display auto-port-defend statistics

Function

The display auto-port-defend statistics command displays packet statistics about port attack defense.

Only the S5720-EI, S5720-HI, S5730-HI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S5735-L, S5735S-L, S5735S-L-M, S5735-S, S5735S-S, S5735-S-I, S6720-EI, S6720-HI, S6720S-EI, S6730-H, S6730S-H, S6730-S, and S6730S-S support this command.

Format

display auto-port-defend statistics [ slot slot-id ]

Parameters

Parameter	Description	Value
slot slot-id	The value indicates the slot ID when stacking is not configured. The value indicates the stack ID when stacking is configured. If slot slot-id is not specified, packet statistics on the master device (stack configured) or local device (stack not configured) are displayed.	The value depends on the device configuration.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

You can run this command to view statistics about the packets discarded and accepted in the port attack defense service. The statistics help you understand protocol packet processing status and promptly adjust the attack defense policy.

Example

# Display packet statistics on the interfaces of the device.

<HUAWEI> display auto-port-defend statistics

Statistics on MPU:                                                                                                                  
--------------------------------------------------------------------------------                                                    
Protocol     Vlan Queue Cir(Kbps)  Pass(Packet/Byte)  Drop(Packet/Byte)                                                             
--------------------------------------------------------------------------------                                                    
icmp         NA   2     256        23095              3                                                                             
                                   NA                 NA                                                                            
--------------------------------------------------------------------------------

The preceding information is an example. The displayed packet type depends on the actual situation.

**Table 1** Description of the **display auto-port-defend statistics** command output
Item	Description
Statistics on MPU	Packet statistics on the interfaces of the device.
Protocol	Attack packet type.
Vlan	VLAN ID in attack packets. If the device does not support checking VLAN IDs in attack packets, this field displays NA.
Queue	Queue from which attack packets are sent.
Cir(Kbps)	Protocol rate limit. (When slot is not specified, the default CPCAR value is displayed if the manually configured CPCAR value is smaller than the default CPCAR value; the manually configured CPCAR value is displayed if the manually configured CPCAR value is greater than the default CPCAR value. When slot is specified, the default CPCAR value is displayed. However, the rate limit of protocol packets except DHCP packets cannot exceed 256 kbit/s when slot is specified.) To configure a CIR value, run the car packet-type packet-type cir cir-value command in the attack defense policy view.
Pass(Packet/Byte)	Number and bytes of attack packets that pass through the device. The value 23095 indicates the number of accepted packets. The value NA indicates that the device does not support statistics collection by byte.
Drop(Packet/Byte)	Number and bytes of attack packets discarded by the device. The value 3 indicates the number of discarded packets. The value NA indicates that the device does not support statistics collection by byte.