39-46
Catalyst 3750-X and 3560-X Switch Software Configuration Guide
OL-21521-01
Chapter 39 Configuring QoS
Configuring Standard QoS
Configuring a QoS Policy
Configuring a QoS policy typically requires classifying traffic into classes, configuring policies applied
to those traffic classes, and attaching policies to ports.
For background information, see the “Classification” section on page 39-5 and the “Policing and
Marking” section on page 39-9. For configuration guidelines, see the “Standard QoS Configuration
Guidelines” section on page 39-36.
These sections describe how to classify, police, and mark traffic. Depending on your network
configuration, you must perform one or more of these tasks:
Classifying Traffic by Using ACLs, page 39-46
Classifying Traffic by Using Class Maps, page 39-51
Classifying, Policing, and Marking Traffic on Physical Ports by Using Policy Maps, page 39-56
Classifying, Policing, and Marking Traffic on SVIs by Using Hierarchical Policy Maps, page 39-60

Classifying Traffic by Using ACLs

You can classify IP traffic by using IPv4 standard or IP extended ACLs. You can also use IPv6 ACLs.
You can classify non-IP traffic by using Layer 2 MAC ACLs.
Note IPv6 ACLs are not supported on switches running the LAN base feature set.

Creating an IP Standard ACL

Beginning in privileged EXEC mode, follow these steps to create an IP standard ACL for IPv4 traffic:
Command Purpose
Step 1 configure terminal Enter global configuration mode.
Step 2 access-list access-list-number
{deny | permit} source
[source-wildcard]
Create an IP standard ACL, repeating the command as many times as necessary.
For access-list-number, enter the access list number. The range is 1 to 99 and
1300 to 1999.
Use the permit keyword to permit a certain type of traffic if the conditions
are matched. Use the deny keyword to deny a certain type of traffic if
conditions are matched.
For source, enter the network or host from which the packet is being sent.
You can use the any keyword as an abbreviation for 0.0.0.0 255.255.255.255.
(Optional) For source-wildcard, enter the wildcard bits in dotted decimal
notation to be applied to the source. Place ones in the bit positions that you
want to ignore.
Note When you create an access list, remember that by default the end of the
access list contains an implicit deny statement for everything if it did not
find a match before reaching the end.
Step 3 end Return to privileged EXEC mode.