Field

Description

Number of rules

Number of security ACEs currently mapped to ports or VLANs.

 

 

Number of leaf nodes

Number of security ACL data entries stored in the rule tree.

 

 

Stored rule count

Number of security ACEs stored in the rule tree.

 

 

Leaf chain count

Number of chained security ACL data entries stored in the rule tree.

 

 

Longest leaf chain

Longest chain of security ACL data entries stored in the rule tree.

 

 

Number of non-leaf nodes

Number of nodes with no data entries stored in the rule tree.

 

 

Uncompressed Rule Count

Number of security ACEs stored in the rule tree, including duplicates—ACEs in ACLs applied

to multiple ports, virtual ports, or VLANs.

 

 

Maximum node depth

Number of data elements in the rule tree, from the root to the furthest data entry (leaf).

 

 

Sub-chain count

Sum of action types represented in all security ACL data entries.

 

 

PSCBs in primary memory

Number of pattern search control blocks (PSCBs) stored in primary node memory.

 

 

PSCBs in secondary

Number of PSCBs stored in secondary node memory.

memory

 

 

 

Leaves in primary

Number of security ACL data entries stored in primary leaf memory.

 

 

Leaves in secondary

Number of ACL data entries stored in secondary leaf memory.

 

 

Sum node depth

Total number of security ACL data entries.

 

 

 

Control value for handling fragmented IP packets.

Fragmentation control

Note: The current MSS version filters only the first packet of a fragmented IP packet and

 

passes the remaining fragments.

 

 

 

Control value for handling fragmented IP packets.

UC switchdest

Note: The current MSS version filters only the first packet of a fragmented IP packet and

 

passes the remaining fragments.

 

 

 

Control value for handling fragmented IP packets.

Port number

Note: The current MSS version filters only the first packet of a fragmented IP packet and

 

passes the remaining fragments.

 

 

Number of action types

Number of actions that can be performed by ACLs. This value is always 2, because ACLs

can either permit or deny.

 

 

 

LUdef in use

Number of the lookup definition (LUdef) table currently in use for packet handling.

 

 

Default action pointer

Memory address used for packet handling, from which default action data is obtained when

necessary.

 

 

 

 

Security ACL mapping on the switch:

L4 global

True—Security ACLs are mapped.

 

False—No security ACLs are mapped.

 

 

 

Security ACE rule mapping on the switch:

No rules

True—No security ACEs are mapped.

 

False—Security ACEs are mapped.

 

 

 

Non-IP security ACE mapping on the switch:

Non-IP rules

True—Non-IP security ACEs are mapped.

False—Only IP security ACEs are mapped.

 

 

Note: The current MSS version supports security ACEs for IP only.

 

 

 

Leaf buffer allocation:

 

• True - Enough primary leaf buffers are allocated in nonvolatile memory to accommodate

Root in first

all leaves.

 

• False - Insufficient primary leaf buffers are allocated in nonvolatile memory to accommodate

 

all leaves.

 

 

D-Link DWS-1008 CLI Manual

488

Page 491
Image 491
D-Link dws-1008 manual Link DWS-1008 CLI Manual 488