NETGEAR L3 Switch User Manual


 
7000 Series L3 Managed Switch Reference Manual for Software v2.0
ACL Commands 10-5
config acl rule match ipprecedence
This command specifies an IP Precedence match condition for an ACL rule referenced by the
<aclid> and <rulenum>. The IP Precedence field in a packet is defined as the high-order three
bits of the Service Type octet in the IP header. The
<precedenceval> parameter identifies the
precedence value as an integer from 0 to 7.
The commands to match IP DSCP, IP precedence, and IP TOS are alternative ways to specify a
match criterion for the same Service Type field in the IP header, however each uses a different user
notation.
Format config acl rule match ipprecedence <aclid> <rulenum> <prece-
denceval>
config acl rule match iptos
This command specifies a TOS field match condition for an ACL rule referenced by the <aclid>
and <rulenum>. The IP TOS field in a packet is defined as all eight bits of the Service Type octet
in the IP header. The
<tosbits> parameter is a two-digit hexadecimal number from 00 to ff. The
<tosmask> parameter is a two-digit hexadecimal number from 00 to ff. The <tosmask> denotes
the bit positions in
<tosbits> that are used for comparison against the IP TOS field in a packet.
For example, to check for an IP TOS value having bits 7 and 5 set and bit 1 clear, where bit 7 is
most significant, use a
<tosbits> value of a0 (hex) and a <tosmask> of a2 (hex).
In essence, this is the “free form” version of the IP DSCP/Precedence/TOS match specification in
that the user has complete control of specifying which bits of the IP Service Type field are
checked.
The commands to match IP DSCP, IP precedence, and IP TOS are alternative ways to specify a
match criterion for the same Service Type field in the IP header, however each uses a different user
notation. To specify a match on all Precedence values, set
<tosbits> to 0 and set <tosmask> to
1f (hex). To specify a match on all DSCP values, set
<tosbits> to 0 and set <tosmask> to 03
(hex).
Format config acl rule match iptos <aclid> <rulenum> <tosbits>
<tosmask>