Is there any possiblity to check the dropped packets....

  • 22 February 2017
  • 3 replies

Userlevel 1
Is there any possibility to check the dropped packets based on the access rule we have written?

Actual scenario is, We are facing the issue in our network because huge volume of mDNS multicast packets. So, We trying to block the mDNS multicast packets using the following Policy file.

entry block_IPv4mDNS{
if match all {
destination-address ;
then {
count ipv4mDNSdeny ;

So, Is there any way to check whether these packets are blocked? If possible, Please share.


3 replies

Userlevel 6
You could did a mirror action in the ACL. Then you could plug a PC in to see the traffic.
Userlevel 6
Show access-list counter would show how many packets are blocked.
Userlevel 6
or log them to the log using this article.