CLEAR-Flow
ExtremeWare XOS 11.3 Concepts Guide
386
If a keyword is not supported, or a counter name is not found, a string of
“unknownKeyword[$keyword]” will be substituted
For the $vlanName and $port keyword, the keyword
all will be substituted for those rules in the
wildcard ACL Some CLI commands do not support the
all keyword, so caution must be used with CLI
commands that use this feature.
A maximum of 10 different counter substitutions can be used per rule, including counters used in
expressions. For example, if a rule uses four counters in its expressions, then we can use six more
different counters in keyword substitutions, for a total of 10.
Predefined CLEAR-Flow Counters
There are a number of packet statistics gathered by the XOS kernel. In order to allow you to use these
statistics in CLEAR-Flow expressions, these kernel counters are now available for use with CLEAR-
Flow. Most of the counter names are based directly on well known names from common kernel
structures and MIBs. The names are modified from their familiar form by prepending the characters
sys_ to the counter names.
Table 55: Keyword Substitutions
Keyword Substitution
$policyName Replace with the policy name.
$ruleName Replace with the CLEAR-Flow rule name.
$<counterName> Replace with counter value for the indicated counter name.
$ruleValue Replace with the current expression value.
$ruleThreshold Replace with the expression threshold value.
$ruleInterval Replace with the rule sampling/evaluation interval.
$vlanName Replace with the interface VLAN name.
$port Replace with the interface port number.
Table 56: Predefined CLEAR-Flow Counters
Counter Name Description
1
sys_IpInReceives The total number of input IP packets received from interfaces, including those
received in error.
sys_IpInHdrErrors The number of input IP packets discarded due to errors in their IP headers,
including bad checksums, version number mismatch, other format errors, time-
to-live exceeded, errors discovered in processing their IP options, etc.
sys_IpInAddrErrors The number of input IP packets discarded because the IP address in their IP
header's destination field was not a valid address to be received at this entity.
This count includes invalid addresses (e.g., 0.0.0.0) and addresses of
unsupported Classes (e.g., Class E).
sys_IpForwDatagrams The number of input IP packets for which this entity was not their final IP
destination, as a result of which an attempt was made to find a route to forward
them to that final destination.
sys_IpInUnknownProtos The number of locally-addressed IP packets received successfully but discarded
because of an unknown or unsupported protocol.
To Next Page
Loading...