Creating an IPv6 ACL rule enabled for counter statistics

When you create ACL rules, the count parameter enables you to display counter statistics.

  1. Enter the configure terminal command to access global configuration mode.
    device# configure terminal
    
  2. Enter the ipv6 access-list command to create or modify an access list.
    device(config)# ipv6 access-list extended ip_acl_1
    
  3. For each ACL rule for which you need to display statistics, include the count keyword.
    device(conf-ip6acl-ext)# seq 20 deny ipv6 2002:2003:1234:1::/64 2001:3001:1234:1::/64 count
    
  4. If you have not yet applied the ACL to the appropriate interface, do so now.
  5. (Optional) To display ACL counter statistics, enter the show statistics access-list command.
    device# show statistics access-list ipv6 ip_acl_1 in
    ipv6 access-list ip_acl_1 on Ethernet 2/3 at Ingress (From User)
        seq 10 deny ipv6 2001:2002:1234:1::/64 2001:1001:1234:1::/64 count (0 frames)
        seq 20 deny ipv6 2002:2003:1234:1::/64 2001:3001:1234:1::/64 count (33 frames)
    

Example

The following example shows how to create an IPv6 extended ACL and define a counter-enabled rule for it.
device# configure terminal
device(config)# ipv6 access-list extended ip_acl_1
device(conf-ip6acl-ext)# seq 10 deny ipv6 2001:2002:1234:1::/64 2001:1001:1234:1::/64 count