Syntax Description

Parameter

Description

access-list-number

Number of an ACL, from 100 to 199 or from 2000 to 2699.

protocol

Name of an IP protocol. protocol can be ip, tcp, or udp.

deny

Denies access if conditions are matched.

permit

Permits access if conditions are matched.

remark

ACL entry comment; up to 100 characters.

source source-wildcard | host source | any

Defines a source IP address and wildcard.

The source is the source address of the network or host from which the packet is being sent, specified in one of these ways:

■ The 32-bit quantity in dotted-decimal format. The source-wildcard applies wildcard bits to the source.

■ The keyword host, followed by the 32-bit quantity in dotted-decimal format, as an abbreviation for source and source-wildcard of source 0.0.0.0.

Parameter

Descri ption

■ The keyword any as an abbreviation for source and source-wildcard of 0.0.0.0 255.255.255.255. You do not need to enter a source-wildcard.

destination destination-wildcard | host destination | any

Defines a destination IP address and wildcard.

The destination is the destination address of the network or host to which the packet is being sent, specified in one of these ways:

■ The 32-bit quantity in dotted-decimal format. The destinationwildcard applies wildcard bits to the destination.

■ The keyword host, followed by the 32-bit quantity in dotted-decimal format, as an abbreviation for destination and destination-wildcard of source 0.0.0.0.

■ The keyword any as an abbreviation for destination and destination-wildcard of 0.0.0.0 255.255.255.255. You do not need to enter a destination-wildcard.

operator port

(Optional) Defines a source or destination port. The operator can be only eq (equal).

If operator is after the source IP address and wildcard, conditions match when the source port matches the defined port.

If operator is after the destination IP address and wildcard, conditions match when the destination port matches the defined port.

The port is a decimal number or name of a TCP or UDP port. The number can be from 0 to 65535.

Use TCP port names only for TCP traffic.

Use UDP port names only for UDP traffic.

dscp dscp-value

(Optional) Defines a DSCP value to classify traffic.

For the dscp-value, enter any of the 13 supported DSCP values (0, 8, 10, 16, 18, 24, 26, 32, 34, 40, 46, 48, and 56), or use the question mark (?) to see a list of available values.

time-range time-rangename

(Optional) For the time-range keyword, enter a meaningful name to identify the time range. For a more detailed explanation of this keyword, refer to the software configuration guide.

You can also use modular QoS command-line interface (CLI), or MQC, class maps on Catalyst 2950 switches for packet classification purposes. However, the match command used in conjunction with the class map has different parameters when executed on a Catalyst switch.

Use the match class-map configuration command to define the match criteria to classify traffic. Use the no form of this command to remove the match criteria.

match {access-group acl-index | access-group name acl-name | ip dscp dscp-list}

Was this article helpful?

0 0

Post a comment