ACL for easy identification. The acl-name argument takes
a case insensitive string of 1 to 63 characters. It must start with an English letter, and to avoid confusion,
cannot be all.
match-order: Sets the order in which ACL rules are compared against packets:
auto—Compares ACL rules in depth-first order. The depth-first order differs with ACL categories. For
more information, see the ACL and QoS Configuration Guide.
config—Compares ACL rules in ascending order of rule ID. The rule with a smaller ID has higher
priority. If no match order is specified, the config order applies by default.
all: Deletes all IPv4 ACLs.
Description
Use the acl command to create an IPv4 ACL and enter its view. If the ACL has been created, you enter its
view directly.
Use the undo acl command to delete the specified IPv4 ACL or all IPv4 ACLs.
By default, no ACL exists.
You can assign a name for an IPv4 ACL only when you create it. After an ACL is created with a name,
you cannot rename it or remove its name.
You can change match order only for ACLs that do not contain any rules.
To display any ACLs you have created, use the display acl command.
Examples
# Create IPv4 basic ACL 2000, and enter its view.
2
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000]
# Create IPv4 basic ACL 2001 with the name flow, and enter its view.
<Sysname> system-view
[Sysname] acl number 2001 name flow
[Sysname-acl-basic-2001-flow]
acl accelerate
Syntax
acl accelerate number acl-number
undo acl accelerate number acl-number
View
System view
Default level
2: System level
Parameters
number acl-number: Specifies the number of an existing IPv4 ACL:
2000 to 2999 for IPv4 basic ACL
3000 to 3999 for IPv4 advanced ACL
Description
Use the acl accelerate command to enable ACL acceleration for an IPv4 ACL.
Use the undo acl accelerate command to disable ACL acceleration for an IPv4 ACL.
By default, ACL acceleration is disabled.
ACL acceleration speeds up ACL lookup. The acceleration effect increases with the number of ACL rules.
ACL acceleration uses memory. To achieve the best trade-off between memory and ACL processing
performance, H3C recommends you enable ACL acceleration for large ACLs.
For example, when you use a large ACL for a session-based service, such as NAT or ASPF, you can
enable ACL acceleration to avoid session timeouts caused by ACL processing delays.
Enable ACL acceleration in an ACL after you have finished editing ACL rules. ACL acceleration always
uses ACL criteria that have been set before it is enabled for rule matching. It does not synchronize with
any subsequent match criterion changes.
ACL acceleration is not available for ACLs that contain a non-contiguous wildcard mask.
Related commands: display acl accelerate.
Examples
# Enable ACL acceleration for IPv4 advanced ACL 3000.
<Sysname> system-view
[Sysname] acl accelerate number 3000
3
acl copy
Syntax
acl copy { source-acl-number | name source-acl-name } to { dest-acl-number | name dest-acl-name }
View
System view
Default level
2: System level
Parameters
source-acl-number: Specifies a source IPv4 ACL that already exists by its number:
2000 to 2999 for IPv4 basic ACLs
3000 to 3999 for IPv4 advanced ACLs
4000 to 4999 for Ethernet frame header ACLs
name source-acl-name: Specifies a source IPv4 ACL that already exists by its name. The source-acl-name
argument takes a case insensitive string of 1 to 63 characters.
dest-acl-number: Assigns a unique number for the IPv4 ACL you are creating. This number must be from
the same ACL category as the source ACL. Available value ranges include:
2000 to 2999 for IPv4 basic ACLs
3000 to 3999 for IPv4 advanced ACLs
4000 to 4999 for Ethernet frame header ACLs
name dest-acl-name: Assigns a unique name for the IPv4 ACL you are creating. The dest-acl-name takes
a case insensitive string of 1 to 63 characters. It must start with an English letter and to avoid confusion,
cannot be all. For this ACL, the system automatically picks the smallest number from all available
numbers in the same ACL category as the source ACL.
Description
Use the acl copy command to create an IPv4 ACL by copying an IPv4 ACL that already exists. Except for
the number and name (if any), the new ACL has the same configuration as the source ACL.
You can assign a name for an IPv4 ACL only when you create it. After an IPv4 ACL is created with a name,
you cannot rename it or remove its name.
Examples
# Create IPv4 basic ACL 2002 by copying IPv4 basic ACL 2001.
<Sysname> system-view
[Sysname] acl copy 2001 to 2002
acl ipv6
Syntax
acl ipv6 number acl6-number [ name acl6-name ] [ match-order { auto | config } ]
undo acl ipv6 { all | name acl6-name | number acl6-number }
View
System view
4
Default level
2: System level
Parameters
number acl6-number: Specifies the number of an IPv6 ACL:
2000 to 2999 for IPv6 basic ACLs
3000 to 3999 for IPv6 advanced ACLs
name acl6-name: Assigns a name for the IPv6 ACL for easy identification. The acl6-name argument takes
a case insensitive string of 1 to 63 characters. It must start with an English letter, and to avoid confusion,
cannot be all.
match-order: Sets the order in which ACL rules are compared against packets:
auto—Compares ACL rules in depth-first order. The depth-first order differs with ACL categories. For
more information, see the ACL and QoS Configuration Guide.
config—Compares ACL rules in ascending order of rule ID. The rule with a smaller ID has higher
priority. If no match order is specified, the config order applies by default.
all: Delete all IPv6 ACLs.
Description
Use the acl ipv6 command to create an IPv6 ACL and enter its ACL view. If the ACL has been created, you
enter its view directly.
Use the undo acl ipv6 command to delete the specified IPv6 ACL or all IPv6 ACLs.
By default, no ACL exists.
You can assign a name for an IPv6 ACL only when you create it. After an IPv6 ACL is created, you cannot
rename it or remove its name.
You can change match order only for ACLs that do not contain any rules.
To display any ACLs you have created, use the display acl ipv6 command.
Examples
# Create IPv6 ACL 2000 and enter its view.
<Sysname> system-view
[Sysname] acl ipv6 number 2000
[Sysname-acl6-basic-2000]
# Create IPv6 basic ACL 2001 with the name flow, and enter its view.
<Sysname> system-view
[Sysname] acl ipv6 number 2001 name flow
[Sysname-acl6-basic-2001-flow]
acl ipv6 copy
Syntax
acl ipv6 copy { source-acl6-number | name source-acl6-name } to { dest-acl6-number | name
dest-acl6-name }
View
System view
5
Default level
2: System level
Parameters
source-acl6-number: Specifies a source IPv6 ACL that already exists by its number:
2000 to 2999 for IPv6 basic ACLs
3000 to 3999 for IPv6 advanced ACLs
name source-acl6-name: Specifies a source IPv6 ACL that already exists by its name. The
source-acl6-name argument takes a case insensitive string of 1 to 63 characters.
dest-acl6-number: Assigns a unique number for the IPv6 ACL you are creating. This number must be from
the same ACL category as the source ACL. Available value ranges include:
2000 to 2999 for IPv6 basic ACLs
3000 to 3999 for IPv6 advanced ACLs
name dest-acl6-name: Assigns a unique name for the IPv6 ACL you are creating. The dest-acl6-name
takes a case insensitive string of 1 to 63 characters. It must start with an English letter and to avoid
confusion, cannot be all. For this ACL, the system automatically picks the smallest number from all
available numbers in the same ACL category as the source ACL.
Description
Use the acl ipv6 copy command to create an IPv6 ACL by copying an IPv6 ACL that already exists.
Except for the number and name (if any), the new ACL has the same configuration as the source ACL.
You can assign a name for an IPv6 ACL only when you create it. After an ACL is created with a name,
you cannot rename it or remove its name.
Examples
# Create IPv6 basic ACL 2002 by copying IPv6 basic ACL 2001.
<Sysname> system-view
[Sysname] acl ipv6 copy 2001 to 2002
acl ipv6 name
Syntax
acl ipv6 name acl6-name
View
System view
Default level
2: System level
Parameters
acl6-name: Specifies the name of an existing IPv6 ACL, a case insensitive string of 1 to 63 characters. It
must start with an English letter.
Description
Use the acl ipv6 name command to enter the view of an IPv6 ACL that has a name.
Related commands: acl ipv6.
6
Examples
# Enter the view of IPv6 ACL flow.
<Sysname> system-view
[Sysname] acl ipv6 name flow
[Sysname-acl6-basic-2001-flow]
acl name
Syntax
acl name acl-name
View
System view
Default level
2: System level
Parameters
acl-name: Specifies the name of an existing IPv4 ACL, which is a case insensitive string of 1 to 63
characters. It must start with an English letter.
Description
Use the acl name command to enter the view of an IPv4 ACL that has a name.
Related commands: acl.
Examples
# Enter the view of IPv4 ACL flow.
<Sysname> system-view
[Sysname] acl name flow
[Sysname-acl-basic-2001-flow]
description
Syntax
description text
undo description
View
IPv4 basic/advanced ACL view, IPv6 basic/advanced ACL view, Ethernet frame header ACL view
Default level
2: System level
Parameters
text: ACL description, a case sensitive string of 1 to 127 characters.
Description
Use the description command to configure a description for an ACL.
Use the undo description command to remove the ACL description.
7
By default, an ACL has no ACL description.
Related commands: display acl and display acl ipv6.
Examples
# Configure a description for IPv4 basic ACL 2000.
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000] description This is an IPv4 basic ACL.
# Configure a description for IPv6 basic ACL 2000.
<Sysname> system-view
[Sysname] acl ipv6 number 2000
[Sysname-acl6-basic-2000] description This is an IPv6 basic ACL.
display acl
Syntax
On a centralized device:
display acl { acl-number | all | name acl-name } [ | { begin | exclude | include } regular-expression ]
On a distributed device:
display acl { acl-number | all | name acl-name } [ slot slot-number ] [ | { begin | exclude | include }
regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
acl-number: Specifies an IPv4 ACL by its number:
2000 to 2999 for basic ACLs
3000 to 3999 for advanced ACLs
4000 to 4999 for Ethernet frame header ACLs
all: Displays information for all IPv4 ACLs.
name acl-name: Specifies an IPv4 ACL by its name. The acl-name argument takes a case insensitive
string of 1 to 63 characters. It must start with an English letter.
slot slot-number: Displays the match statistics for IPv4 ACLs on a card. The slot-number argument specifies
a card by its slot number. If no slot is provided, the command displays the configurations of IPv4 ACLs on
the device. (On a distributed device)
|: Filters command output by specifying a regular expression. For more information about regular
expressions, see the Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
8
regular-expression: Specifies a regular expression, which is a case sensitive string of 1 to 256 characters.
Description
Use the display acl command to display configuration and match statistics for the specified or all IPv4
ACLs.
This command displays ACL rules in config or depth-first order, whichever is configured.
Examples
# Display the configuration and match statistics for all IPv4 ACLs.
<Sysname> display acl all
Basic ACL 2000, named flow, 3 rules,
ACL's step is 5
rule 0 permit
rule 5 permit source 1.1.1.1 0 (2 times matched)
rule 10 permit vpn-instance mk
Basic ACL 2001, named -none-, 3 rules, match-order is auto,
ACL's step is 5
rule 10 permit vpn-instance rd
rule 10 comment This rule is used in VPN rd.
rule 5 permit source 2.2.2.2 0
rule 0 permit
Table 1 Output description
Field
Description
Basic ACL 2000
Category and number of the ACL. The following field information is
about IPv4 basic ACL 2000.
named flow The name of the ACL is flow. "-none-" means the ACL is not named.
3 rules
The ACL contains three rules.
match-order is auto
The match order for the ACL is auto, which sorts ACL rules in depth-first
order. This field is not present when the match order is config.
ACL's step is 5 The rule numbering step is 5.
rule 0 permit Content of rule 0
5 times matched
There have been five matches for the rule. The statistic counts only ACL
matches performed by software.
This field is not displayed when no packets have matched the rule.
Uncompleted
Applying the rule to hardware failed because no sufficient resources
were available or the hardware does not support the rule. This event
might occur when you modify a rule in an ACL that has been applied.
rule 10 comment This rule is used in
VPN rd.
The description of ACL rule 10 is "This rule is used in VPN rd."
display acl accelerate
Syntax
display acl accelerate { acl-number | all } [ | { begin | exclude | include } regular-expression ]
9
View
Any view
Default level
1: Monitor level
Parameters
acl-number: Specifies an IPv4 ACL number:
2000 to 2999 for IPv4 basic ACL
3000 to 3999 for IPv4 advanced ACL
all: Displays ACL acceleration status information for all IPv4 ACLs.
|: Filters command output by specifying a regular expression. For more information about regular
expressions, see the Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, which is a case sensitive string of 1 to 256 characters.
Description
Use the display acl accelerate command to display ACL acceleration status for one or all IPv4 ACLs.
Examples
# Display ACL acceleration status for all IPv4 ACLs.
<Sysname> display acl accelerate all
Status: UTD -- up to date, OOD -- out of date
Accelerate: ACC -- accelerated, UNACC -- unaccelerated
Group Accelerate Status
--------------------------------------------------
2000 ACC UTD
3000 ACC OOD
3001 ACC UTD
3002 UNACC UTD
Table 2 Output description
Field Description
Group IPv4 ACL number
Accelerate
Whether ACL acceleration is enabled:
ACCEnabled
UNACC—Disabled
10
Field Description
Status
Whether ACL acceleration is using up to date criteria for rule matching:
UTD—The ACL criteria are up to date and have not changed since ACL acceleration
was enabled.
OODThe ACL criteria are out of date. This state is displayed, if you have modified the
ACL after ACL acceleration was enabled. ACL acceleration matches packets still
against the old criteria. To ensure correct packet matching, disable and re-enable ACL
acceleration.
display acl ipv6
Syntax
On a centralized device:
display acl ipv6 { acl6-number | all | name acl6-name } [ | { begin | exclude | include }
regular-expression ]
On a distributed device:
display acl ipv6 { acl6-number | all | name acl6-name } [ slot slot-number ] [ | { begin | exclude |
include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
acl6-number: Specifies an IPv6 ACL by its number:
2000 to 2999 for IPv6 basic ACLs
3000 to 3999 for IPv6 advanced ACLs
all: Displays information for all IPv6 ACLs.
name acl6-name: Specifies an IPv6 ACL by its name. The acl6-name argument takes a case insensitive
string of 1 to 63 characters. It must start with an English letter.
slot slot-number: Displays the match statistics for IPv6 ACLs on a card. The slot-number argument
represents the slot number of the card. If no slot number is provided, the command displays configuration
information about all IPv6 ACLs on the device. (On a distributed device)
|: Filters command output by specifying a regular expression. For more information about regular
expressions, see the Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, which is a case sensitive string of 1 to 256 characters.
Description
Use the display acl ipv6 command to display the configuration and match statistics for the specified IPv6
ACL or all IPv6 ACLs.
11
This command displays ACL rules in config or depth-first order, whichever is configured.
Examples
# Display the configuration and match statistics for all IPv6 ACLs.
<Sysname> display acl ipv6 all
Basic IPv6 ACL 2000, named flow, 3 rules,
ACL's step is 5
rule 0 permit
rule 5 permit source 1::/64
rule 10 permit source 1::1/128 (2 times matched)
Basic IPv6 ACL 2001, named -none-, 3 rules, match-order is auto,
ACL's step is 5
rule 10 permit source 1::1/128
rule 10 comment This rule is used on GigabitEthernet 1/0/1.
rule 5 permit source 1::/64
rule 0 permit
Table 3 Output description
Field Description
Basic IPv6 ACL 2000
Category and number of the ACL. The following field information is
about this IPv6 basic ACL 2000.
named flow The name of the ACL is flow. "-none-" means the ACL is not named.
3 rules The ACL contains three rules.
match-order is auto
The match order for the ACL is auto, which sorts ACL rules in depth-first
order. This field is not present when the match order is config.
ACL's step is 5 The rule numbering step is 5.
rule 0 permit Content of rule 0
5 times matched
There have been five matches for the rule. The statistic counts only IPv6
ACL matches performed by software.
This field is not displayed when no packets have matched the rule.
Uncompleted
Applying the rule to hardware failed because no sufficient resources
were available or the hardware does not support the rule. This event
might occur when you modify a rule in an ACL that has been applied.
rule 10 comment This rule is used on
GigabitEthernet 1/0/1.
The description of ACL rule 10 is " This rule is used on GigabitEthernet
1/0/1."
display acl resource
Syntax
display acl resource [ slot slot-number ] [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
/