Is there any possiblity to check the dropped packets....

  • 22 February 2017
  • 3 replies
  • 1064 views

Userlevel 1
Is there any possibility to check the dropped packets based on the access rule we have written?

Actual scenario is, We are facing the issue in our network because huge volume of mDNS multicast packets. So, We trying to block the mDNS multicast packets using the following Policy file.

entry block_IPv4mDNS{
if match all {
destination-address 224.0.0.251/32 ;
}
then {
deny;
count ipv4mDNSdeny ;
}
}

So, Is there any way to check whether these packets are blocked? If possible, Please share.

Thanks


3 replies

Userlevel 6
or log them to the log using this article.
https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-Capture-received-packets-using-an-A...

Userlevel 6
You could did a mirror action in the ACL. Then you could plug a PC in to see the traffic.
Userlevel 6
Show access-list counter would show how many packets are blocked.

Reply