Filter
Top Products
216 CHAPTER 7: QOS/ACL OPERATION
Define ACL rule for the traffic with source MAC 00e0-fc01-0101 and destination
MAC 00e0-fc01-0303.
[SW8800-acl-link-traffic-of-link]rule 1 deny ingress 00e0-fc01-0101
0-0-0 egress 00e0-fc01-0303 0-0-0 time-range 3com
3 Activate the ACL "traffic-of-host".
[SW8800-GigabitEthernet2/1/1]packet-filter inbound link-group
traffic-of-link
QoS Configuration In a traditional IP network, all packets are treated equally without priority
difference. Every switch or router handles the packets following the first-in
first-out (FIFO) policy. Switches and routers make their best effort to transmit the
packets to the destination, not making any commitment or guarantee of the
transmission reliability, delay, or to satisfy other performance requirements.
Ethernet technology is currently the most widely used network technology.
Ethernet has been the dominant technology of various independent Local Area
Networks (LANs), and many Ethernet LANs have been part of the Internet. To
implement the end-to-end QoS solution on the whole network, one must consider
how to guarantee Ethernet QoS service. This requires the Ethernet switching
devices to apply Ethernet QoS technology and deliver the QoS guarantee at
different levels to different types of signal transmissions over the networks,
especially those having requirements of shorter time delay and lower jitter.
The following sections describe terms and concepts used when configuring QoS:
Flow
It refers to all packets passing thought the switch.
Traffic classification
Traffic classification is the technology that identifies the packets with a specified
attribute according to a specific rule. Classification rule refers to a packet filtering
rule configured by an administrator. A classification rule can be very simple. For
example, the switch can identify the packets of different priority levels according
to the ToS (type of service) field in the packet headers. It can also be very complex.
For example, it may contain information of the link layer (layer 2), network layer
(layer 3) and transport layer (layer 4) and the switch classifies packets according to
such information as MAC address, IP protocol, source address, destination address
and port ID. Classification rule often is limited to the information encapsulated at
the packet header, rarely using packet contents.
Packet filtering
Packet filtering refers to filtering operation applied to traffic flow. For example, the
deny operation drops the traffic flow which matches the classification rule and
allows other traffic to pass. Switches use complex classification rules, so that traffic
flow can be filtered by varied information, to enhance network security.
There are two key steps in achieving packet filtering:
■ Classify the traffic at the port according to a specific rule.