Home » HP Manuals » Servers » HP 6125G » Manual Viewer

HP 6125G HP 6125G & 6125G/XG Blade Switches ACL and QoS Configuration - Page 15

Configuring an Ethernet frame header ACL, Copying an ACL

Add to My Manuals
Save this manual to your list of manuals

Page 15 highlights

Configuring an Ethernet frame header ACL Ethernet frame header ACLs, also called "Layer 2 ACLs," match packets based on Layer 2 protocol header fields, such as source MAC address, destination MAC address, 802.1p priority (VLAN priority), and link layer protocol type. To configure an Ethernet frame header ACL: Step 1. Enter system view. Command system-view 2. Create an Ethernet frame header ACL and enter its view. acl number acl-number [ name acl-name ] [ match-order { auto | config } ] 3. Configure a description for the Ethernet frame header ACL. 4. Set the rule numbering step. description text step step-value rule [ rule-id ] { deny | permit } [ cos vlan-pri | counting | dest-mac dest-addr dest-mask | { lsap 5. Create or edit a lsap-type lsap-type-mask | rule. type protocol-type protocol-type-mask } | source-mac sour-addr source-mask | time-range time-range-name ] * 6. Add or edit a rule comment. rule rule-id comment text 7. Add or edit a rule range remark. 8. Enable counting ACL rule matches performed in hardware. rule [ rule-id ] remark text hardware-count enable Remarks N/A By default, no ACL exists. Ethernet frame header ACLs are numbered in the range of 4000 to 4999. You can use the acl name acl-name command to enter the view of a named Ethernet frame header ACL. Optional. By default, an Ethernet frame header ACL has no ACL description. Optional. The default setting is 5. By default, an Ethernet frame header ACL does not contain any rule. The lsap keyword is not supported if the ACL is for QoS traffic classification. Optional. By default, no rule comments are configured. Optional. By default, no rule range remarks are configured. Optional. Disabled by default. When the ACL is referenced by a QoS policy, this command does not take effect. Copying an ACL You can create an ACL by copying an existing ACL (source ACL). The new ACL (destination ACL) has the same properties and content as the source ACL, but not the same ACL number and name. 9

Section	Page
Title Page	1
ACL and QoS Configuration Guide	3
Configuring ACLs	7
Overview	7
Applications on the switch	7
ACL categories	7
Numbering and naming ACLs	7
Match order	8
ACL rule comments and rule range remarks	9
ACL rule numbering	9
What is the ACL rule numbering step	9
Automatic rule numbering and renumbering	9
Fragments filtering with ACLs	9
ACL configuration task list	9
Configuring a time range	10
Configuring a basic ACL	10
Configuring an IPv4 basic ACL	10
Configuring an IPv6 basic ACL	11
Configuring an advanced ACL	12
Configuring an IPv4 advanced ACL	12
Configuring an IPv6 advanced ACL	13
Configuration restrictions and guidelines	13
Configuration procedure	13
Configuring an Ethernet frame header ACL	15
Copying an ACL	15
Copying an IPv4 ACL	16
Copying an IPv6 ACL	16
Packet filtering with ACLs	16
Applying an IPv4 or Ethernet frame header ACL for packet filtering	16
Applying an IPv6 ACL for packet filtering	16
Displaying and maintaining ACLs	17
Configuration example of using ACL for device management	17
Network requirements	17
Configuration procedure	18
IPv4 packet filtering configuration example	19
Network requirements	19
Configuration procedure	19
IPv6 packet filtering configuration example	20
Network requirements	20
Configuration procedure	20
QoS overview	21
QoS service models	21
Best-effort service model	21
IntServ model	21
DiffServ model	21
QoS techniques	22
QoS configuration approaches	23
MQC approach	23
Non-MQC approach	23
Configuring a QoS policy	24
Overview	24
Defining a class	24
Configuration restrictions and guidelines	25
Configuration procedure	25
Defining a traffic behavior	26
Defining a policy	27
Configuration restrictions and guidelines	27
Configuration procedure	27
Applying the QoS policy	27
Applying the QoS policy to an interface	28
Applying the QoS policy to online users	28
Configuration restrictions and guidelines	28
Configuration procedure	28
Applying the QoS policy to a VLAN	29
Applying the QoS policy globally	29
Displaying and maintaining QoS policies	29
Configuring priority mapping	31
Overview	31
Types of priorities	31
Priority mapping tables	31
Priority trust mode on a port	32
Priority mapping procedure	32
Configuration guidelines	33
Configuring a priority mapping table	33
Configuring a port to trust packet priority for priority mapping	33
Changing the port priority of an interface	33
Displaying priority mappings	34
Priority trust mode configuration example	34
Network requirements	34
Configuration procedure	35
Priority mapping table and priority marking configuration example	35
Network requirements	35
Configuration procedure	36
Configuring traffic policing, traffic shaping, and line rate	38
Overview	38
Traffic evaluation and token buckets	38
Evaluating traffic with the token bucket	38
Complicated evaluation	38
Traffic policing	39
Traffic shaping	40
Line rate	40
Configuring traffic policing	41
Configuration restrictions and guidelines	41
Configuration procedure	41
Configuring GTS	42
Configuring the line rate	42
Displaying and maintaining traffic policing, GTS, and line rate	43
Traffic policing configuration example	43
Network requirements	43
Configuration procedures	44
Configuring congestion management	46
Overview	46
Congestion management techniques	46
SP queuing	46
WRR queuing	47
WFQ queuing	48
SP+WRR queuing	49
SP+WFQ queuing	49
Configuring SP queuing	49
Configuration procedure	49
Configuration example	49
Network requirements	49
Configuration procedure	50
Configuring WRR queuing	50
Configuration procedure	50
Configuration example	50
Network requirements	50
Configuration procedure	51
Configuring WFQ queuing	51
Configuration procedure	51
Configuration example	52
Network requirements	52
Configuration procedure	52
Configuring SP+WRR queuing	52
Configuration procedure	52
Configuration example	53
Network requirements	53
Configuration procedure	53
Configuring SP+WFQ queuing	53
Configuration procedure	53
Configuration example	54
Network requirements	54
Configuration procedure	54
Configuring congestion avoidance	55
Overview	55
Tail drop	55
RED and WRED	55
Introduction to WRED configuration	55
Configuring WRED	56
Configuration procedure	56
Configuration examples	56
Displaying and maintaining WRED	57
Configuring traffic filtering	58
Configuration procedure	58
Traffic filtering configuration example	59
Network requirements	59
Configuration procedure	59
Configuring priority marking	60
Configuration procedure	60
Local precedence re-marking configuration example	61
Network requirements	61
Configuration procedure	62
Local QoS ID marking configuration example	63
Configuring traffic redirecting	65
Configuration restrictions and guidelines	65
Configuration procedure	65
Redirect-to-next hop configuration example	66
Network requirements	66
Configuration procedure	66
Configuring aggregate CAR	68
Overview	68
Configuring aggregate CAR	68
Configuration restrictions and guidelines	68
Configuration procedure	68
Displaying and maintaining aggregate CAR configuration	69
Aggregate CAR configuration example	69
Network requirements	69
Configuration procedure	69
Configuring class-based accounting	71
Configuration procedure	71
Displaying and maintaining traffic accounting	71
Class-based accounting configuration example	72
Network requirements	72
Configuration procedure	72
Configuring burst	74
Configuration prerequisites	74
Configuration procedure	74
Burst configuration example	74
Network requirements	74
Configuration procedure	75
Appendix A Default priority mapping tables	76
Uncolored priority mapping tables	76
Appendix B Packet precedences	77
IP precedence and DSCP values	77
802.1p priority	78
Support and other resources	80
Contacting HP	80
Subscription service	80
Related information	80
Documents	80
Websites	80
Conventions	81
Command conventions	81
GUI conventions	81
Symbols	81
Network topology icons	82
Port numbering in examples	82

Match case Limit results 1 per page

Configuring an Ethernet frame header ACL

Ethernet frame header ACLs, also called "Layer 2 ACLs," match packets based on Layer 2 protocol

header fields, such as source MAC address, destination MAC address, 802.1p priority (VLAN priority),

and link layer protocol type.

To configure an Ethernet frame header ACL:

Step

Command

Remarks

Enter system

view.

system-view

N/A

Create an

Ethernet frame

header ACL

and enter its

view.

acl number

acl-number

[

name

acl-name

]

[

match-order

{

auto

config

} ]

By default, no ACL exists.

Ethernet frame header ACLs are numbered in the

range of 4000 to 4999.

You can use the

acl

name

acl-name

command to enter

the view of a named Ethernet frame header ACL.

Configure a

description for

the Ethernet

frame header

ACL.

description

text

Optional.

By default, an Ethernet frame header ACL has no ACL

description.

Set the rule

numbering

step.

step

step-value

Optional.

The default setting is 5.

Create or edit a

rule.

rule

[

rule-id

] {

deny

permit

} [

cos

vlan-pri

counting

dest-mac

dest-addr

dest-mask

| {

lsap

lsap-type

lsap-type-mask

type

protocol-type

protocol-type-mask

} |

source-mac

sour-addr

source-mask

time-range

time-range-name

] *

By default

an Ethernet frame header ACL does not

contain any rule.

The

lsap

keyword is not supported if the ACL is for QoS

traffic classification.

Add or edit a

rule comment.

rule

rule-id

comment

text

Optional.

By default, no rule comments are configured.

Add or edit a

rule range

remark.

rule

[

rule-id

]

remark

text

Optional.

By default, no rule range remarks are configured.

Enable

counting ACL

rule matches

performed in

hardware.

hardware-count enable

Optional.

Disabled by default.

When the ACL is referenced by a QoS policy, this

command does not take effect.

Copying an ACL

You can create an ACL by copying an existing ACL (source ACL). The new ACL (destination ACL) has the

same properties and content as the source ACL, but not the same ACL number and name.

HP 6125G HP 6125G &amp; 6125G/XG Blade Switches ACL and QoS Configuration - Page 15

Configuring an Ethernet frame header ACL, Copying an ACL

Page 15 highlights

HP 6125G HP 6125G & 6125G/XG Blade Switches ACL and QoS Configuration - Page 15