< Home

SECE/3/PORT_ATTACK_OPERAT_ACL

Message

SECE/3/PORT_ATTACK_OPERAT_ACL: Rule operation failed of auto-port-defend, check the ACL resources and reconfigure auto-port-defend when the ACL resources are sufficient. (Operation=[STRING], Interface=[STRING], Protocol=[STRING])

Description

The ACL rule for port attack defense failed.

Parameters

Parameter Name Parameter Meaning
Operation Indicates the operation type.
Interface Indicates the interface.
Protocol Indicates the protocol type of attack packets.

Possible Causes

When the device detects attack packets on an interface, the device fails to perform ACL operations.

Procedure

  1. Run the display acl resource [ slot slot ] command to view information about ACL resources, including ACL4 and ACL6 resources.
  2. Run the display current-configuration command to check the current configuration on the switch.
  3. Check the services that occupy ACL resources based on ACL resource information and the current configuration as follows, and delete unnecessary services to release ACL resources.

    • Check whether NAC, IPSG, MQC, and ACL-based simplified traffic policy services that occupy a large amount of ACL resources exist on the switch.
    • Check the services that occupy ACL resources based on fields in the ACL resource information. For example, MQC, ACL-based simplified traffic policy, SVF, MPLS, and BFD for VPLS services occupy UDF ACL resources. If a large amount of UDF ACL resources are occupied, check these services first.

  4. If the fault persists, collect log information and configuration information, and then contact technical support personnel. You can collect diagnostic information using the display diagnostic-information command.
Parent Topic: SECE
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >