The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Contents
This module describes how to configure optional IP services. For a complete description of the IP services commands in this chapter, refer to the Cisco IOS IP Application Services Command Reference. To locate documentation of other commands that appear in this module, use the master command list, or search online.
Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Cisco IP accounting support provides basic IP accounting functions. By enabling IP accounting, users can see the number of bytes and packets switched through the software on a source and destination IP address basis. Only transit IP traffic is measured and only on an outbound basis; traffic generated by the software or terminating in the software is not included in the accounting statistics. To maintain accurate accounting totals, the software maintains two accounting databases: an active and a checkpointed database.
Cisco IP accounting support also provides information identifying IP traffic that fails IP access lists. Identifying IP source addresses that violate IP access lists alerts you to possible attempts to breach security. The data also indicates that you should verify IP access list configurations. To make this functionality available to users, you must enable IP accounting of access list violations using the ip accounting access-violations interface configuration command. Users can then display the number of bytes and packets from a single source that attempted to breach security against the access list for the source destination pair. By default, IP accounting displays the number of packets that have passed access lists and were routed.
To configure IP accounting, perform this task for each interface.
1.
enable
2.
configure
terminal
3.
ip
accounting-threshold
threshold
4.
ip
accounting-list
ip-address
wildcard
5.
ip
accounting-transits
count
6.
interface
type
number
7.
ip
accounting [access-violations] [output-packets]
8.
ip
accounting
mac-address {input |
output}
You can display specific statistics such as the contents of IP routing tables, caches, databases and socket processes. The resulting information can be used to determine resource utilization and to solve network problems.
1.
clear
ip
traffic
2.
clear
ip
accounting [checkpoint]
3.
clear
sockets
process-id
4.
show
ip
accounting [checkpoint] [output-packets |
access-violations]
5.
show
interface
type
number
mac
6.
show
interface [type
number]
precedence
7.
show
ip
redirects
8.
show
sockets
process-id [detail] [events]
9.
show
udp [detail]
10.
show
ip
traffic
The following example shows how to enable IP accounting based on the source and destination MAC address and based on IP precedence for received and transmitted packets:
Router# configure terminal Router(config)# interface ethernet 0/5 Router(config-if)# ip accounting mac-address input Router(config-if)# ip accounting mac-address output Router(config-if)# ip accounting precedence input Router(config-if)# ip accounting precedence output
The following example shows how to enable IP accounting with the ability to identify IP traffic that fails IP access lists and with the number of transit records that will be stored in the IP accounting database limited to 100:
Router# configure terminal Router(config)# ip accounting-transits 100 Router(config)# interface ethernet 0/5 Router(config-if)# ip accounting output-packets Router(config-if)# ip accounting access-violations
Related Topic |
Document Title |
---|---|
Cisco IOS commands |
|
IP application services commands |
Standard |
Title |
---|---|
RFC 1256 |
Description |
Link |
---|---|
The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password. |
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Feature Name |
Releases |
Feature Information |
---|---|---|
IP Precedence Accounting |
15.0(1)SY |
The IP Precedence Accounting feature provides accounting information for IP traffic based on the precedence of any interface. This feature calculates the total packet and byte counts for an interface that receives or sends IP packets and sorts the results based on the IP precedence. This feature is supported on all interfaces and subinterfaces and supports Cisco Express Forwarding, distributed Cisco Express Forwarding, flow, and optimum switching. The following commands were introduced by this feature: ip accounting precedence, show interface precedence. |