23-25
Cisco Systems IntelligentGigabit Ethernet Switch Modules for the IBM BladeCenter, Software Configuration Guide
24R9746
Chapter23 Configuring QoS
Configuring Standard QoS
Beginning in privileged EXEC mode, follow these steps to create an IP extended ACL for IP traffic:
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 access-list access-list-number
{permit | remark} protocol
{source source-wildcard | host source |
any} [operator port] {destination
destination-wildcard | host destination |
any} [operator port] [dscp dscp-value]
[time-range time-range-name]
Create an IP extended ACL, repeating the command as many times as
necessary.
For access-list-number, enter the ACL number. The range is 100 to 199
and 2000 to 2699.
Enter permit to permit access if conditions are matched.
Enter remark to specify an ACL entry comment up to 100 characters.
Note Deny statements are not supported for QoS ACLs. See the
“Classification Based on QoS ACLs” section on page23-5 for
more details.
For protocol, enter the name or number of an IP protocol. U se the
question mark (?) to see a list of available protocol keywords.
For source, enter the network or host from which the packet is being
sent. For source-wildcard, enter the wildcard bits by placing ones in the
bit positions that you want to ignore. You specify the source and
source-wilcard by using dotted decimal notation, by using the any
keyword as an abbreviation for source 0.0.0.0 source-wildcard
255.255.255.255, or by using the host keyword for source 0.0.0.0.
For destination, enter the network or host to which the packet is being
sent. You have the same options for specifying the destination and
destination-wildcard as those described for source and
source-wildcard.
Define a destination or source port.
The operator can be only eq (equal).
If operator is after source source-wildcard, conditions match when
the source port matches the defined port.
If operator is after destination destination-wildcard, conditions
match when the destination port matches the defined port.
The port is a decimal number or name of a TCP or UDP port. The
number can be from 0 to 65535.
Use TCP port names only for TCP traffic.
Use UDP port names only for UDP traffic.
Enter dscp to match packets with any of the 13 supported DSCP values
(0, 8, 10, 16, 18, 24, 26, 32, 34, 40, 46, 48, and 56) or use the question
mark (?) to see a list of available values.
The time-range keyword is optional. For information about this
keyword, see the “Applying Time Ranges to ACLs” section on
page 22-14.
Step3 end Return to privileged EXEC mode.