Is possible to collect Rejected IP and Ports with snmp?

  • 0
  • 1
  • Question
  • Updated 2 years ago
  • Answered
I want to collect "Rejected IP" + "Rejected Port" from problematic X350.
Is possible get this information with snmp or other method?

Additional Q: if I create ACL to deny unwanted subnet on "Rejected port", Is this deny connection count only on 'show access-list counter' or included also in "Rejected IP" and "Rejected Port" (read: show iparp stats vlan all) ?

I got many rejected counts and because I want start debug collect it to start debug my network incorrect design.

excuse about my bad English and networking knowledge...
Photo of modris bernands

modris bernands

  • 610 Points 500 badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Ron Huygens

Ron Huygens, Employee

  • 2,878 Points 2k badge 2x thumb
As far as I know, these values are not available in any SNMP MIB.
The ACL counters are only shown with 'show access-list counter' and will not show up in any other system counter.
Photo of Kevin Kim

Kevin Kim, Employee

  • 2,266 Points 2k badge 2x thumb
You can allow ARP packets having a sender address within a network subnet configured and deny everything else. You would see ACL deny counter increasing but not see the rejected counter increasing in the show iparp output.

entry 1 { if { arp-sender-address 10.0.0.0/24; } then { permit; } }
entry 2 { if { arp-sender-address 0.0.0.0/0; }     then { deny; count denyarp; } }  
Photo of modris bernands

modris bernands

  • 610 Points 500 badge 2x thumb
Thats is what I need, work greate and block all unvanted ARP.
Photo of modris bernands

modris bernands

  • 610 Points 500 badge 2x thumb

What ir Yours documental library for <match-conditions> in ACL? Is there place where it all together, for example, rfc?

I try find some similaries with wireshark filters, but not sure. Or is this only defined and implemented by extreme designers?

Photo of Kevin Kim

Kevin Kim, Employee

  • 2,266 Points 2k badge 2x thumb
Please check 'Chapter 20 ACLs' in the EXOS 15.3 Concepts Guide. 

http://extremenetworks.com/wp-content/uploads/2014/03/EXOS_Concepts_Guide_15_3_2.pdf
Photo of modris bernands

modris bernands

  • 610 Points 500 badge 2x thumb

I found what i ask. I just need more RTFM, sorry.

Thank You.