Creating an IPv6 ACL rule enabled for counter statistics

1. Enter the configure terminal command to access global configuration mode.
   

   device# configure terminal
   

2. Enter the ipv6 access-list command to create or modify an access list.
   

   device(config)# ipv6 access-list extended ip_acl_1
   

3. For each ACL rule for which you need to display statistics, include the count keyword.
   

   device(conf-ip6acl-ext)# seq 20 deny ipv6 2002:2003:1234:1::/64 2001:3001:1234:1::/64 count
   

4. If you have not yet applied the ACL to the appropriate interface, do so now.
5. (Optional) To display ACL counter statistics, enter the show statistics access-list command.
   

   device# show statistics access-list ipv6 ip_acl_1 in
   ipv6 access-list ip_acl_1 on Ethernet 2/3 at Ingress (From User)
       seq 10 deny ipv6 2001:2002:1234:1::/64 2001:1001:1234:1::/64 count (0 frames)
       seq 20 deny ipv6 2002:2003:1234:1::/64 2001:3001:1234:1::/64 count (33 frames)
   

Example

The following example shows how to create an IPv6 extended ACL and define a counter-enabled rule for it.

device# configure terminal
device(config)# ipv6 access-list extended ip_acl_1
device(conf-ip6acl-ext)# seq 10 deny ipv6 2001:2002:1234:1::/64 2001:1001:1234:1::/64 count