Filters and QoS Configuration for ERS 5500
Technical Configuration Guide v2.0 NN48500-559
___________________________________________________________________________________________________________________________
Nortel Confidential Information Copyright © 2008 Nortel Networks. All Rights Reserved.
External Distribution
25
7. QoS Access Lists (ACL) As of software release 5.0, the ERS55xx can be configured using acc ess lists (ACL). You can
choose to use policies and/or ACL’s to configure the ERS5500 switch. Up to a maximum of 15
precedence levels are supported using policies whereas ACL’s allo ws up to a maximum of 8
precedence levels.
Please be aware of the following when using ACLs:
• By default, ACL’s are always terminated by an implicit action of “drop all non-matching
traffic”. The default action of “drop all non-matching traffic” cannot be ch anged.
• ACL precedence is always in the order the ACL’s are entered
• ACL’s are applied at a port level
• Up to 8 precedence levels are supported, however, you can use ACL b locks if you have
similar filter rules - please see classifier block explanation in section 3.2
• When an ACL is assigned to a port, the ACL is assigned the highest prece dence value
available on the port. Each additional ACL that is added is then ass igned decreasing
precedence levels. Any policies (QoS or non-QoS) already assoc iated with a port dictate
the starting and subsequent precedence values for the ACL(s).
• You cannot assign traffic meters
• IP and L2 ACL’s cannot be combined. If you wish to combine L2 and L3, pol icies must be
used
• ACL’s cannot be modified; you must first remove the ACL-assign configurat ion at a port
level, then delete the ACL or ACL’s you wish to modify and reconfi gure the ACL or ACL’s.
• ACL’s can be enabled or disabled. However, you cannot update or change the
associated precedence values when the ACL is disabled.
• You can only configure ACL’s using CLI or http (QoS Wizard). Altho ugh JDM will display
the ACL configuration, you cannot use JDM to either configure or delete A CL’s.
7.1 ACL Configuration
7.1.1 IP-ACL Configuration
IP ACL’s are added using the following command:
• 5500 (config)#qos ip-acl name <1..16 character string> ?
addr-type Specify the address type (IPv4, IPv6) classifier criteria
block Specify the label to identify access-list elements that are of
the same block
drop-action Specify the drop action
ds-field Specify the DSCP classifier criteria
dst-ip Specify the destination IP classifier criteria
dst-port-min Specify the L4 destination port minimum value classifier
criteria
flow-id Specify the IPv6 flow identifier classifier criteria
next-header Specify the IPv6 next header classifier criteria
protocol Specify the IPv4 protocol classifier criteria
set-drop-prec Specify the set drop precedence
src-ip Specify the source IP classifier criteria
src-port-min Specify the L4 source port minimum value classifier criteria
update-1p Specify the update user priority
update-dscp Specify the update DSCP
<cr>