a. Use the following commands to display ACLs that are used by QoS policies and packet
filters:
− display packet-filter
− display qos policy user-defined
− display traffic classifier user-defined
b. Execute the display acl command to check for overlapping rules in the ACLs.
For example, the following sample output shows that rule 0 in ACL 3100 and rule 0 in ACL
3009 can both match traffic sourced from 2.2.2.1.
ACL number 3100
rule 0 permit ip source 2.2.2.2 0.0.255.255
ACL number 3009
rule 0 permit ip source 2.2.2.2 0.0.0.255
2.
Check the filters and policies that use overlapping ACLs for a behavior conflict.
If two behaviors conflict, the device performs the behavior that has higher priority, as shown
in
Table
Table 4 Rules for selecting a higher priority behavior from conflicting behaviors
Conflicting behaviors
•
redirect
•
filter permit
•
redirect
•
filter deny
•
filter permit
•
filter deny
3.
Revise ACLs, packet filters, or QoS policies to remove the behavior conflict.
4.
If the problem persists, contact Hewlett Packard Enterprise Support.
Related commands
This section lists the commands that you might use for troubleshooting QoS and ACLs.
Command
display acl
display diagnostic-information
display packet-filter
display qos-acl resource
display qos policy user-defined
display traffic classifier
user-defined
Troubleshooting MDC
This section provides troubleshooting information for common MDC problems.
4.
Higher priority behavior
redirect
filter deny
The behavior configured first.
Description
Displays configuration and match statistics for ACLs.
Displays operating statistics for multiple feature modules in the
system.
Displays ACL application information for packet filtering.
Displays ACL resource usage.
Displays user-defined QoS policies.
Displays user-defined traffic classes.
76