CAM Hardware Classifiers ! 115
Chapter 4: Policy Resources
Example 1 In this example, a policy with a combination of IP classifiers is created and
attached. The configuration conforms to the 128 bit limit.
1. Match all TCP SYN packets from 1.1.1.1 to any DA with port 2000.
host1(config)#ip classifier-list tcpCLACL tcp host 1.1.1.1 any eq 2000 tcp-flags
"SYN"
2. Match all IP packets with the don’t fragment flag set to host 2.2.2.2.
host1(config)#ip classifier-list ipCLACL ip any host 2.2.2.2 ip-flags
"dont-fragment"
3. Match all ICMP echo packets.
host1(config)#ip classifier-list icmpCLACL icmp any any 8 0
4. Match all frames with the color red.
host1(config)#ip classifier-list colorCLACL color red ip any any
5. Create a policy list.
host1(config)#ip policy-list ipPol
host1(config-policy-list)#classifier-group colorCLACL
host1(config-policy-list-classifier-group)#filter
host1(config-policy-list-classifier-group)#classifier-group tcpCLACL
host1(config-policy-list-classifier-group)#filter
host1(config-policy-list-classifier-group)#classifier-group icmpCLACL
host1(config-policy-list-classifier-group)#filter
host1(config-policy-list-classifier-group)#classifier-group ipCLACL
host1(config-policy-list-classifier-group)#filter
6. Apply the policy list to an interface.
host1(config)#interface atm 5/0.1
host1(config-if)#ip policy input ipPol
Ta b l e 2 0 lists the active classifiers in the policy named ipPol and the size of each
classifier.
Table 20: Classification Fields for Example 1
Classifiers Size (Bits)
Source address 32
Destination address 32
Destination port, ICMP type, ICMP code 16
Protocol 8
Color and TCP flags 8
TOS 8
IP flags 8
To Next Page
Loading...
Need help?
General
