1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FSM7328S
    5. /
  5. 54
Page 266 / 400 Scroll up to view Page 261 - 265
User Manual for the NETGEAR 7300S Series Layer 3 Managed Switch Software
11-4
Quality of Service (QoS) Commands
202-10088-01, March 2005
no mac access-group <name> {in|out}
This command removes a MAC ACL identified by <name> from the interface in a given direction.
Format
no mac access-list <name> {in|out}
Mode
Global Config or Interface Config
show mac access-list <name>
This command displays a MAC access list and all of the rules that are defined for the ACL.
The
<name> parameter is used to identify a specific MAC ACL to display.
Format
show mac access-list <name>
Mode
Privileged EXEC
Rule Number
The ordered rule number identifier defined within the ACL.
Action
Displays the action associated with each rule.
The possible val-
ues are Permit or Deny.
Source MAC Address
Displays the source MAC address for this rule.
Source MAC Mask
Displays the source MAC mask for this rule.
Destination MAC Address
Displays the destination MAC address for this rule.
Destination MAC Mask
Displays the destination MAC mask for this rule.
Ethertype
Displays the Ethertype keyword or custom value for this rule.
VLAN ID
Displays the VLAN identifier value or range for this rule.
COS
Displays the COS (802.1p) value for this rule.
Secondary VLAN ID
Displays the Secondary VLAN identifier value or range for this
rule.
Secondary COS
Displays the Secondary COS (802.1p) value for this rule.
Assign Queue
Displays the queue identifier to which packets matching this rule
are assigned.
Redirect Interface
Displays the slot/port to which packets matching this rule are for-
warded.
show mac access-lists
This command displays a summary of all defined MAC access lists in the system.
Format
show mac access-lists
Mode
Privileged EXEC
Name
The name of the MAC access list.
Number of Rules
The number of user-configured rules defined for this ACL.
Page 267 / 400
User Manual for the NETGEAR 7300S Series Layer 3 Managed Switch Software
Quality of Service (QoS) Commands
11-5
202-10088-01, March 2005
Note:
This does not include the implicit 'deny all' rule defined at the end of every MAC ACL.
Interfaces
Displays the list of interfaces (slot/port) to which this MAC ACL
is attached in a given direction.
Direction
Denotes the direction in which this MAC ACL is attached to the
set of interfaces listed.
The possible values are Inbound or Out-
bound.
access-list
This command creates an Access Control List (ACL) that is identified by the parameter
<
accesslistnumber>.
The ACL number is an integer from 1 to 199. The range 1 to 99 is for
normal ACL List and 100 to 199 is extended ACL List. The ACL rule is created with the option of
permit or deny
. The protocol to filter for an ACL rule is specified by giving the protocol to be
used like
cmp,igmp,ip,tcp,udp.
The command specifies a source ipaddress and source mask for
match condition of the ACL rule specified by the
srcip
and
srcmask
parameters.The source layer 4
port match condition for the ACL rule are specified by the
port value
parameter.The <
startport>
and
<endport>
parameters identify the first and last ports that are part of the port range. They
have values from 0 to 65535. The ending port must have a value equal or greater than the starting
port. The starting port, ending port, and all ports in between will be part of the destination port
range.The <
portvalue>
parameter uses a single keyword notation and currently has the values of
domain, echo, ftp, ftpdata, http, smtp, snmp, telnet, tftp
, and
www
. Each of these
values translates into its equivalent port number, which is used as both the start and end of a port
range. The command specifies a destination ipaddress and destination mask for match condition of
the ACL rule specified by the
dstip
and
dstmask
parameters.The command specifies the TOS for
an ACL rule depending on a match of precedence or DSCP values using the parameters
tos,
tosmask ,dscp
.
Default
none
Format
access-list {( <1-99> {deny | permit} <srcip> <src-
mask>) | ({<100-199> {deny | permit} {evry | {{icmp |
igmp | ip | tcp | udp | <number>} <srcip> <srcmask>
[{eq {<portkey> | <portvalue>}| range <startport>
<endport>}] <dstip> <dstmask> [{eq {<portkey> |
<portvalue>} | range <startport> <endport>}] [prece-
dence <precedence> | tos <tos> <tosmask> | dscp
<dscp>] [assign-queue <queue-id>] [redirect <slot/
port>]}})}
Mode
Global Config
Page 268 / 400
User Manual for the NETGEAR 7300S Series Layer 3 Managed Switch Software
11-6
Quality of Service (QoS) Commands
202-10088-01, March 2005
no access-list
This command deletes an ACL that is identified by the parameter <
accesslistnumber>
from the
system
.
Format
no access-list
<accesslistnumber>
Mode
Global Config
ip access-group
This command attach a specified access-control list to an interface.
Default
none
Format
ip access-group
<accesslistnumber> <in | out>
Mode
Interface Config
ip access-group all
This command attach a specified access-control list to all interfaces.
Default
none
Format
ip access-group all
<accesslistnumber> <in | out>
Mode
Global Config
show ip access-lists
This command displays an Access Control List (ACL) and all of the rules that are defined for the
ACL. The <
accesslistnumber>
is the number used to identify the ACL.
Format
show ip access-lists
<accesslistnumber>
Mode
Privileged EXEC and User EXEC
Rule Number
This displays the number identifier for each rule that is defined
for the ACL.
Action
This displays the action associated with each rule. The possible
values are Permit or Deny.
Protocol
This displays the protocol to filter for this rule.
Source IP Address
This displays the source IP address for this rule.
Page 269 / 400
User Manual for the NETGEAR 7300S Series Layer 3 Managed Switch Software
Quality of Service (QoS) Commands
11-7
202-10088-01, March 2005
Source IP Mask
This field displays the source IP Mask for this rule.
Source Ports
This field displays the source port range for this rule.
Destination IP Address
This displays the destination IP address for this rule.
Destination IP Mask
This field displays the destination IP Mask for this rule.
Destination Ports
This field displays the destination port range for this rule.
Service Type Field Match
This field indicates whether an IP DSCP, IP Precedence, or IP
TOS match condition is specified for this rule.
Service Type Field Value
This field indicates the value specified for the Service Type
Field Match (IP DSCP, IP Precedence, or IP TOS).
Differentiated Services (DiffServ) Commands
This chapter contains the CLI commands used for the QOS Differentiated Services (DiffServ)
package.
The user configures DiffServ in several stages by specifying:
1.
Class
±
creating and deleting classes
±
defining match criteria for a class. Note: The only way to remove an individual
match criterion from an existing class definition is to delete the class and re-cre-
ate it.
2.
Policy
±
creating and deleting policies
±
associating classes with a policy
±
defining policy statements for a policy/class combination
3.
Service
±
adding and removing a policy to/from a directional (i.e., inbound, outbound)
interface
Packets are filtered and processed based on defined criteria.
The filtering criteria is defined by a
class.
The processing is defined by a policy's attributes.
Policy attributes may be defined on a per-
class instance basis, and it is these attributes that are applied when a match occurs.
Packet processing begins by testing the match criteria for a packet. A policy is applied to a packet
when a class match within that policy is found.
Page 270 / 400
User Manual for the NETGEAR 7300S Series Layer 3 Managed Switch Software
11-8
Quality of Service (QoS) Commands
202-10088-01, March 2005
Note that the type of class - all, any, or acl - has a bearing on the validity of match criteria specified
when defining the class. A class type of 'any' processes its match rules in an ordered sequence;
additional rules specified for such a class simply extend this list. A class type of ‘acl’ obtains its
rule list by interpreting each ACL rule definition at the time the Diffserv class is created.
Differences arise when specifying match criteria for a class type 'all', since only one value for each
non-excluded match field is allowed within a class definition. If a field is already specified for a
class, all subsequent attempts to specify the same field fail, including the cases where a field can
be specified multiple ways through alternative formats. The exception to this is when the 'exclude'
option is specified, in which case this restriction does not apply to the excluded fields.
The following class restrictions are imposed by the DiffServ design:
nested class support limited to:
±
'any' within 'any'
±
'all' within 'all'
±
no nested 'not' conditions
±
no nested 'acl' class types
±
each class contains at most one referenced class
hierarchical service policies not supported in a class definition
access list matched by reference only, and must be sole criterion in a class
±
i.e., ACL rules copied as class match criteria at time of class creation, with class
type 'any'
±
implicit ACL 'deny all' rule also copied
±
no nesting of class type 'acl'
Regarding nested classes, referred to here as class references, a given class definition can contain
at most one reference to another class, which can be combined with other match criteria. The
referenced class is truly a reference and not a copy, since additions to a referenced class affect all
classes that reference it. Changes to any class definition currently referenced by any other class
must result in valid class definitions for all derived classes otherwise the change is rejected. A
class reference may be removed from a class definition.
The user can display summary and detailed information for classes, policies and services. All
configuration information is accessible via the CLI, Web, and SNMP user interfaces.
diffserv
This command sets the DiffServ operational mode to active. While disabled, the DiffServ
configuration is retained and can be changed, but it is not activated. When enabled, Diffserv
services are activated.

Rate

4.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top