xStack DES-6500 Modular Layer 3 Chassis Ethernet Switch CLI Manual

config access_profile profile_id (IP)

 

their header.

 

protocol_id <value 0-255>Specifies that the Switch will

 

examine the Protocol field in each packet and if this field

 

contains the value entered here, apply the appropriate rules.

 

user_define <hex 0x0-0xfffffff> Enter a hexidecimal value

 

that will identify the protocol to be discovered in the packet

 

header.

 

port <portlist> - The access profile for Ethernet may be defined for

 

each port on the Switch. The port list is specified by listing the lowest

 

switch number and the beginning port number on that switch,

 

separated by a colon. Then the highest switch number, and the

 

highest port number of the range (also separated by a colon) are

 

specified. The beginning and end of the port list range are separated

 

by a dash. For example, 1:3 specifies switch number 1, port 3. 2:4

 

specifies switch number 2, port 4. 1:3-2:4 specifies all of the ports

 

between switch 1, port 3 and switch 2, port 4 in numerical order.

 

permit – Specifies that packets that match the access profile are

 

permitted to be forwarded by the Switch.

 

priority <value 0-7>This parameter is specified to re-write

 

the 802.1p default priority previously set in the Switch, which is

 

used to determine the CoS queue to which packets are

 

forwarded to. Once this field is specified, packets accepted by

 

the Switch that match this priority are forwarded to the CoS

 

queue specified previously by the user.

 

{replace_priority} Enter this parameter to re-write the 802.1p

 

default priority of a packet to the value entered in the Priority

 

field, which meets the criteria specified previously in this

 

command, before forwarding it on to the specified CoS queue.

 

Otherwise, a packet will have its incoming 802.1p user priority

 

re-written to its original value before being forwarded by the

 

Switch.

 

replace_dscp <value 0-63>Allows specification of a value to be

 

written to the DSCP field of an incoming packet that meets the

 

criteria specified in the first part of the command. This value will

 

over-write the value in the DSCP field of the packet.

 

deny – Specifies that packets that do not match the access profile

 

are not permitted to be forwarded by the Switch and will be filtered.

 

delete access_id <value 1-65535> Use this command to delete a

 

specific rule from the IP profile.

Restrictions

Only administrator-level users can issue this command.

 

 

Example usage:

To configure a rule for the IP access profile:

DES-6500:4#config access_profile profile_id 2 add access_id 2 ip protocol_id 2 port 1:2 deny

Command: config access_profile profile_id 2 add access_id 2 ip protocol_id 2 port 1:2 deny

Success.

DES-6500:4#

219

Page 222
Image 222
D-Link TM DES-6500 manual Their header