Cisco Systems DOC-7814982

26-18

Catalyst 2950 Desktop Switch Software Configuration Guide

78-14982-01

Chapt er 26 Conf i gurin g QoS

Configuring QoS

Beginning in privileged EXEC mode, follow these steps to create an IP extended ACL for IP traffic:

Command Purpose

Step 1 configure terminal Enter g lo bal c onfigurat ion m ode.

Step 2 access-list access-list-number

{perm it | remark} protocol

{source source-wildcard | host source |

any} [operator port] {destination

destination-wildcard | host destination |

any} [operator port] [dscp dscp-value]

[time-range time-range-name]

Create an IP extended ACL, repeating the command as many times as

necessary.

For access-list-number, enter the A CL number . The range is 100 to 199

and 200 0 to 26 99.

Enter permit to permit access if conditions are matched.

Enter remark to specify an ACL entry comment up to 100 characters.

Note Deny statements are not supported for QoS ACLs. See the

“Classification Based on QoS ACLs” section on page 26-5 for

more details.

For protocol, en ter th e n am e or nu mb er of an IP pro toco l. Use t he

question mark (?) to see a list of available protoc ol keywords.

For source, enter the network or ho st from whic h the packet is being

sent. For source-wildcard, enter the wildcard bits by placing ones in the

bit positi ons that you want to ign ore. You specify the source and

source-w ilcard by using dotted decim al notat ion, by using the any

keyword as an abbreviation for source 0.0. 0. 0 source-wildcard

255.2 55.255 .2 55, or by us ing the host keyword for source 0.0.0.0.

For destination, enter the ne twork or ho st to which the packet is being

sent. You have the same options for spe cifying t he destination and

destination-wildcard as those de scribe d for source and

source-wildcard.

Define a de stin ati on or so urce po rt.

•The operator can be only eq (e qual ) .

•If operator is after sour ce sour ce-wildcar d, conditions match when

the so urce po rt m atche s the defined port .

•If operator is after destination destination-wildcard, condi tions

match w h en t he d esti nat ion port mat ches t he d efined port.

•The port is a decimal number or name of a TCP o r UDP port. The

number can be fro m 0 to 65 535.

•Use TCP port names only for TCP traffic.

•Use UDP port names only for UDP traffic.

Enter dscp to match packets with any of the 13 supported DSCP values

(0, 8, 10, 16, 18, 24, 26, 32, 34, 40, 46, 48, and 56) or use the questi o n

mark ( ?) to see a list of available values.

The time-range keyword is optional. For information about this

keyword, see the “Applying Time Ranges to ACLs” secti on on

page 25-15.

Step 3 end Return to privileged EXEC mode.