Cisco Systems OL-4266-08 manual Configuring ARP ACLs for QoS Filtering, 42-69

Chapter 42 Configuring PFC QoS

Configuring PFC QoS

•ACL entries are scanned in the order you enter them. The first matching entry is used. To improve performance, place the most commonly used entries near the beginning of the ACL.

•An implicit deny any any entry exists at the end of an ACL unless you include an explicit permit any any entry at the end of the list.

•All new entries to an existing list are placed at the end of the list. You cannot add entries to the middle of a list.

•This list shows the EtherType values and their corresponding protocol keywords:

–0x0600—xns-idp—Xerox XNS IDP

–0x0BAD—vines-ip—Banyan VINES IP

–0x0baf—vines-echo—Banyan VINES Echo

–0x6000—etype-6000—DEC unassigned, experimental

–0x6001—mop-dump—DEC Maintenance Operation Protocol (MOP) Dump/Load Assistance

–0x6002—mop-console—DEC MOP Remote Console

–0x6003—decnet-iv—DEC DECnet Phase IV Route

–0x6004—lat—DEC Local Area Transport (LAT)

–0x6005—diagnostic—DEC DECnet Diagnostics

–0x6007—lavc-sca—DEC Local-Area VAX Cluster (LAVC), SCA

–0x6008—amber—DEC AMBER

–0x6009—mumps—DEC MUMPS

–0x0800—ip—Malformed, invalid, or deliberately corrupt IP frames

–0x8038—dec-spanning—DEC LANBridge Management

–0x8039—dsm—DEC DSM/DDP

–0x8040—netbios—DEC PATHWORKS DECnet NETBIOS Emulation

–0x8041—msdos—DEC Local Area System Transport

–0x8042—etype-8042—DEC unassigned

–0x809B—appletalk—Kinetics EtherTalk (AppleTalk over Ethernet)

–0x80F3—aarp—Kinetics AppleTalk Address Resolution Protocol (AARP)

This example shows how to create a MAC-Layer ACL named mac_layer that denies dec-phase-iv traffic with source address 0000.4700.0001 and destination address 0000.4700.0009, but permits all other traffic:

Router(config)# mac access-list extended mac_layer

Router(config-ext-macl)#deny 0000.4700.0001 0.0.0 0000.4700.0009 0.0.0 dec-phase-iv

Router(config-ext-macl)# permit any any

Configuring ARP ACLs for QoS Filtering