xStack DGS-3400 Series Layer 2 Gigabit Managed Switch CLI Manual
create access_profile (for Ethernet)
access profile being created with this command.
ethernet - Specifies that the Switch will examine the layer 2 part of each packet header with
emphasis on one or more of the following:
Restrictions Only administrator-level users can issue this command.
• vlan − Specifies that the Switch will examine the VLAN part of each packet header.
• source_mac <macmask> − Specifies a MAC address mask for the source MAC
address. This mask is entered in the following hexadecimal format: 000000000000-
FFFFFFFFFFFF
• destination_mac <macmask> − Specifies a MAC address mask for the destination MAC
address in the following format: 000000000000-FFFFFFFFFFFF
• 802.1p − Specifies that the Switch will examine the 802.1p priority value in the frame’s
header.
• ethernet_type − Specifies that the Switch will examine the Ethernet type value in each
frame’s header.
Example usage:
To create an Ethernet access profile:
DGS-3400:4# create access_profile profile_id 1 ethernet vlan 802.1p
Command: create access_profile profile_id 1 ethernet vlan 802.1p
Success.
DGS-3400:4#
config access_profile (for Ethernet)
Purpose Used to configure the Ethernet access profile on the Switch and to define specific values
for the rules that will be used to by the Switch to determine if a given packet should be
forwarded or filtered. Masks entered using the create access_profile command will be
combined, using a logical AND operational method, with the values the Switch finds in the
specified frame header fields.
profile_id <value 1-6> [add access_id [auto_assign | <value 1-128> [ethernet {vlan
<vlan_name 32> | source_mac <macaddr 000000000000-ffffffffffff > | destination_mac
<macaddr 000000000000-ffffffffffff> | 802.1p <value 0-7> | ethernet_type <hex 0x0-
0xffff>} | [permit | deny] | port [<portlist> | all] [permit {priority <value 0-7> {
replace_priority} | rx_rate [no_limit | <value 1-156249>]} | deny] delete access_id
<value 1-128>]
This command is used to define the rules used by the Switch to either filter or forward
packets based on the Ethernet part of each packet header.
profile_id <value 1-6> - Enter an integer between 1 and 6 that is used to identify the access
profile that will be configured with this command. This value is assigned to the access
profile when it is created with the create access_profile command. The lower the profile
ID, the higher the priority the rule will be given.
add access_id <value 1-128> - Adds an additional rule to the above specified access
profile. The value specifies the relative priority of the additional rule. Up to 128 different
rules may be configured for the Ethernet access profile.
ethernet - Specifies that the Switch will look only into the layer 2 part of each packet to
determine if it is to be filtered or forwarded based on one or more of the following:
Syntax
Description
Parameters
• auto_assign – Choose this parameter to configure the Switch to automatically assign
a numerical value (between 1 and 65535) for the rule being configured.
• vlan <vlan_name 32> − Specifies that the access profile will apply to only this
previously created VLAN.
• source_mac <macaddr> − Specifies that the access profile will apply to only packets
with this source MAC address. MAC address entries may be made in the following
153
To Next Page
Loading...
