CANOGA PERKINS 9171 Configuration Guide User Manual

CanogaOS Configuration Guide

31-9

configuration Guide

• class-map (match-any|match-all) NAME to create a class map. match-any = Use

the match-any keyword to perform a logical-OR of all matching statements under
this class map. One or more match criteria must be matched. match-all = Use the
match-all keyword to perform a logical-AND of all matching statements under this
class map. All match criteria in the class map must be matched. Note: If neither
the match-any or match-all keyword is specified, the default is match-all. NAME =
name of the class map.

• match access-group NAME to define the match criterion. NAME = name of the

ACL created using the ip access-list command. Note: The no class-map
command deletes an existing class-map.

The following example shows configuring a class map named cmap1 with 1 match
criterion: IP access list ip-acl, which allows traffic from any source to any destination.

DUT(config)# ip access-list ip-acl
DUT(config-ip-acl)# permit any any any
DUT(config-ip-acl)#quit
DUT(config)# class-map cmap1
DUT(config-cmap)# match access-group ip-acl

Create Policy Map
The following shows creating a policy map to classify, police, and mark traffic.

• configure

terminal.

• ip access-list to create an IP ACL.

• class-map (match-any|match-all) NAME to create a class map.

• policy-map NAME to create a policy map. NAME = name of the policy map.

• class NAME to define a traffic classification. NAME = name of the class map.

• set priority <0-63> color red|yellow|green to set a priority and color for the packet

matched class-map.

• trust cos|dscp|ip-prec|port|outer to specify a policy to trust which to map priority

and color. trust = set trust value for the class. dscp = trust dscp value in classified
packets. cos = trust cos value in classified packets. ip-prec = trust ip precedence
in classified packets. port = trust port default cos value in classified packets. outer
= trust the outer header of tunnel to map to priority in classified packets

• policer color-blind|color-aware cir <1-1000000> cbs <0-4000000> ebs

<0-4000000>| pir <1-1000000> pbs <0-4000000> drop-color red|yellow
(use-l3-length) to specify a policer. color-blind = Color blind mode policer.
color-aware = color-aware: Color aware mode policer. cir = CIR - commit
Information rate (bps). cbs = commit burst size (bytes). ebs = EBS - Excess Burst
Size (bytes). pir = PIR - Peak Information Rate. pbs = PBS - peak burst size
(bytes). drop-color = drop color config. use-l3-length = Use l3 length for policing

• exit.

• exit.

• interface IFNAME to specify the interface to match to the policy map. IFNAME =

name of interface

• service-policy input|output NAME to apply a policy map to the input or output of

the specified interface. NAME = policy-map name to apply the specified
policy-map to the interface.