Cisco Catalyst 4500 Series Software Configuration Manual page 1511
Cisco ios xe release 3.9.xe and cisco ios release 15.2(5)ex
Hide thumbs
Also See for Catalyst 4500 Series:
- Administration manual (1814 pages) ,
- Configuration manual (1610 pages) ,
- Command reference manual (1230 pages)
Table of Contents
Advertisement
Chapter 57
Configuring Control Plane Policing and Layer 2 Control Packet QoS
Command
Step 3
Switch(config)# {ip | mac} access-list
extended {access-list-name}
For an ip access list, issue
Switch(config-ext-nacl)#{permit|deny}
{protocol} source {source-wildcard}
destination {destination-wildcard}
For a mac access list, issue
Switch(config-ext-macl)#{permit|deny}
source {source-wildcard} destination
{destination-wildcard} [protocol-family]
OR
Switch(config)# access-list
{access-list-name} {permit | deny}
{type-code wild-mask | address mask}
Step 4
Switch(config)# class-map
{traffic-class-name}
Switch(config-cmap)# match access-group
{access-list-number | name
{access-list-name}}
Step 5
Switch(config-cmap)# exit
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Configuring Control Plane Policing
Purpose
Defines ACLs to match traffic:
•
permit—Sets the conditions under which a
packet passes a named ACL
•
deny—Sets the conditions under which a
packet does not pass a name ACL
Note
You must configure ACLs in most cases to
identify the important or unimportant
traffic.
type-code—16-bit hexadecimal number
•
written with a leading 0x; for example,
0x6000. Specify either a Link Service Access
Point (LSAP) type code for 802-encapsulated
packets or a SNAP type code for
SNAP-encapsulated packets. (LSAP,
sometimes called SAP, refers to the type codes
found in the DSAP and SSAP fields of the 802
header.)
wild-mask—16-bit hexadecimal number
•
whose ones bits correspond to bits in the
type-code argument. The wild-mask indicates
which bits in the type-code argument should
be ignored when making a comparison. (A
mask for a DSAP/SSAP pair should always be
0x0101 because these two bits are used for
purposes other than identifying the SAP
code.)
•
address—48-bit Token Ring address written
as a dotted triple of four-digit hexadecimal
numbers. This field is used for filtering by
vendor code.
mask—48-bit Token Ring address written as a
•
dotted triple of four-digit hexadecimal
numbers. The ones bits in the mask are the bits
to be ignored in address. This field is used for
filtering by vendor code.
Defines the packet classification criteria. To
identify the traffic associated with the class, use
the match statements.
Returns to global configuration mode.
57-7
Advertisement
Chapters
Table of Contents
Troubleshooting
