The traffic-statistic command configures ACL-based traffic statistics globally or in a VLAN.
The undo traffic-statistic command cancels ACL-based traffic statistics globally or in a VLAN
By default, the ACL-based traffic statistics function is not configured globally or in a VLAN.
Use the following command in the inbound direction on a switch:
traffic-statistic [ vlan vlan-id ] inbound acl { bas-acl | adv-acl | name acl-name | l2-acl } [ rule rule-id ] [ by-bytes ] [ secure ]
undo traffic-statistic [ vlan vlan-id ] inbound acl { bas-acl | adv-acl | name acl-name | l2-acl } [ rule rule-id ] [ secure ]
traffic-statistic [ vlan vlan-id ] inbound acl { ipv6 { bas-acl | adv-acl | name acl-name } | user-acl } [ rule rule-id ] [ by-bytes ]
undo traffic-statistic [ vlan vlan-id ] inbound acl { ipv6 { bas-acl | adv-acl | name acl-name } | user-acl } [ rule rule-id ]
Use the following command in the outbound direction on a switch:
traffic-statistic [ vlan vlan-id ] outbound acl { [ ipv6 ] { bas-acl | adv-acl | name acl-name } | l2-acl | user-acl } [ rule rule-id ]
undo traffic-statistic [ vlan vlan-id ] outbound acl { [ ipv6 ] { bas-acl | adv-acl | name acl-name } | l2-acl | user-acl } [ rule rule-id ]
If both Layer 2 and Layer 3 ACLs are configured and the ACL-based traffic statistics function is used in the inbound direction on a switch, use the following command:
traffic-statistic [ vlan vlan-id ] inbound acl l2-acl [ rule rule-id ] acl { bas-acl | adv-acl | name acl-name } [ rule rule-id ] [ by-bytes ] [ secure ]
undo traffic-statistic [ vlan vlan-id ] inbound acl l2-acl [ rule rule-id ] acl { bas-acl | adv-acl | name acl-name } [ rule rule-id ] [ secure ]
traffic-statistic [ vlan vlan-id ] inbound acl { bas-acl | adv-acl } [ rule rule-id ] acl { l2-acl | name acl-name } [ rule rule-id ] [ by-bytes ] [ secure ]
undo traffic-statistic [ vlan vlan-id ] inbound acl { bas-acl | adv-acl } [ rule rule-id ] acl { l2-acl | name acl-name } [ rule rule-id ] [ secure ]
traffic-statistic [ vlan vlan-id ] inbound acl name acl-name [ rule rule-id ] acl { bas-acl | adv-acl | l2-acl | name acl-name } [ rule rule-id ] [ by-bytes ] [ secure ]
undo traffic-statistic [ vlan vlan-id ] inbound acl name acl-name [ rule rule-id ] acl { bas-acl | adv-acl | l2-acl | name acl-name } [ rule rule-id ] [ secure ]
If both Layer 2 and Layer 3 ACLs are configured and the ACL-based traffic statistics function is used in the outbound direction on a switch, use the following command:
traffic-statistic [ vlan vlan-id ] outbound acl l2-acl [ rule rule-id ] acl { bas-acl | adv-acl | name acl-name } [ rule rule-id ]
undo traffic-statistic [ vlan vlan-id ] outbound acl l2-acl [ rule rule-id ] acl { bas-acl | adv-acl | name acl-name } [ rule rule-id ]
traffic-statistic [ vlan vlan-id ] outbound acl { bas-acl | adv-acl } [ rule rule-id ] acl { l2-acl | name acl-name } [ rule rule-id ]
undo traffic-statistic [ vlan vlan-id ] outbound acl { bas-acl | adv-acl } [ rule rule-id ] acl { l2-acl | name acl-name } [ rule rule-id ]
traffic-statistic [ vlan vlan-id ] outbound acl name acl-name [ rule rule-id ] acl { bas-acl | adv-acl | l2-acl | name acl-name } [ rule rule-id ]
undo traffic-statistic [ vlan vlan-id ] outbound acl name acl-name [ rule rule-id ] acl { bas-acl | adv-acl | l2-acl | name acl-name } [ rule rule-id ]
Parameter |
Description |
Value |
|---|---|---|
vlan vlan-id |
Configures ACL-based packet statistics in a specified VLAN. |
The value is an integer that ranges from 1 to 4094. |
inbound |
Collects statistics on packets in the inbound direction. |
- |
outbound |
Collects statistics on packets in the outbound direction. |
- |
acl |
Collects statistics on packets based on the IPv4 ACL. |
- |
ipv6 |
Collects statistics on packets based on the IPv6 ACL. |
- |
bas-acl |
Collects statistics on packets based on a specified basic ACL. |
The value is an integer that ranges from 2000 to 2999. |
adv-acl |
Collects statistics on packets based on a specified advanced ACL. |
The value is an integer that ranges from 3000 to 3999. |
l2-acl |
Collects statistics on packets based on a specified Layer 2 ACL. |
The value is an integer that ranges from 4000 to 4999. |
user-acl |
Collects statistics on packets based on a specified user-defined ACL. |
The value is an integer that ranges from 5000 to 5999. |
name acl-name |
Collects statistics on packets based on a specified named ACL. acl-name specifies the name of the ACL. |
The value must be the name of an existing ACL. |
rule rule-id |
Collects statistics on packets based on a specified ACL rule. |
The value is an integer that ranges from 0 to 4294967294. |
by-bytes |
Indicates that traffic statistics are collected based on the number of bytes. NOTE:
By default, traffic statistics are collected based on the number of packets. After by-bytes is specified, traffic statistics are collected based on the number of bytes. |
- |
secure |
Collects statistics on packets based on packet filtering policies configured through the traffic-secure (system view) command. |
- |
Usage Scenario
After the traffic-statistic command is executed on the device, the device collects statistics on packets matching an ACL. After the statistics function is configured, you can use the display traffic-statistics command to view the statistics.
Precautions
If name acl-name is specified in the command, you need to run the acl name or acl ipv6 name command to create the corresponding ACL. Otherwise, the ACL-based simplified traffic policy fails to be configured.
If rule rule-id is specified in the command, you need to create an ACL and configure the corresponding rule. Otherwise, the ACL-based simplified traffic policy fails to be configured.
If the traffic-statistic (interface view) and traffic-statistic (system view) commands are used simultaneously, the traffic-statistic (interface view) command takes effect.
When the action in an ACL rule is permit or deny, the ACL can be associated with the traffic-statistic command, but deny does not take effect. That is, only traffic statistics are collected.