Table of Contents
Advertisement
DGS-3224SR Stackable Gigabit Ethernet Switch User's Guide
Command
Parameters
| ip {vlan <vlan_name 32> | source_ip
<ipaddr> | destination_ip <ipaddr> | dscp
<value0-63> | icmp {type <value 0-255> |
code <value 0-255>} | igmp {type <value 0-
255>}
| tcp {src_port <value 0-65535> | dst_port
<value 0-65535>} | udp {src_port <value 0-
65535> | dst_port <value 0-65535>} |
protocol_id <value 0-255> {user_define
<hex 0x0-0xffffffff>}]}] {priority <value 0-7>
{replace_priority} | replace_dscp <value 0-
63>}| delete <value 1-50>]
Due to a chipset limitation, the switch currently supports a
maximum of ten access profiles, each containing a maximum of
50 rules − with the additional limitation of 50 rules total for all
eight (8) access profiles.
Access profiles allow you to establish criteria to determine
whether the switch will forward packets based on the
information contained in each packet's header. These criteria
can be specified on a VLAN-by-VLAN basis.
Creating an access profile is divided into two basic parts. First,
an
access
profile
must
access_profile command. For example, if you want to deny all
traffic to the subnet 10.42.73.0 to 10.42.73.255, you must first
create an access profile that instructs the switch to examine all
of the relevant fields of each frame, and specify deny:
create access_profile ip source_ip_mask 255.255.255.0
profile_id 1 deny
Here we have created an access profile that will examine the IP
field of each frame received by the switch. Each source IP
be
created
using
the
230
create
Advertisement
Table of Contents
