Brocade FastIron Ethernet Switch Security Configuration Guide User Manual
Page 115
• network or 7 - The ACL matches packets that have the network control precedence. If you specify
the option number instead of the name, specify number 7.
• priority or 1 - The ACL matches packets that have the priority precedence. If you specify the option
number instead of the name, specify number 1.
• routine or 0 - The ACL matches packets that have the routine precedence. If you specify the option
number instead of the name, specify number 0.
The tos name | num parameter of the ip access-list command specifies the IP ToS. You can specify
one of the following:
• max-reliability or 2 - The ACL matches packets that have the maximum reliability ToS. The decimal
value for this option is 2.
• max-throughput or 4 - The ACL matches packets that have the maximum throughput ToS. The
decimal value for this option is 4.
• min-delay or 8 - The ACL matches packets that have the minimum delay ToS. The decimal value for
this option is 8.
• min-monetary-cost or 1 - The ACL matches packets that have the minimum monetary cost ToS.
The decimal value for this option is 1.
NOTE
This value is not supported on 10 Gigabit Ethernet modules.
•
‐
normal or 0 - The ACL matches packets that have the normal ToS. The decimal value for
this option is 0.
‐
num - A number from 0 - 15 that is the sum of the numeric values of the options you want.
The ToS field is a four-bit field following the Precedence field in the IP header. You can
specify one or more of the following. To select more than one option, enter the decimal
value that is equivalent to the sum of the numeric values of all the ToS options you want to
select. For example, to select the max-reliability and min-delay options, enter number 10.
To select all options, select 15.
NOTE
The following QoS options are only available if a specific ICMP type is specified and cannot be used
with the any-icmp-type option set for the icmp-type parameter. See
on page
135 for more information on using ACLs to perform QoS.
The 802.1p-priority-matching option inspects the 802.1p bit in the ACL that can be used with adaptive
rate limiting. Enter a value from 0 - 7. For details, refer to "Inspecting the 802.1p bit in the ACL for
adaptive rate limiting" section in the FastIron Ethernet Switch Traffic Management Guide.
The dscp-cos-mapping option maps the DSCP value in incoming packets to a hardware table that
provides mapping of each of the 0 - 63 DSCP values, and distributes them among eight traffic classes
(internal priorities) and eight 802.1p priorities.
NOTE
The dscp-cos-mapping option overrides port-based priority settings.
NOTE
The dscp-cos-mapping option is supported on FSX devices only.
The dscp-marking option enables you to configure an ACL that marks matching packets with a
specified DSCP value. Enter a value from 0 - 63. Refer to
Using an IP ACL to mark DSCP values
Rule-Based IP ACLs
FastIron Ethernet Switch Security Configuration Guide
115
53-1003088-03