according to https://supportforums.cisco.com/discussion/10860216/matchhit-acl-37503560 ACL hit count doesn't increasing because of fast-switching/hardware-routing and the only way to see if ACL hits is from logging with the "log" keyword. After a while there some hits on ACL entry (should be more), but not a single log entry. Official cisco configuration guide says "log" keyword on standard ACL should produce a log entry because it's processed by cpu.
1. Why logging doesn't work?
2. Only standard ACLs support logging?
3. Is there another way to check if an ACL entry match?
SW Version: 12.2(55)EX3
10 permit any log (20 matches) 20 deny any log
Buffer logging: level notifications, 1 messages logged, xml disabled, filtering disabled
Exception Logging: size (4096 bytes) Count and timestamp logging messages: disabled File logging: file flash:test.log, max size 500000, min size 0, level debugging, 198 messages logged Persistent logging: disabled No active filter modules. Trap logging: level debugging, 204 message lines logged Log Buffer (4096 bytes): 000197: Apr 15 11:57:18: %SYS-5-CONFIG_I: Configured from console by ciscoadmin on vty6 (10.17.36.13)
... View more
Hello, there are many posts about udld but still I don´t understand how this is working. I know that it should protect against L2-loops. According to the cisco documentation udld err-disable or alert (aggressive or normal mode) when a connection just sending or just receiving packets AND the link is still up...but in which scenario this happening? (perhaps defect gbic?) We try just to disconnect one fiber, the port goes down but no udld events appear. How could we test if udld is working correctly on direct fiber connections (99% direct connections in our network structure, 1% with copper-fiber media converter in between) Makes this sense in this LAN environment? Loop-Guard is activated. Thanks, Sebastian
... View more