26-19
Catalyst 2950 Desktop Switch Software Configuration Guide
78-14982-01
Chapter 26 Configuring QoS Configuring QoS
For more information about creating IP extended ACLs, see the Guidelines for Applying ACLs to
Physical Interfaces sect ion on page 25-6 .
To delete an ACL, use the no access-list access-list-number global co nfigurati on com ma nd.
This example sho ws how to create an ACL that permits only TCP traffic from the destination IP address
128.88.1 .2 with TCP port number 25:
Switch(config)# access-list 102 permit tcp 0.0.0.0 255.255.255.255 128.88.1.2 0.0.0.0 eq
25
Beginning in privileged EX EC mode, fol low these steps to cr eate a La yer 2 MAC ACL for Lay er 2
traffic:
For more information about creating MAC extended ACLs, see the Creati ng N ame d MAC Extended
ACLs sec tion o n p age 25-18 .
To delete an ACL, use the no mac access-list extended name gl obal con figuration co mmand.
Step 4 show access-lists Verify you r entries.
Step 5 copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Command Purpose
Step 1 configure terminal Enter g loba l c onfigura tion m od e.
Step 2 mac access-list extended name Create a Layer 2 MAC ACL by specifying the name of the list.
After entering this command, the mode changes to extended MAC
ACL configurat ion .
Step 3 permit {any | host source MAC address}
{any | host d estina tion MAC addre ss} [aarp
| amber | appletalk | dec-spanning |
decnet-iv | diagnostic | dsm | etype-6000 |
etyp e-804 2 | lat | lavc-sca | mop-console |
mop-dump | msdos | mumps | netbios |
vines-echo |vines-ip | xns-idp]
Enter permit to permit access if conditions are matched.
Note Deny statements are not supported for QoS ACLs. See the
Classification Based on QoS ACLs sect ion on page 26-5
for more details.
For so urce MAC address, enter the MAC address of the host from
which the packet is being sent. You specify this by using the any
keyword to deny any source MAC ad dress or by using the host
keyword and the sou rce in the hexad ecima l format (H.H. H).
For d estinati on MAC address, enter the MAC address of the host to
which the packet is being sent. You specify this by using the any
keyword to de ny any dest ina tion M AC addres s or by us in g th e host
keyword and the desti natio n in the hexadecim al forma t (H.H.H ).
(Optional) You can also enter these options:
aarp | amber | appletalk | dec-spanning | decnet-iv |
diagnostic | dsm | etype-6000 | etype-80 42 | lat | lavc-sca |
mop-console | mop-dump | msdos | mumps | netbios |
vines-echo |vines-ip | xns-idp ( a non-IP prot ocol).
Step 4 end Return to privileged EXEC mode.
Step 5 show access-lists [number | name] Veri fy your en tries.
Step 6 copy running-config startup-config (Optio nal) Save your e ntr ies in the con figurati on file.