Extended ACL Instance
15-19
Usage Guidelines
Marks traffic between networks/hosts based on the protocol type selected in the access
list configuration
Use the mark option to specify the type of service (tos) and priority value. The tos value is
marked in the IP header and the 802.1p priority value is marked in the dot1q frame.
The following types of protocols are supported:
•ip
•icmp
•tcp
• udp
Whenever the interface receives the packet, its content is checked against all ACEs in the
ACL. It is marked based on the ACL configuration
• Filtering protocol types TCP/UDP allow the user to specify port numbers as filtering
criteria
• Select ICMP to allow/deny ICMP packets (selecting ICMP allows you to filter packets
based on the ICMP type and code
)
15.1.6.1 Example - Marking dot1p on TCP Based Traffic
The example below marks the dot1p priority value in the ethernet header to 5 on all TCP
traffic coming from the source subnet:
RFSwitch(config-ext-nacl)# mark 8021p 6 udp 192.168.2.0/24
range 5060 5061
RFSwitch(config-ext-nacl)#
15.1.6.2 Example - Marking tos on TCP based Traffic
The example below marks the tos value in the IP header to 245 on all tcp traffic coming
from the source subnet:
NOTE: The log option is functional only for router ACL’s. The log option
provides an informational logging message about the packet matching
the entry sent to the console.
To Next Page
Loading...
Need help?
General
