When you create ACL rules, the
count parameter enables you to display counter statistics.
-
Enter the
configure terminal command to access global configuration mode.
device# configure terminal
-
Enter the
ipv6 access-list command to create or modify an access list.
device(config)# ipv6 access-list extended ip_acl_1
-
For each ACL rule for which you need to display statistics, include the
count keyword.
device(conf-ip6acl-ext)# seq 20 deny ipv6 2002:2003:1234:1::/64 2001:3001:1234:1::/64 count
-
If you have not yet applied the ACL to the appropriate interface, do so now.
-
(Optional) To display ACL counter statistics, enter the
show statistics access-list command.
device# show statistics access-list ipv6 ip_acl_1 in
ipv6 access-list ip_acl_1 on Ethernet 2/3 at Ingress (From User)
seq 10 deny ipv6 2001:2002:1234:1::/64 2001:1001:1234:1::/64 count (0 frames)
seq 20 deny ipv6 2002:2003:1234:1::/64 2001:3001:1234:1::/64 count (33 frames)
Example
The following example shows how to create an IPv6 extended ACL and define a counter-enabled rule for it.
device# configure terminal
device(config)# ipv6 access-list extended ip_acl_1
device(conf-ip6acl-ext)# seq 10 deny ipv6 2001:2002:1234:1::/64 2001:1001:1234:1::/64 count
