i
Contents
Configuring ACLs ························································································································································· 1
Overview············································································································································································1
Applications on the switch ······································································································································1
ACL categories ·························································································································································1
Numbering and naming ACLs ································································································································1
Match order ······························································································································································2
ACL rule comments and rule range remarks ·········································································································3
ACL rule numbering ·················································································································································3
Fragments filtering with ACLs
··································································································································3
ACL configuration task list
················································································································································3
Configuring a time range
·················································································································································4
Configuring a basic ACL
··················································································································································4
Configuring an IPv4 basic ACL ······························································································································4
Configuring an IPv6 basic ACL ······························································································································5
Configuring an advanced ACL········································································································································6
Configuring an IPv4 advanced ACL·······················································································································6
Configuring an IPv6 advanced ACL·······················································································································7
Configuring an Ethernet frame header ACL ···················································································································9
Copying an ACL ·······························································································································································9
Copying an IPv4 ACL ··········································································································································· 10
Copying an IPv6 ACL ··········································································································································· 10
Packet filtering with ACLs ·············································································································································· 10
Applying an IPv4 or Ethernet frame header ACL for packet filtering ······························································ 10
Applying an IPv6 ACL for packet filtering ·········································································································· 10
Displaying and maintaining ACLs ································································································································ 11
Configuration example of using ACL for device management ················································································· 11
Network requirements··········································································································································· 11
Configuration procedure ······································································································································ 12
IPv4 packet filtering configuration example ················································································································ 13
Network requirements··········································································································································· 13
Configuration procedure ······································································································································ 13
IPv6 packet filtering configuration example ················································································································ 14
Network requirements··········································································································································· 14
Configuration procedure ······································································································································ 14
QoS overview····························································································································································· 15
QoS service models ······················································································································································· 15
Best-effort service model ······································································································································· 15
IntServ model ························································································································································· 15
DiffServ model ······················································································································································· 15
QoS techniques ······························································································································································ 16
QoS configuration approaches································································································································· 17
MQC approach ····························································································································································· 17
Non-MQC approach ····················································································································································· 17
Configuring a QoS policy ········································································································································· 18
Overview········································································································································································· 18
Defining a class ······························································································································································ 18
Configuration restrictions and guidelines ··········································································································· 19