Quality of Service (QoS) Commands
478
ProSafe Managed Switch
Note: For the XSM7224S, the mirror parameter allows the traffic
matching this rule to be copied to the specified
<unit/slot/port>, while the redirect parameter allows the traffic
matching this rule to be forwarded to the specified
<unit/slot/port>. The assign-queue and redirect
parameters are only valid for a permit rule.
A rule may either deny or permit traffic according to the specified classification fields. At a
minimum, either the every keyword or the protocol, source address, and destination address
values must be specified. The source and destination IP address fields may be specified
using the keyword ā
anyā to indicate a match on any value in that field. The remaining
command parameters are all optional, but the most frequently used parameters appear in the
same relative order as shown in the command format.
The assign-queue parameter allows specification of a particular hardware queue for handling
traffic that matches this rule. The allowed <queue-id> value is 0-(n-1), where n is the
number of user configurable queues available for the hardware platform. The
assign-queue parameter is valid only for a permit rule.
The time-range parameter allows imposing time limitation on the IP ACL rule as defined by
the parameter <time-range-name>. If a time range with the specified name does not exist and
the IP ACL containing this ACL rule is applied to an interface or bound to a VLAN, then the
ACL rule is applied immediately. If a time range with specified name exists and the IP ACL
containing this ACL rule is applied to an interface or bound to a VLAN, then the ACL rule is
applied when the time-range with specified name becomes active. The ACL rule is removed
when the time-range with specified name becomes inactive.
Format {deny | permit} {every | {{icmp | igmp | ip | tcp | udp | <number>}
<srcip> <srcmask>[{eq {<portkey> | <0-65535>} <dstip> <dstmask> [{eq
{<portkey>| <0-65535>}] [precedence <precedence> | tos <tos>
<tosmask> | dscp <dscp>] [log] [timerange <time-range-name>]
[assign-queue <queue-id>] [{mirror | redirect}
<unit/slot/port>]
Mode
ip access-group
This command either attaches a specific IP ACL identified by <accesslistnumber> to an
interface or associates with a VLAN ID in a given direction. The parameter <name> is the
name of the Access Control List.
An optional sequence number may be specified to indicate the order of this IP access list
relative to other IP access lists already assigned to this interface and direction. A lower
number indicates higher precedence order. If a sequence number is already in use for this
interface and direction, the specified access list replaces the currently attached IP access list
using that sequence number. If the sequence number is not specified for this command, a
Ipv4-Access-List Config
To Next Page
Loading...
