Making filters by using qos class-maps – Allied Telesis x908 User Manual
Page 8
Page 8 | AlliedWare Plus™ OS How To Note
Making filters by using QoS class-maps
Making filters by using QoS class-maps
QoS class-maps allow you to match on a much wider range of packet attributes than ACLs by
themselves. They do this by determining the match criteria from an ACL, or from match
commands, or from both in combination. Also, they use an ACL to decide what action to
take on a packet, unless you want the default action of permit.
The following figure summarises the class-map logic flow. Note that a class-map with no
match commands (including no ACL match) matches on all traffic and forwards it. You could
use such a class-map to apply QoS policing to a port, but would not be likely to use it when
filtering.
Therefore, the basic procedure for using a class-map as a filter is:
1.
Make an ACL to match on MAC address or IP settings, and to specify the action that QoS
will take on traffic that matches the class-map.
You need an ACL to specify the action—unless the action is permit—even if you don’t
want to match on MAC address or IP settings. In that case, make an ACL with the desired
action and with both source and destination address of any. For example, if you want to
deny traffic from one VLAN ID, you need an ACL with action of deny and addresses of
any.
2.
Create the class-map (see
Get criteria by
ANDing together
other match
commands
Match all
packets
Apply default action
(permit)
Instead
match on other
things?
Get criteria by
ANDing together
ACL and other
match commands
Get criteria by
using ACL settings
Apply action from ACL
(permit, deny, send-to-mirror,
send-to-cpu, copy-to-cpu)
Also
match on other
things?
Match
on ACL?
Start
yes
yes
yes
no
no
no
qos-match.eps