traffic-statistic (interface view)

Function

The traffic-statistic command configures ACL-based traffic statistics on an interface.

The undo traffic-statistic command cancels ACL-based traffic statistics on an interface.

By default, the ACL-based traffic statistics function is not configured on an interface.

Format

Use the following command in the inbound direction on a switch interface:

traffic-statistic inbound acl { bas-acl | adv-acl | name acl-name | l2-acl } [ rule rule-id ] [ by-bytes ] [ secure ]

undo traffic-statistic inbound acl { bas-acl | adv-acl | name acl-name | l2-acl } [ rule rule-id ] [ secure ]

traffic-statistic inbound acl { ipv6 { bas-acl | adv-acl | name acl-name } | user-acl } [ rule rule-id ] [ by-bytes ]

undo traffic-statistic inbound acl { ipv6 { bas-acl | adv-acl | name acl-name } | user-acl } [ rule rule-id ]

Use the following command in the outbound direction on a switch interface:

traffic-statistic outbound acl { [ ipv6 ] { bas-acl | adv-acl | name acl-name } | l2-acl } [ rule rule-id ]

undo traffic-statistic outbound acl { [ ipv6 ] { bas-acl | adv-acl | name acl-name } | l2-acl } [ rule rule-id ]

If both Layer 2 and Layer 3 ACLs are configured and the ACL-based traffic statistics function is used in the inbound direction on a switch interface, use the following command:

traffic-statistic inbound acl l2-acl [ rule rule-id ] acl { bas-acl | adv-acl | name acl-name } [ rule rule-id ] [ by-bytes ] [ secure ]

undo traffic-statistic inbound acl l2-acl [ rule rule-id ] acl { bas-acl | adv-acl | name acl-name } [ rule rule-id ] [ secure ]

traffic-statistic inbound acl { bas-acl | adv-acl } [ rule rule-id ] acl { l2-acl | name acl-name } [ rule rule-id ] [ by-bytes ] [ secure ]

undo traffic-statistic inbound acl { bas-acl | adv-acl } [ rule rule-id ] acl { l2-acl | name acl-name } [ rule rule-id ] [ secure ]

traffic-statistic inbound acl name acl-name [ rule rule-id ] acl { bas-acl | adv-acl | l2-acl | name acl-name } [ rule rule-id ] [ by-bytes ] [ secure ]

undo traffic-statistic inbound acl name acl-name [ rule rule-id ] acl { bas-acl | adv-acl | l2-acl | name acl-name } [ rule rule-id ] [ secure ]

If both Layer 2 and Layer 3 ACLs are configured and the ACL-based traffic statistics function is used in the outbound direction on a switch interface, use the following command:

traffic-statistic outbound acl l2-acl [ rule rule-id ] acl { bas-acl | adv-acl | name acl-name } [ rule rule-id ]

undo traffic-statistic outbound acl l2-acl [ rule rule-id ] acl { bas-acl | adv-acl | name acl-name } [ rule rule-id ]

traffic-statistic outbound acl { bas-acl | adv-acl } [ rule rule-id ] acl { l2-acl | name acl-name } [ rule rule-id ]

undo traffic-statistic outbound acl { bas-acl | adv-acl } [ rule rule-id ] acl { l2-acl | name acl-name } [ rule rule-id ]

traffic-statistic outbound acl name acl-name [ rule rule-id ] acl { bas-acl | adv-acl | l2-acl | name acl-name } [ rule rule-id ]

undo traffic-statistic outbound acl name acl-name [ rule rule-id ] acl { bas-acl | adv-acl | l2-acl | name acl-name } [ rule rule-id ]

Parameters

Parameter	Description	Value
inbound	Collects statistics on packets in the inbound direction.	-
outbound	Collects statistics on packets in the outbound direction.	-
acl	Collects statistics on packets based on the IPv4 ACL.	-
ipv6	Collects statistics on packets based on the IPv6 ACL.	-
bas-acl	Collects statistics on packets based on a specified basic ACL.	The value is an integer that ranges from 2000 to 2999.
adv-acl	Collects statistics on packets based on a specified advanced ACL.	The value is an integer that ranges from 3000 to 3999.
l2-acl	Collects statistics on packets based on a specified Layer 2 ACL.	The value is an integer that ranges from 4000 to 4999.
user-acl	Collects statistics on packets based on a specified user-defined ACL.	The value is an integer that ranges from 5000 to 5999.
name acl-name	Collects statistics on packets based on a specified named ACL. acl-name specifies the name of the ACL.	The value must be the name of an existing ACL.
rule rule-id	Collects statistics on packets based on a specified ACL rule.	The value is an integer that ranges from 0 to 4294967294.
by-bytes	Indicates that traffic statistics are collected based on the number of bytes. NOTE: By default, traffic statistics are collected based on the number of packets. After by-bytes is specified, traffic statistics are collected based on the number of bytes.	-
secure	Collects statistics on packets based on packet filtering policies configured through the traffic-secure (interface view) command.	-

Views

VLANIF interface view, Ethernet interface view, MultiGE interface view, GE interface view, XGE interface view, 25GE interface view, 40GE interface view, 100GE interface view, Eth-Trunk interface view, port group view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After the traffic-statistic command is executed on an interface, the device collects statistics on packets matching an ACL. After the statistics function is configured, you can use the display traffic-statistics command to view the statistics.

Precautions

If name acl-name is specified in the command, you need to run the acl name or acl ipv6 name command to create the corresponding ACL. Otherwise, the ACL-based simplified traffic policy fails to be configured.

If rule rule-id is specified in the command, you need to create an ACL and configure the corresponding rule. Otherwise, the ACL-based simplified traffic policy fails to be configured.

Only the S5720-EI, S5720-HI, S5730-HI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-EI, S6720-HI, S6720S-EI, S6730-H, S6730S-H, S6730-S, and S6730S-S support ACL-based simplified traffic policy configuration on a VLANIF interface.

The VLAN corresponding to the VLANIF interface cannot be a Super-VLAN or MUX VLAN.
For the S5720-EI, S6720-EI, and S6720S-EI, an ACL-based simplified traffic policy that is applied to a VLANIF interface is only valid for unicast packets and Layer 3 multicast packets on the VLANIF interface.
For the S5720-HI, S5730-HI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-HI, S6730-H, S6730S-H, S6730-S, and S6730S-S, an ACL-based simplified traffic policy that is applied to a VLANIF interface is only valid for unicast packets on the VLANIF interface.

If the traffic-statistic (system view) and traffic-statistic (interface view) commands are used simultaneously, the traffic-statistic (interface view) command takes effect.

When the action in an ACL rule is permit or deny, the ACL can be associated with the traffic-statistic command, but deny does not take effect. That is, only traffic statistics are collected.

Outbound ACL-based traffic statistics on an interface does not take effect on the S2720-EI, S5720I-SI, S5720-LI, S5720S-LI, S5720S-SI, S5720-SI, S5730S-EI, S5730-SI, S6720-LI, S6720S-LI, S6720S-SI, and S6720-SI if:

Outbound ACL-based traffic statistics is configured, and the ACL is based on VLAN IDs.
VLAN mapping is also configured on the interface, and the mapped VLAN ID is the same as the VLAN ID in ACL-based traffic statistics.

For the S5720-HI, S5730-HI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-HI, S6730-H, S6730S-H, S6730-S, and S6730S-S, if traffic-statistic is applied to an Eth-Trunk in the outbound direction, traffic statistics does not take effect for the packets sent by the CPU. In this case, you can configure traffic statistics or port mirroring in the inbound direction on the interface connected to the Eth-Trunk.

Example

# Configure the ACL-based traffic statistics function in the inbound direction on GE0/0/1 to collect statistics on packets matching rule 1 in ACL 3000.

<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] traffic-statistic inbound acl 3000 rule 1