Cisco Systems 3550 Classifying Traffic by Using Class Maps

20-30

Catalyst 3550 Multilayer Switch Software Configuration Guide

78-11194-03

Chapter20 Co nf iguring QoS

Configuring QoS

This example shows how to create a Layer 2 MAC ACL with two permit statements. Th e firs t st atemen t

allows traffic from the host with MAC address 0001.0000.0001 to the host with MAC

address 0002.0000.0001. The second statement allows on ly Et her type XN S-I DP tra ffic f rom t he host

with MAC address 0001.0000.0002 to the host with MAC address 000 2.0 000.00 02.

Switch(config)# mac access-list extended maclist1

Switch(config-ext-macl)# permit 0001.0000.0001 0.0.0 0002.0000.0001 0.0.0

Switch(config-ext-macl)# permit 0001.0000.0002 0.0.0 0002.0000.0002 0.0.0 xns-idp

! (Note: all other access implicitly denied)

Classifying Traffic by Using Class Maps

You u se the class-map global configuration command to isolat e a specif ic tra ffic flow (or clas s) fro m

all other traffic and to name it. The class map defines the criteria to use to match a gainst a sp ecific traf fic

flow to further classify it. Match statements can include criterion such as an ACL, IP p recedence values,

or DSCP values. The match criterion is defined with one match statement entered within the class-map

configuration mode.

Note You can also create class-maps during policy map creation by using the class policy-map

configuration command. For more information, see the “Classifying, Policing, and Marking Traffic

by Using Policy Maps” section on page 20-32.

Beginning in privileged EXEC mode, follow these steps to create a class map and to define the match

criterion to classify traffic:

Command Purpose

Step1 configure terminal Enter global configuration mode.

Step2 mls qos Enable QoS on the switch.

Step3 access-list access-list-number {deny |

permit} source [source-wildcard]

access-list access-list-number {deny |

permit} protocol source [source-wildcard]

destination [destination-wildcard]

mac access-list extended name

{permit | deny} {host src-MAC-addr mask

| any | host dst-MAC-addr | dst-MAC-addr

mask} [type mask]

Create an IP standard or extended ACL for IP traffic or a Layer 2 MAC

ACL for non-IP traffic, repeating the command as many time s as

necessary.

For more information, see the “Classifying Traffic by Using ACLs”

section on page 20-27.

Note When creating an access list, remember that, by default, the

end of the access list contains an implicit deny statement for

everything if it did not find a match before reaching t he e nd.