Using Acl Filters; Summary Of Acl Actions; Acl Metering And Re-Marking - Lenovo CN4093 Application Manual

Using ACL Filters

Summary of ACL Actions

ACL Metering and Re-Marking

© Copyright Lenovo 2015
Access Control Lists (ACLs) are filters that allow you to classify and segment
traffic, so you can provide different levels of service to different traffic types. Each
filter defines conditions that packets must match for inclusion in a particular
service class, and also the actions that are performed for matching traffic.
The CN4093 allows you to classify packets based on various parameters. For
example:
 Ethernet—source MAC, destination MAC, VLAN number/mask, Ethernet type,
priority
 IPv4—source IP address/mask, destination address/mask, type of service, IP
protocol number
IPv6—source IP address/prefix, destination address/prefix, next header, flow

label, traffic class
 TCP/UPD—source port, destination port, TCP flag
 Packet format—Ethernet format, tagging format, IPv4, IPv6
 Egress port
For ACL details, see "Access Control Lists" on page
Actions determine how the traffic is treated. The CN4093 QoS actions include the
following:
 Pass or Drop the packet
 Re-mark the packet with a new DiffServ Code Point (DSCP)
 Re-mark the 802.1p field
 Set the COS queue
You can define a profile for the aggregate traffic flowing through the CN4093 by
configuring a QoS meter (if desired) and assigning ACL Groups to ports. When
you add ACL Groups to a port, make sure they are ordered correctly in terms of
precedence.
Actions taken by an ACL are called In-Profile actions. You can configure additional
In-Profile and Out-of-Profile actions on a port. Data traffic can be metered, and
re-marked to ensure that the traffic flow provides certain levels of service in terms
of bandwidth for different types of network traffic.
103.
Chapter 12: Quality of Service
197