Cisco 2950 - Catalyst Switch Configuration Manual page 589
Software configuration guide
Hide thumbs
Also See for 2950 - Catalyst Switch:
- Command reference manual (686 pages) ,
- Software configuration manual (674 pages) ,
- Software manual (376 pages)
Table of Contents
Advertisement
Chapter 30
Configuring QoS
Command
Step 4
show access-lists
Step 5
copy running-config startup-config
For more information about creating IP extended ACLs, see the
Physical Interfaces" section on page
To delete an ACL, use the no access-list access-list-number global configuration command.
This example shows how to create an ACL that permits only TCP traffic from the destination IP address
128.88.1.2 with TCP port number 25:
Switch(config)# access-list 102 permit tcp 0.0.0.0 255.255.255.255 128.88.1.2 0.0.0.0 eq
25
Beginning in privileged EXEC mode, follow these steps to create a Layer 2 MAC ACL for Layer 2
traffic:
Command
Step 1
configure terminal
Step 2
mac access-list extended name
Step 3
permit {any | host source MAC address}
{any | host destination MAC address} [aarp
| amber | appletalk | dec-spanning |
decnet-iv | diagnostic | dsm | etype-6000 |
etype-8042 | lat | lavc-sca | mop-console |
mop-dump | msdos | mumps | netbios |
vines-echo |vines-ip | xns-idp]
Step 4
end
Step 5
show access-lists [number | name]
Step 6
copy running-config startup-config
For more information about creating MAC extended ACLs, see the
ACLs" section on page
To delete an ACL, use the no mac access-list extended name global configuration command.
78-11380-10
Purpose
Verify your entries.
(Optional) Save your entries in the configuration file.
29-5.
Purpose
Enter global configuration mode.
Create a Layer 2 MAC ACL by specifying the name of the list.
After entering this command, the mode changes to extended MAC
ACL configuration.
Enter permit to permit access if conditions are matched.
Deny statements are not supported for QoS ACLs. See the
Note
"Classification Based on QoS ACLs" section on page 30-5
for more details.
For source MAC address, enter the MAC address of the host from
which the packet is being sent. You specify this by using the any
keyword to deny any source MAC address or by using the host
keyword and the source in the hexadecimal format (H.H.H).
For destination MAC address, enter the MAC address of the host to
which the packet is being sent. You specify this by using the any
keyword to deny any destination MAC address or by using the host
keyword and the destination in the hexadecimal format (H.H.H).
(Optional) You can also enter these options:
aarp | amber | appletalk | dec-spanning | decnet-iv |
diagnostic | dsm | etype-6000 | etype-8042 | lat | lavc-sca |
mop-console | mop-dump | msdos | mumps | netbios |
vines-echo |vines-ip | xns-idp (a non-IP protocol).
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
29-18.
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
Configuring Standard QoS
"Guidelines for Applying ACLs to
"Creating Named MAC Extended
30-29
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
