QoS options for IP ACLs

Combined ACL for 802.1p marking

Brocade devices support a simple method for assigning an 802.1p priority value to packets without affecting the actual packet or the DSCP. In early IronWare software releases, users were required to provide DSCP-marking and DSCP-matching information in order to assign 802.1p priority values, which required the deployment of a 64-line ACL to match all possible DSCP values. Users were also required to configure an internal priority marking value. Now, users can easily specify 802.1p priority marking values directly, and change internal priority marking from required to optional.

NOTE

This feature is not applicable to outbound traffic.

On Brocade ICX 6650, if the user does not set a specific internal marking priority, the default value is the same as the 802.1-priority marking value:

Priority values range from 0 to 7.

Two new ACL parameters support this feature, one required for priority marking and one optional for internal priority marking. These parameters apply to IP, and TCP, and UDP.

NOTE

Brocade ICX 6650 does not allow setting 802.1p-priority-marking value different from the internal-priority-marking value. You can have both parameters configured in a single ACL rule if both values are the same.

For IP

Brocade(config)# access-list 104 per ip any any 802.1p-priority-marking 1

or the following command, which also assigns an optional internal-priority-marking value.

Brocade(config)# access-list 104 per ip any any 802.1p-priority-marking 1 internal-priority-marking 1

Syntax: access-list num(100-199)permit ip any any 802.1p-priority-marking priority value (0-7)[internal-priority-marking value (0-7)]

For TCP

Brocade(config)# access-list 105 per tcp any any 802.1p-priority-marking 1

or the following command, which also assigns an optional internal-priority-marking value.

Brocade(config)# access-list 105 per tcp any any 802.1p-priority-marking 1 internal-priority-marking 1

Syntax: access-list num(100-199)permit tcp any any 802.1p-priority-marking priority value (0-7)[internal-priority-marking value (0-7)]

For UDP

Brocade(config)# access-list 105 per udp any any 802.1p-priority-marking 1

or the following command, which also assigns an optional internal-priority-marking value.

Brocade(config)# access-list 105 per udp any any 802.1p-priority-marking 1 internal-priority-marking 1

116

Brocade ICX 6650 Security Configuration Guide

 

53-1002601-01

Page 136
Image 136
Brocade Communications Systems 6650 manual Combined ACL for 802.1p marking, QoS options for IP ACLs, For IP