Configuration Examples
435
M4100 Series Managed Switch
• Match Every: False
• Source IP address: 192.168.187.0
• Source IP Mask: 255.255.255.0
For additional information about IP ACL rules, see Configure Rules for an IP ACL on
page 355.
3. Click the ADD button.
4. From the IP Rules screen, create a second rule for IP ACL 1 with the following settings:
• Rule ID: 2
• Action: Permit
• Match Every: True
5. Click the ADD button.
6. From the IP Binding Configuration screen, assign ACL ID 1 to the interface gigabit ports 2,
3, and 4, and assign a sequence number of 1.
See Configure ACL Interface Bindings on page 365.
By default, this IP ACL is bound on the inbound direction, so it examines traffic as it
enters the switch.
7. Click the APPLY button.
8. Use the IP Binding Table screen to view the interfaces and IP ACL binding information.
See View or Delete IP ACL Bindings on page 366.
The IP ACL in this example matches all packets with the source IP address and subnet mask
of the Finance department's network and deny it on the Ethernet interfaces 2, 3, and 4 of the
switch. The second rule permits all non-Finance traffic on the ports. The second rule is
required because there is an explicit deny all rule as the lowest-priority rule.
Differentiated Services (DiffServ)
Standard IP-based networks are designed to provide best effort data delivery service. Best
effort service implies that the network deliver the data in a timely fashion, although the
environment can affect performance. During times of congestion, packets might be delayed,
sent sporadically, or dropped. For typical Internet applications, such as email and file transfer,
a slight degradation in service is acceptable and in many cases unnoticeable. However, any
degradation of service has undesirable effects on applications with strict timing requirements,
such as voice or multimedia.
Quality of Service (QoS) can provide consistent, predictable data delivery by distinguishing
between packets with strict timing requirements from those that are more tolerant of delay.
Packets with strict timing requirements are given special treatment in a QoS-capable
network. With this in mind, all elements of the network must be QoS-capable. If one node is
unable to meet the necessary timing requirements, this creates a deficiency in the network
path and the performance of the entire packet flow is compromised.
There are two basic types of QoS:
To Next Page
Loading...
Need help?
General
