beautypg.com

1 class-map, 2 no class-map – Fortinet MR1 User Manual

Page 257

background image

257

5.12.2.1 class-map

This command defines a new DiffServ class of type match-all, match-any or
match-access-group.

Syntax

class-map [ match-all ]


is a case sensitive alphanumeric string from 1 to 31 characters uniquely
identifying the class.

Note: The class name 'default' is reserved and must not be used here.
When used without any match condition, this command enters the class-map mode. The
is the name of an existing DiffServ class.

Note: The class name 'default' is reserved and is not allowed here. The class type of
match-all indicates all of the individual match conditions must be true for a packet to be
considered a member of the class. The class type of match-access-group indicates the
individual class match criteria are evaluated based on an access list (ACL).

<aclid> is an integer specifying an existing ACL number (refer to the appropriate ACL
documentation for the valid ACL number range). A matchaccess-group class type copies
its set of match criteria from the current rule definition of the specified ACL number. All
elements of a single ACL Rule are treated by DiffServ as a grouped set, similar to class type
all. For any class, at least one class match condition must be specified for the class to be
considered valid.

Note: The class match conditions are obtained from the referenced access list at the time of
class creation
. Thus, any subsequent changes to the referenced ACL definition do not
affect the DiffServ class. To pick up the latest ACL definition, the DiffServ class must be
deleted and recreated. This command may be used without specifying a class type to enter
the Class-Map Config mode for an existing DiffServ class.

Note: The CLI mode is changed to Class-Map Config when this command is successfully
executed.

Command Mode
Global Config

5.12.2.2 no class-map

This command eliminates an existing DiffServ class.

Syntax

no class-map