EasyManua.ls Logo

Cisco Catalyst 2950 - Page 320

Cisco Catalyst 2950
376 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
13-16
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-03
Chapter 13 Configuring QoS
Configuring QoS
This example shows how to create an ACL that permits only TCP traffic from the destination IP address
128.88.1.2 with TCP port number 25:
Switch(config)# access-list 102 permit tcp 0.0.0.0 255.255.255.255 128.88.1.2 0.0.0.0 eq
25
Beginning in privileged EXEC mode, follow these steps to create a Layer 2 MAC ACL for Layer 2
traffic:
To delete an ACL, use the no mac access-list extended access-list-name global configuration command.
This example shows how to create a Layer 2 MAC ACL with a permit statement. The statement allows
traffic from the host with MAC address 0001.0000.0001 to the host with MAC address 0002.0000.0001.
Switch(config)# mac access-list extended maclist1
Switch(config-ext-macl)# permit host 0001.0000.0001 host 0002.0000.0001
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
mac access-list extended name Create a Layer 2 MAC ACL by specifying the name of the list.
After entering this command, the mode changes to extended MAC
ACL configuration.
Step 3
{deny | permit}{any | host source MAC
address}{any | host destination MAC
address}[aarp | amber | dec-spanning |
decnet-iv | diagnostic | dsm | etype-6000 |
etype-8042 | lat | lavc-sca | mop-console |
mop-dump | msdos | mumps | netbios |
vines-echo |vines-ip | xns-idp]
Enter deny or permit to specify whether to deny or permit access if
conditions are matched.
For src-MAC-addr, enter the MAC address of the host from which
the packet is being sent. You specify this by using the hexadecimal
format (H.H.H), by using the any keyword as an abbreviation for
source 0.0.0. source-wildcard 255.255.255, or by using the host
keyword for source 0.0.0.
For dst-MAC-addr, enter the MAC address of the host to which the
packet is being sent. You specify this by using the hexadecimal
format (H.H.H), by using the any keyword as an abbreviation for
source-wildcard 255.255.255, or by using the host keyword for
source 0.0.0.
(Optional) You can also enter these options:
aarp | amber | dec-spanning | decnet-iv | diagnostic | dsm |
etype-6000 | etype-8042 | lat | lavc-sca | mop-console |
mop-dump | msdos | mumps | netbios | vines-echo |vines-ip |
xns-idp (a non-IP protocol).
Note Deny statements are not supported for QoS ACLS. See the
Classification Based on QoS ACLs sectiononpage13-5
for more details.
Step 4
end Return to privileged EXEC mode.
Step 5
show access-lists [number | name] Verify your entries.
Step 6
copy running-config startup-config (Optional) Save your entries in the configuration file.

Table of Contents

Other manuals for Cisco Catalyst 2950

Preview: Software Configuration Guide
Software Configuration Guide674 pages
Preview: Command Reference
Command Reference686 pages
Preview: Getting Started Guide
Getting Started Guide28 pages
Preview: Hardware Installation Guide
Hardware Installation Guide232 pages
Preview: Datasheet
Datasheet19 pages

Related product manuals