604
Configuring QoS
Configuring QoS
To delete an access list, use the no access-list access-list-number global configuration command.
Command Purpose
1. configure terminal Enter global configuration mode.
2. access-list access-list-number permit
protocol {source source-wildcard
destination destination-wildcard}
[precedence precedence] [tos tos]
[dscp dscp]
Note: If you enter a dscp value, you
cannot enter tos or precedence. You
can enter both a tos and a precedence
value with no dscp.
Create an IP extended ACL. Repeat the step as many times as necessary.
For access-list-number, enter the access list number. The range is
100 to 199 and 2000 to 2699.
Always use the permit keyword for ACLs used as match criteria in
QoS policies. QoS policies do not match deny ACLs.
For protocol, enter the name or number of an IP protocol. Use the
question mark (?) to see a list of available protocols. To match any
Internet protocol (including ICMP, TCP, and UDP), enter ip.
The source is the number of the network or host sending the packet.
The source-wildcard applies wildcard bits to the source.
The destination is the network or host number receiving the packet.
The destination-wildcard applies wildcard bits to the destination.
You can specify source, destination, and wildcards as:
The 32-bit quantity in dotted-decimal format.
The keyword any for 0.0.0.0 255.255.255.255 (any host).
The keyword host for a single host 0.0.0.0.
Other keywords are optional and have these meanings:
precedence—Enter to match packets with a precedence level
specified as a number from 0 to 7 or by name: routine (0), priority
(1), immediate (2), flash (3), flash-override (4), critical (5),
internet (6), network (7).
tos—Enter to match by type of service level, specified by a number
from 0 to 15 or a name: normal (0), max-reliability (2),
max-throughput (4), min-delay (8).
dscp—Enter to match packets with the DSCP value specified by a
number from 0 to 63, or use the question mark (?) to see a list of
available values.
or ip access-list extended name Define an extended IPv4 access list using a name, and enter access-list
configuration mode. The name can be a number from 100 to 199.
In access-list configuration mode, enter permit protocol {source
source-wildcard destination destination-wildcard} [precedence
precedence] [tos tos] [dscp dscp] as defined in Step 2.
3. end
Return to privileged EXEC mode.
4. show access-lists Verify your entries.
5. copy running-config startup-config (Optional) Save your entries in the configuration file.
To Next Page
Loading...
Need help?
General
