Foundry NetIron M2404C and M2404F Metro Access Switches
Configuring ACLs (Rev. 03)
Overview
© 2008 Foundry Networks, Inc
Page 46 of 50
permit ip any 211.202.212.3 0.0.0.63
10. Display the configured access groups:
device-name
#
show ip access-groups
interface 1/1/1
ip access-group 101 option
rate-limit single-rate 3000K 256K 256K
ip access-group 103 option
rate-limit single-rate 1000K 250K 250K
ip access-group 1
interface 1/1/2
ip access-group 100 option
rate-limit single-rate 3000K 256K 256K
ip access-group 1
interface 1/1/3
ip access-group 102 option
rate-limit single-rate 1000K 250K 250K
ip access-group 1
CoS to ToS Configuration
The following example shows how to remark the ToS (DSCP) to 10 only on packets with VPT 5.
1. Set an ACL with a VPT rule for VPT 5:
device-name
(config)#
access-list 100 permit ip any any vpt 5
device-name
(config)#
access-list 1 permit any
2. Set the ACG on the desired interface with ToS (DSCP) remarking:
device-name
(config)#
interface 1/1/1
device-name
(config-if 1/1/1)#
ip access-group 100 option
device-name
(config-if 1/1/1 acg 100)#
set traffic-class dscp 10
device-name
(config-if 1/1/1 acg 100)#
apply
device-name
(config-if 1/1/1)#
ip access-group 1
device-name
(config-if 1/1/1)#
end
3. Display the existing ACLs:
device-name
#
show ip access-lists
Standard IP access list 1
permit any
Extended IP access list 100
permit ip any any vpt 5
4. Display the existing ACGs:
device-name
#
show ip access-groups
Interface 1/1/1
ip access-group 100 option
set traffic-class dscp 10
ip access-group 1
ToS to CoS Configuration
The following example shows how to remark the VPT to 5 only on packets with DSCP 4 (ToS 16).