04-IP Accounting Commands

8/10/2019 04-IP Accounting Commands

1/12

Command Manual IP Accounting (IP Services Volume) Table of Contents

Huawei Proprietary and Confidential

Copyright (c) Huawei Technologies Co., Ltd

i

Table of Contents

Chapter 1 IP Accounting Configuration Commands ................................................................. 1-1

1.1 IP Accounting Configuration Commands........................................................................... 1-1

1.1.1 display ip count........................................................................................................ 1-1

1.1.2 display ip count rule ................................................................................................ 1-2

1.1.3 ip count enable........................................................................................................ 1-3

1.1.4 ip count exterior-threshold....................................................................................... 1-4

1.1.5 ip count firewall-denied ........................................................................................... 1-5

1.1.6 ip count inbound-packets ........................................................................................ 1-6

1.1.7 ip count interior-threshold........................................................................................ 1-7

1.1.8 ip count outbound-packets...................................................................................... 1-8

1.1.9 ip count rule............................................................................................................. 1-8

1.1.10 ip count timeout..................................................................................................... 1-9

1.1.11 reset ip count....................................................................................................... 1-10


2/12


3/12

Command Manual IP Accounting (IP Services Volume) Chapter 1 IP Accounting Configuration Commands



1-1

The support for this feature depends on the specific model of the Quidway AR series

routers.

Note:

Refer to the configuration manual of this module for feature support of the Quidway

AR series routers.

All the models of the Quidway AR series routers are centralized devices.

Chapter 1 IP Accounting Configuration

Commands

1.1 IP Accounting Configuration Commands

1.1.1 display ip count

Syntax

display ip count { inbound-packets | outbound-packets } { exterior |

firewall-denied|interior}

View

Any view

Default Level

1: Monitor level

Parameters

inbound-packets: Displays information about incoming IP packets.

outbound-packets: Displays information about outgoing IP packets.

exterior: Displays information about the IP packets in the exterior table. The exterior

table records valid rule-incompliant packets.

firewall-denied: Displays information about denied IP packets.


4/12

Chapter 1 IP Accounting Configuration Commands Command Manual IP Accounting (IP Services Volume)

1-2 Huawei Proprietary and Confidential


interior: Displays information about the IP packets in the interior table. The interior

table records valid rule-compliant packets.

Note:

If no firewall is configured on the interface, valid packets refer to all incoming and

outgoing IP packets. If a firewall is configured, only those valid packets can pass the

firewall.

Description

Use the display ip count command to display the statistics of the IP accounting about

IP packets.

Examples

# Display information about valid rule-incompliant incoming IP packets.

display ip count inbound-packets exterior

6 Inbound streams information in exterior list:

SrcIP DstIP Protocol Pkts Bytes

0.0.0.0 255.255.255.255 UDP 28 9502

10.153.72.181 10.153.73.255 UDP 174 38034

10.153.72.137 239.255.255.250 UDP 4 64410.153.72.141 224.0.0.2 IGMP 4 128

10.153.72.141 224.0.0.9 UDP 4 208

10.153.72.141 224.0.0.9 IGMP 4 128

Table 1-1 display ip countcommand output description

Field Description

SrcIP Source IP address of a packet

DstIP Destination IP address of a packet

Protocol Protocol carried in a packet

Pkts Number of packets

Bytes Number of bytes of packets

1.1.2 display ip count rule

Syntax

display ip count rule


5/12




1-3

View

Any view

Default Level

1: Monitor level

Parameters

None

Description

Use the display ip count rulecommand to display IP accounting rules.

Examples

# Display IP accounting rules.

display ip count rule

IP Count rule list:

IP address address mask

1.1.1.0 255.255.255.0

2.0.0.0 255.0.0.0

------------------------------------

Total: 2 rules

Table 1-2 display ip count rulecommand output description

Field Description

IP address IP address

address mask Subnet mask

1.1.3 ip count enable

Syntax

ip count enable

undo ip count enable

View

System view

Default Level

2: System level


6/12




Parameters

None

Description

Use the ip count enablecommand to enable IP accounting.

Use the undo ip count enablecommand to disable IP accounting.

By default, IP accounting is disabled.

Examples

# Enable IP accounting.

system-view

[Sysname] ip count enable

1.1.4 ip count exterior-threshold

Syntax

ip count exterior-thresholdnumber

undo ip count exterior-threshold

View

System view

Default Level

2: System level

Parameters

number: Maximum number of flow records in the exterior table, in the range of 0 to

8,192.

Description

Use the ip count exterior-thresholdcommand to configure the maximum number of

flow records in the exterior table.

Use the undo ip count exterior-threshold command to restore the default. When

doing this, you are prompted to clear the table first if any flow records already exist in

the table.

By default, the maximum number of flow records in the exterior table is 0.

Rule-incompliant packets are not to be counted.

IP packets are sorted as follows:

If a firewall is configured on an interface and incoming and outgoing IP packets are

denied by the firewall, these IP packets are counted in the firewall-denied table.


7/12




1-5

If the source or destination IP address of the IP packets passing the interface (in

this case, a firewall may be configured or not) matches a network address in the IP

accounting rule, the packets are recorded in the interior table. Otherwise, the

packets are counted in the exterior table.

Examples

# Set the maximum number of flow records in the exterior table to 100.

system-view

[Sysname] ip count exterior-threshold 100

1.1.5 ip count firewall-denied

Syntax

ip count firewall-denied {inbound-packets |outbound-packets }

undo ip count firewall-denied {inbound-packets |outbound-packets}

View

Interface view

Default Level

2: System level

Parameters

inbound-packets: Counts the incoming IP packets denied by the firewall on the current

interface.

outbound-packets: Counts the outgoing IP packets denied by the firewall on the

current interface.

Description

Use the ip count firewall-denied command to count the IP packets denied by the

firewall on the current interface.

Use the undoip count firewall-deniedcommand to restore the default.

By default, IP packets denied by the firewall are not counted.

Information about counted firewall-denied IP packets is stored in the firewall-denied

table.

Examples

# Count the outgoing IP packets denied by the firewall on Ethernet 1/0.

system-view

[Sysname] interface ethernet 1/0

[Sysname-Ethernet1/0] ip count firewall-denied outbound-packets


8/12


9/12




1-7

[Sysname-Ethernet1/0] ip count inbound-packets

# Specify not to count valid incoming IP packets on Ethernet 1/0.

system-view


[Sysname-Ethernet1/0] undo ip count inbound-packets

1.1.7 ip count interior-threshold

Syntax

ip count interior-threshold number

undo ip count interior-threshold

View

System view

Default Level

2: System level

Parameters

number: Maximum number of flow records in the interior table, in the range 0 to 16,384.

Description

Use the ip count interior-thresholdcommand to configure maximum number of flow

records in the interior table.

Use the undo ip count interior-threshold command to restore the default. When

doing this, you are prompted to clear the table first if the number of flow records in the

table is greater than the default.

By default, maximum number of flow records in the interior table is 512.

IP packets are sorted as follows:


denied by the firewall, these IP packets are recorded in the firewall-denied table. If the source or destination IP address of the IP packets passing the interface (in

this case, a firewall may be configured or not) matches a network address in the IP

accounting rule, the packets are recorded in the interior table. Otherwise, the

packets are recorded in the exterior table.

Examples

# Set maximum number of flow records in the interior table to 1000.

system-view

[Sysname] ip count interior-threshold 1000


10/12




1.1.8 ip count outbound-packets

Syntax

ip count outbound-packetsundo ip count outbound-packets

View

Interface view

Default Level

2: System level

Parameters

None

Description

Use the ip count outbound-packetscommand to count outgoing valid IP packets on

the current interface.

Use the undoip count outbound-packetscommand to restore the default.

By default, valid outgoing IP packets on the interface are not counted.

You can execute this command in interface view to count outgoing IP packets, which

will be stored in the exterior table or interior table, depending on whether they match theaccounting rules.

Examples

# Count valid outgoing IP packets on Ethernet 1/0.

system-view


[Sysname-Ethernet1/0] ip count outbound-packets

1.1.9 ip count rule

Syntax

ip count rule ip-address{mask | mask-length }

undo ip count rule[ ip-address {mask | mask-length } ]

View

System view

Default Level

2: System level


11/12




1-9

Parameters

ip-address: IP address.

mask: Subnet mask.

mask-length: Length of a subnet mask, in the range of 0 to 32.

Description

Use the ip count rulecommand to create an IP accounting rule.

Use the undoip count rulecommand to remove the specified accounting rule. All IP

accounting rules will be deleted if no parameter is specified.

Each IP accounting rule consists of an IP address and its mask, namely, a network

address, which is the result of ANDing the IP address with its mask. IP packets are

sorted as follows:


denied by the firewall, these IP packets are counted in the firewall-denied table.

If the source or destination IP address of the IP packets passing the interface (in

this case, a firewall may be configured or not) matches a network address in the

rule, the packets are counted in the interior table. Otherwise, the packets are

counted in the exterior table.

Note that:

You can configure up to 32 rules.

If no rule is configured, the current packets are not concerned and are all countedin the exterior table.

Examples

# Create an IP accounting rule.

system-view

[Sysname] ip count rule 169.254.10.1 255.255.0.0

1.1.10 ip count timeout

Syntax

ip count timeoutminutes

undo ip count timeout

View

System view

Default Level

2: System level


12/12




Parameters

minutes: Aging time in minutes for a flow record in the accounting table, in the range of

60 to 10,080.

Description

Use the ip count timeoutcommand to configure aging time for a flow record in the IP

accounting table.

Use the undoip count timeoutcommand to restore the default.

By default, the aging time for a flow record is 720 minutes, namely, 12 hours.

If a flow record does not update before its aging time expires, the record is considered

expired and then deleted.

Examples

# Set the aging time for a flow record to 100 minutes.

system-view

[Sysname] ip count timeout 100

1.1.11 reset ip count

Syntax

reset ip count {all | exterior| firewall| interior }

View

User view

Default Level

2: System level

Parameters

all: Clears all statistics.

firewall: Clears the statistics from the firewall-denied table.

exterior: Clears the statistics from the exterior table.

interior: Clears the statistics from the interior table.

Description

Use the reset ip countcommand to clear the statistics of IP packets.

Examples

# Clear the statistics of all IP packets.

reset ip count all

04-IP Accounting Commands

Documents

Transcript of 04-IP Accounting Commands