Chapter 20

 

Table 20-3. Sample Extended ACL Rules

 

 

 

 

To . . . Continued

Enter . . .

 

 

 

 

• Use the layer 2 priority in the

access-list MyAccessList2 8 permit use-

 

packet to classify all TCP traffic

l2 tcp 5.5.5.0 0.0.0.255 6.6.6.0 0.0.0.255

 

that has a:

lt 2 established

 

— Source IP address in the 5.5.5

 

 

subnet

 

 

— Destination IP address in the

 

 

6.6.6 subnet

 

 

— Destination port that is less

 

 

than 2

 

 

• Permit TCP connections that meet

 

 

this criteria

 

 

 

 

 

• Use the DSCP to classify all UDP

access-list MyAccessList2 9 permit use-

 

traffic that has a:

diffserv mask udp host 7.7.7.7 host

 

— Source IP address of 7.7.7.7

8.8.8.8 range 33 44

 

 

 

— Destination IP address of

 

 

8.8.8.8

 

 

— Destination port between 33

 

 

and 44

 

 

• Mask the three least significant bits

 

 

of the DSCP

 

 

 

 

 

• Assign a priority of 7 to all TCP

access-list MyAccessList2 10 permit use-

 

traffic that has a:

priority 7 tcp host 9.9.9.9 host 3.3.3.3

 

— Source IP address of 9.9.9.9

range 55 66 established

 

 

 

— Destination IP address of

 

 

3.3.3.3

 

 

— Destination port between 55

 

 

and 66

 

 

• Permit TCP connections that meet

 

 

this criteria

 

 

 

 

 

 

3 of 3

 

 

 

Systems

P550R, P580, P880, and P882.

 

20-8

Command Reference Guide for the Avaya P580 and P882 Multiservice Switches, v6.1

Page 422
Image 422
Avaya 106760804 manual Systems