230 CHAPTER 7: QOS/ACL OPERATION
Figure 8 Networking for traffic policing configuration
Only the commands concerning QoS/ACL configuration are listed here.
1 Define the time range "worktime" in system view.
[SW8800]time-range worktime 08:30 to 18:00 working-day
2 Define the traffic to the wage server.
Create a name-based advanced ACL "traffic-to-payserver" and enter it.
[SW8800]acl name traffic-to-payserver advanced
Define rules for the "traffic-to-payserver" ACL.
[SW8800-acl-adv-traffic-to-payserver]rule 1 deny ip destination
129.110.1.2 0 time-range worktime
3 Define the traffic from the wage server.
Create a name-based advanced ACL "traffic-from-payserver" and enter it.
[SW8800]acl name traffic-from-payserver advanced
Define rules for the "traffic-from-payserver" ACL.
[SW8800-acl-adv-traffic-from-payserver]rule 1 permit ip source
129.110.1.2 0
4 Limit the rank-and-file's access to the wage server.
The rank-and-file cannot access the wage server during work time, but not limited
at other time. Other groups are also not limited.
[SW8800-vlan1]packet-filter inbound ip-group traffic-to-payserver
rule 1
5 Limit outbound traffic from the wage server: CIR is 100 kbps, CBS is 2000 bytes
and EBS is 3000 bytes.
Wage server
129.110.1.2
Switch
To router
Financial Dept.
(vlan2)
The rank and
file (vlan1)
Director
(vlan3)
Wage server
129.110.1.2
Switch
To router
Financial Dept.
(vlan2)
The rank and
file (vlan1)
Director
(vlan3)
Wage server
129.110.1.2
Switch
To router
Financial Dept.
(vlan2)
The rank and
file (vlan1)
Director
(vlan3)