Using Acls To Classify Traffic; Creating Ip Standard Acls - Cisco ME 3400 Software Configuration Manual

Ethernet access switch

Hide thumbs Also See for ME 3400:

Command reference manual (950 pages)

Hardware installation manual (88 pages)

Getting started manual (33 pages)

Table of Contents

Configuring QoS

Using ACLs to Classify Traffic

You can classify IP traffic by using IP standard or IP extended ACLs. You can classify IP and non-IP

traffic by using Layer 2 MAC ACLs. For more information about configuring ACLs, see

"Configuring Network Security with ACLs."

Follow these guidelines when configuring QoS ACLs:

These sections describe how to create QoS ACLs:

Beginning in privileged EXEC mode, follow these steps to create an IP standard ACL for IP traffic:

configure terminal

access-list access-list-number

permit source [source-wildcard]

ip access-list standard name

show access-lists

copy running-config

startup-config

To delete an access list, use the no access-list access-list-number global configuration command.

You cannot match IP fragments against configured IP extended ACLs to enforce QoS. IP fragments

are sent as best-effort. IP fragments are denoted by fields in the IP header.

The switch supports only one access group per class in an input policy map.

You cannot configure match-access group in an output policy map.

"Creating IP Standard ACLs" section on page 33-31

"Creating IP Extended ACLs" section on page 33-32

"Creating Layer 2 MAC ACLs" section on page 33-33

Enter global configuration mode.

Create an IP standard ACL, repeating the command as many times as

For access-list-number, enter the access list number. The range is 1 to 99

and 1300 to 1999.

Always use the permit keyword for ACLs used as match criteria in QoS

policies. QoS policies do not match ACLs that use the deny keyword.

For source, enter the network or host from which the packet is being sent.

You can use the any keyword as an abbreviation for 0.0.0.0

255.255.255.255.

(Optional) For source-wildcard, enter the wildcard bits in dotted decimal

notation to be applied to the source.

Define a standard IPv4 access list using a name, and enter access-list

configuration mode. The name can be a number from 1 to 99.

In access-list configuration mode, enter permit source [source-wildcard]

Return to privileged EXEC mode.

Verify your entries.

(Optional) Save your entries in the configuration file.

Cisco ME 3400 Ethernet Access Switch Software Configuration Guide

Configuring QoS

Show Quick Links

Quick Links:
Performance Features

Table of Contents

Using Acls To Classify Traffic; Creating Ip Standard Acls - Cisco ME 3400 Software Configuration Manual

Using ACLs to Classify Traffic

Creating IP Standard ACLs

Hide quick links:

Troubleshooting

Related Manuals for Cisco ME 3400

Related Content for Cisco ME 3400

Table of Contents