CANOGA PERKINS CanogaOS Configuration Guide User Manual

Page 274

Advertising
background image

CanogaOS Configuration Guide

Proprietary & Confidential Canoga Perkins Metro Ethernet Switches

Page 274 of 350

Configure Policy

To configure a QoS policy, the following is usually required:

• Categorize traffic into classes.
• Configure policies to apply to the traffic classes.
• Attach policies to interfaces.

Classify Traffic Using ACLs

IP traffic can be classified using IP ACLs.
The following shows creating an IP ACL for IP traffic. Follow these steps from Privileged Exec
mode.

1. configure terminal.

2. ip access-list ACCESS-LIST-NAME

ACCESS-LIST-NAME = name of IP ACL

3. create ACEs, Repeat this step as needed. For detail, please refer to ACL

configuration Guide
Note: The no ip-access-list command deletes an access list.
The following example shows allowing access only for hosts on three specified networks.
Wildcard bits correspond to the network address host portions. If a host has a source address that
does not match the access list statements, it is rejected.

DUT(config)# ip access-list ip-acl

DUT(config-ip-acl)# permit any 128.88.12.0 0.0.0.255 any

DUT(config-ip-acl)# permit any 28.88.0.0 0.0.255.255 any

DUT(config-ip-acl)# permit any 11.0.0.0 0.255.255.255 any

Create class-map

The following shows classifying IP traffic on a physical-port basis using class maps. This
involves creating a class map, and defining the match criterion.

1. configure terminal.

2. ip access-list ACCESS-LIST-NAME

ACCESS-LIST-NAME = name of IP ACL

3. create ACEs, Repeat this step as needed. For detail, please refer to ACL

configuration Guide

4. class-map (match-any|match-all) NAME to create a class map.

match-any = Use the match-any keyword to perform a logical-OR of all matching

statements under this class map. One or more match criteria must be matched.

match-all = Use the match-all keyword to perform a logical-AND of all matching

statements under this class map. All match criteria in the class map must be matched.

Note: If neither the match-any or match-all keyword is specified, the default is

match-all.

NAME = name of the class map.

5. match access-group NAME to define the match criterion.

NAME = name of the ACL created using the ip access-list command.

Advertising
Popular Brands
Popular manuals