3Com WX2200 3CRWX220095A Switch User Manual


 
Using ACLs to Change CoS 399
Using ACLs to
Change CoS
For WMM or non-WMM traffic, you can change a packet’s priority by
using an ACL to change the packet’s CoS value. A CoS value assigned by
an ACE overrides the CoS value assigned by the switch’s QoS map.
To change CoS values using an ACL, you must map the ACL to the
outbound traffic direction on a MAP port, Distributed MAP, or user VLAN.
For example, to remap IP packets from IP address 10.10.20.5 that have IP
precedence value 3, to have CoS value 7 when they are forwarded to any
10.10.30.x address on Distributed MAP 2, enter the following
commands:
WX1200# set security acl ip acl1 permit cos 7 ip 10.10.20.5
0.0.0.0 10.10.30.0 0.0.0.255 precedence 3
success: change accepted.
QX1200# set security acl ip acl1 permit any
success: change accepted.
WX1200# commit security acl acl1
success: change accepted.
WX1200# set security acl map acl1 ap 2 out
success: change accepted.
The default action on an interface and traffic direction that has at least
one access control entry (ACE) configured, is to deny all traffic that does
not match an ACE on that interface and traffic direction. The permit any
ACE ensures that traffic that does not match the first ACE is permitted.
Without this additional ACE at the end, traffic that does not match the
other ACE is dropped.
Filtering Based on
DSCP Values
You can configure an ACE to filter based on a packet’s Differentiated
Services Code Point (DSCP) value, and change the packet’s CoS based on
the DSCP value. A CoS setting marked by an ACE overrides the CoS
setting applied from the switch’s QoS map.