Overview
14-12
Usage Guidelines
This command marks traffic between network’s/host’s based on the protocol type selected in the access list
configuration.
Use th
mark option to specify the type of service (tos) and priority value. The tos value is marked in the IP
header and the 802.1p priority value is marked in the dot1q frame.
The following types of protocols are supported:
•ip
•icmp
•tcp
• udp
Whenever the interface receives the packet, its content is checked against all the ACE’s in the ACL. It is marked
based on the ACL configuration.
• Filtering on Protocol types tcp/udp allows the user to specify port numbers as filtering criteria.
mark {dot1p <0-7> | tos
<0-255>}} {tcp|udp}
{source/source-mask |
host source | any}
[operator source-port]
{destination/destination-
mask | host destination |
any} [operator
destination-port] [log]
[rule-precedence access-
list-entry precedence]
Use with the
mark command to specify tcp or udp packets as marked.
• mark {dot1p <0-7> | tos <0-255>} – The keyword specifies mark action on
an ACL. The action type
mark is functional only over a Port ACL.
•{tcp|udp} – Specifies tcp or udp as the protocol used.
• {source/source-mask | host source | any} – source is the source IP
address of the network or host in dotted decimal. Source-mask is the
network mask. For example, 10.1.1.10/24 indicates that the first 24 bits
of the source IP are used for matching.
• any is an abbreviation for source IP of 0.0.0.0 and source-mask bits
equal to 0.
• host is an abbreviation for exact source (A.B.C.D) and source-mask
bits equal to 32.
• [operator source-port] – Valid only for tcp or udp protocols. Valid values
are eq and range.
• range – Specifies the protocol range (starting and ending protocol
numbers).
• port – Valid port number.
• {destination/destination-mask | host destination | any} – The destination
host IP address or destination network address.
• [operator destination-port] – Specifies the destination port.
• [log] – Generates log messages when the packet coming from the
interface matches the ACL entry. Log messages are generated only for
router ACLs.
• [rule-precedence access-list-entry precedence] – Integer value between
1-5000. This value sets the rule precedence in the ACL.
To Next Page
Loading...
Need help?
General
