36-44
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide
OL-12247-04
Chapter 36 Configuring QoS
Configuring Standard QoS
Classifying Traffic by Using ACLs
You can classify IP traffic by using IP standard or IP extended ACLs; in Cisco IOS Release 12.2(52)SE
and later, you can use IPv6 ACLs. You can classify non-IP traffic by using Layer 2 MAC ACLs.
Beginning in privileged EXEC mode, follow these steps to create an IP standard ACL for IP traffic:
To delete an access list, use the
no access-list
access-list-number
global configuration command.
This example shows how to allow access for only those hosts on the three specified networks. The
wildcard bits apply to the host portions of the network addresses. Any host with a source address that
does not match the access list statements is rejected.
Switch(config)#
access-list 1 permit 192.5.255.0 0.0.0.255
Switch(config)#
access-list 1 permit 128.88.0.0 0.0.255.255
Switch(config)#
access-list 1 permit 36.0.0.0 0.0.0.255
! (Note: all other access implicitly denied)
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
access-list
access-list-number
{
deny
|
permit
}
source
[
source-wildcard
]
Create an IP standard ACL, repeating the command as many times as
necessary.
•
For
access-list-number
, enter the access list number. The range is
1 to 99 and 1300 to 1999.
•
Use the
permit
keyword to permit a certain type of traffic if the
conditions are matched. Use the
deny
keyword to deny a certain
type of traffic if conditions are matched.
•
For
source
, enter the network or host from which the packet is
being sent. You can use the
any
keyword as an abbreviation for
0.0.0.0 255.255.255.255.
•
(Optional) For
source-wildcard
, enter the wildcard bits in dotted
decimal notation to be applied to the source. Place ones in the bit
positions that you want to ignore.
Note
When creating an access list, remember that, by default, the end
of the access list contains an implicit deny statement for
everything if it did not find a match before reaching the end.
Step 3
end
Return to privileged EXEC mode.
Step 4
show access-lists
Verify your entries.
Step 5
copy running-config startup-config
(Optional) Save your entries in the configuration file.