Classifying Traffic By Using Acls; Classifying Traffic By Using Class Maps - Cisco Catalyst 2950 Software Configuration Manual
Hide thumbs
Also See for Catalyst 2950:
- Configuration manual (710 pages) ,
- Command reference manual (686 pages) ,
- Software configuration manual (674 pages)
Table of Contents
Advertisement
Configuring QoS
This section contains this configuration information:
•
•
•
Classifying Traffic by Using ACLs
You can classify IP traffic by using IP standard or IP extended ACLs; you can classify Layer 2 traffic by
using Layer 2 MAC ACLs.
Beginning in privileged EXEC mode, follow these steps to create an IP standard ACL for IP traffic:
Command
Step 1
configure terminal
Step 2
access-list access-list-number {deny |
permit | remark} {source source-wildcard
| host source | any}
Step 3
end
Step 4
show access-lists
Step 5
copy running-config startup-config
To delete an ACL, use the no access-list access-list-number global configuration command.
This example shows how to allow access for only those hosts on the two specified networks. The
wildcard bits apply to the host portions of the network addresses. Any host with a source address that
does not match the ACL statements is rejected.
Switch(config)# access-list 1 permit 192.5.255.0 0.0.0.255
Switch(config)# access-list 1 permit 36.0.0.0 0.0.0.255
Catalyst 2950 Desktop Switch Software Configuration Guide
24-14
Classifying Traffic by Using ACLs, page 24-14
Classifying Traffic by Using Class Maps, page 24-17
Classifying, Policing, and Marking Traffic by Using Policy Maps, page 24-18
Purpose
Enter global configuration mode.
Create an IP standard ACL, repeating the command as many times as
necessary.
For access-list-number, enter the ACL number. The range is 1 to 99 and
1300 to 1999.
Enter deny or permit to specify whether to deny or permit access if
conditions are matched.
The source is the source address of the network or host from which the
packet is being sent, specified in one of three ways:
•
The 32-bit quantity in dotted-decimal format.
•
The keyword any as an abbreviation for source and
source-wildcard of 0.0.0.0 255.255.255.255. You do not need to
enter a source-wildcard.
The keyword host as an abbreviation for source and
•
source-wildcard of source 0.0.0.0.
(Optional) The source-wildcard applies wildcard bits to the source (see
first bullet item).
Deny statements are not supported for QoS ACLS. See the
Note
"Classification Based on QoS ACLs" section on page 24-5
more details.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Chapter 24
Configuring QoS
for
78-11380-04
Advertisement
Table of Contents
Troubleshooting
