Combined acl for 802.1p marking – Brocade Communications Systems Brocade ICX 6650 6650 User Manual

116

Brocade ICX 6650 Security Configuration Guide

53-1002601-01

QoS options for IP ACLs

Combined ACL for 802.1p marking

Brocade devices support a simple method for assigning an 802.1p priority value to packets without
affecting the actual packet or the DSCP. In early IronWare software releases, users were required to
provide DSCP-marking and DSCP-matching information in order to assign 802.1p priority values,
which required the deployment of a 64-line ACL to match all possible DSCP values. Users were also
required to configure an internal priority marking value. Now, users can easily specify 802.1p
priority marking values directly, and change internal priority marking from required to optional.

NOTE

This feature is not applicable to outbound traffic.

On Brocade ICX 6650, if the user does not set a specific internal marking priority, the default value
is the same as the 802.1-priority marking value:

Priority values range from 0 to 7.

Two new ACL parameters support this feature, one required for priority marking and one optional
for internal priority marking. These parameters apply to IP, and TCP, and UDP.

NOTE

Brocade ICX 6650 does not allow setting 802.1p-priority-marking value different from the
internal-priority-marking value. You can have both parameters configured in a single ACL rule if both
values are the same.

For IP

Brocade(config)# access-list 104 per ip any any 802.1p-priority-marking 1

or the following command, which also assigns an optional internal-priority-marking value.

Brocade(config)# access-list 104 per ip any any 802.1p-priority-marking 1
internal-priority-marking 1

Syntax: access-list num(100-199) permit ip any any 802.1p-priority-marking priority value (0-7)

[internal-priority-marking value (0-7)]

For TCP

Brocade(config)# access-list 105 per tcp any any 802.1p-priority-marking 1

or the following command, which also assigns an optional internal-priority-marking value.

Brocade(config)# access-list 105 per tcp any any 802.1p-priority-marking 1
internal-priority-marking 1

Syntax: access-list num(100-199) permit tcp any any 802.1p-priority-marking priority value (0-7)

[internal-priority-marking value (0-7)]

For UDP

Brocade(config)# access-list 105 per udp any any 802.1p-priority-marking 1

or the following command, which also assigns an optional internal-priority-marking value.

Brocade(config)# access-list 105 per udp any any 802.1p-priority-marking 1
internal-priority-marking 1