Support User Manuals

Cisco Systems 2950 Network Router User Manual

Open as PDF

of 710

30-27

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

78-11380-10

Chapter 30 Configuring QoS

Configuring Standard QoS

Classifying Traffic by Using ACLs

You can classify IP traffic by using IP standard or IP extended ACLs; you can classify Layer 2 traffic by

using Layer 2 MAC ACLs.

Beginning in privileged EXEC mode, follow these steps to create an IP standard ACL for IP traffic:

For more information about creating IP standard ACLs, see the “Guidelines for Applying ACLs to

Physical Interfaces” section on page 29-5.

To delete an ACL, use the no access-list access-list-number global configuration command.

This example shows how to allow access for only those hosts on the two specified networks. The

wildcard bits apply to the host portions of the network addresses. Any host with a source address that

does not match the ACL statements is rejected.

Switch(config)# access-list 1 permit 192.5.255.0 0.0.0.255

Switch(config)# access-list 1 permit 36.0.0.0 0.0.0.255

Command Purpose

Step 1

configure terminal Enter global configuration mode.

Step 2

access-list access-list-number {permit |

remark} {source source-wildcard | host

source | any}

Create an IP standard ACL, repeating the command as many times as

necessary.

For access-list-number, enter the ACL number. The range is 1 to 99 and

1300 to 1999.

Enter permit to specify whether to permit access if conditions are

matched.

Enter remark to specify an ACL entry comment up to 100 characters.

Note Deny statements are not supported for QoS ACLs. See the

“Classification Based on QoS ACLs” section on page 30-5 for

more details.

The source is the source address of the network or host from which the

packet is being sent, specified in one of three ways:

• The 32-bit quantity in dotted decimal format.

• The keyword any as an abbreviation for source and

source-wildcard of 0.0.0.0 255.255.255.255. You do not need to

enter a source wildcard.

• The keyword host as an abbreviation for source and

source-wildcard of source 0.0.0.0.

(Optional) The source-wildcard variable applies wildcard bits to the

source (see first bullet item).

Step 3

end Return to privileged EXEC mode.

Step 4

show access-lists Verify your entries.

Step 5

copy running-config startup-config (Optional) Save your entries in the configuration file.

previous next