20-30
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Chapter20 Co nf iguring QoS
Configuring QoS
This example shows how to create a Layer 2 MAC ACL with two permit statements. Th e firs t st atemen t
allows traffic from the host with MAC address 0001.0000.0001 to the host with MAC
address 0002.0000.0001. The second statement allows on ly Et her type XN S-I DP tra ffic f rom t he host
with MAC address 0001.0000.0002 to the host with MAC address 000 2.0 000.00 02.
Switch(config)# mac access-list extended maclist1
Switch(config-ext-macl)# permit 0001.0000.0001 0.0.0 0002.0000.0001 0.0.0
Switch(config-ext-macl)# permit 0001.0000.0002 0.0.0 0002.0000.0002 0.0.0 xns-idp
! (Note: all other access implicitly denied)
Classifying Traffic by Using Class Maps
You u se the class-map global configuration command to isolat e a specif ic tra ffic flow (or clas s) fro m
all other traffic and to name it. The class map defines the criteria to use to match a gainst a sp ecific traf fic
flow to further classify it. Match statements can include criterion such as an ACL, IP p recedence values,
or DSCP values. The match criterion is defined with one match statement entered within the class-map
configuration mode.
Note You can also create class-maps during policy map creation by using the class policy-map
configuration command. For more information, see the Classifying, Policing, and Marking Traffic
by Using Policy Maps section on page 20-32.
Beginning in privileged EXEC mode, follow these steps to create a class map and to define the match
criterion to classify traffic:
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 mls qos Enable QoS on the switch.
Step3 access-list access-list-number {deny |
permit} source [source-wildcard]
or
access-list access-list-number {deny |
permit} protocol source [source-wildcard]
destination [destination-wildcard]
or
mac access-list extended name
{permit | deny} {host src-MAC-addr mask
| any | host dst-MAC-addr | dst-MAC-addr
mask} [type mask]
Create an IP standard or extended ACL for IP traffic or a Layer 2 MAC
ACL for non-IP traffic, repeating the command as many time s as
necessary.
For more information, see the Classifying Traffic by Using ACLs
section on page 20-27.
Note When creating an access list, remember that, by default, the
end of the access list contains an implicit deny statement for
everything if it did not find a match before reaching t he e nd.