show policy
Syntax
Syntax that shows information for all policies:
show policy [commands] [configuration] [vsx-peer]
Syntax that filters by policies applied to an interface or VLAN:
show policy [interface <IF-NAME> [in | out | routed-in] | vlan <VLAN-ID> [in | out]]
[commands] [configuration] [vsx-peer]
Syntax that filters by the named policy:
show policy <POLICY-NAME> [commands] [configuration] [vsx-peer]
Syntax that filters by the globally applied policy:
show policy global [commands] [configuration] [vsx-peer]
Syntax that shows statistical information in the form of hit counts:
show policy hitcounts <POLICY-NAME> [interface <IF-NAME> [in | out | routed-in] |
vlan <VLAN-ID> [in | out]] [vsx-peer]
Syntax that shows statistical information in the form of hit counts for the globally applied policy:
show policy hitcounts global [vsx-peer]
Description
Shows information about your defined policies and where they have been applied. When
show policy
is entered without parameters, information for all policies is shown. The parameters filter the list of policies for which information is shown.
The content of a specific policy.
All policies applied to a specific interface.
All policies applied to a specific VLAN.
The globally applied policy.
The inbound (ingress) or outbound (egress) direction.
To display policy statistics, use the
show policy hitcounts
form of this command.
Command context
Operator (>
) or Manager (#
)
Parameters
interface <IF-NAME>
Specifies the interface name.
vlan <VLAN-ID>
Specifies the VLAN.
in
Selects the inbound (ingress) traffic direction.
out
Selects the outbound (egress) traffic direction.
routed-in
Selects the routed in traffic direction. Not applicable to a policy applied to a VLAN.
<POLICY-NAME>
Specifies the policy name.
commands
Causes the policy definition to be shown as the commands and parameters used to create it rather than in tabular form.
configuration
Causes the user-configured policies be shown as entered, even if the policies are not active due to policy-definition command issues or hardware issues. This parameter is useful if there is a mismatch between the entered configuration and the previous successfully programmed (active) policies configuration.
global
Selects the globally applied policy.
hitcounts
Selects the policy hit counts (statistics).
[vsx-peer]
Shows the output from the VSX peer switch. If the switches do not have the VSX configuration or the ISL is down, the output from the VSX peer switch is not displayed. This parameter is available on switches that support VSX.
Authority
Operators or Administrators or local user group members with execution rights for this command. Operators can execute this command from the operator context (>) only.
Examples
On the 6400 Switch Series, interface identification differs.
Showing information for all policies:
switch# show policy Name Sequence Comment Class Type action ------------------------------------------------------------------------------- my_policy 10 This is my QOS class. class1 ipv4 dscp af21 drop -------------------------------------------------------------------------------
switch# show policy commands policy my_policy 10 class ip my_class1 action dscp af21 action drop
switch# show policy global commands policy my_policy 10 class ip my_class1 action drop apply policy my_policy in
switch# show policy hitcounts my_policy Statistics for Policy my_policy: Interface 1/1/1* (in): Hit Count Configuration 10 class ip my_class1 action dscp af21 action drop 20 10 match any any any count * policy statistics are shared among each context type (interface, VLAN). For routed ingress, they are only shared within the same VRF. Use 'policy NAME copy' to create a new policy for separate statistics.
switch# show policy hitcounts global Statistics for Policy my_policy: Global Policy: Hit Count Configuration 10 class ip my_class1 action mirror 20 10 match any any any count * policy statistics are shared among each context type (interface, vlan, VRF). use 'policy NAME copy' to create a uniquely-named policy
switch# show policy hitcounts my_policy Statistics for Policy my_policy: Interface 1/1/1* (in): Hit Count Configuration 10 class ipv6 my_class1 action cir kbps 1024 cbs 2000 exceed drop [1024 kbps conform ] - 10 match any any any * policy statistics are shared among each context type (interface, VLAN). For routed ingress, they are only shared within the same VRF. Use 'policy NAME copy' to create a new policy for separate statistics.