Practical Skills: how to properly apply the ACL Access Control List

Welcome to the network technology community forum and interact with 2 million technical staff to access the access control list to implement QoS for some important services and special applications. bandwidth must be guaranteed during use, when not in use, the bandwidth can be sent out to other applications, which can be achieved by setting the access control list and packet dyeing technology as follows. 1. Set the following access control list ac

Welcome to the network technology community forum, and interact with 2 million technical staff> go to the access control list to implement QoS for some important services and special applications. Ensure bandwidth when using it, when not in use, the bandwidth can be sent out to other applications, which can be achieved by setting the access control list and packet dyeing technology as follows. 1. Set the following access control list ac

Welcome to the network technology community forum and interact with 2 million technical staff> enter

Implement QoS using the access control list

For some important services and special applications, the bandwidth must be guaranteed during use. when not in use, the bandwidth can be sent out to other applications. You can use the following access control lists and packet dyeing techniques to achieve this.

1. Set the following access control list

Access-list 102 permit ip Network Segment 1 ip subnet mask host server 1IPaccess-list 103 permit ip Network Segment 2 ip subnet mask host server 2IPaccess-list 104 permit ip network segment 3IP subnet mask host server 3IP

2. Packet dyeing mark

class-map match-all Critical-1 match ip dscp 34 class-map match-all Critical-2 match ip dscp 26class-map match-all Critical-3 match ip dscp 35

3. Packet dyeing Classification

Class-map match-any Critical-1 match access-group 102/* match access Control List 102 */class-map match-any Critical-2 match access-group 103/* match access Control List 103 */class-map match-any Critical-3 match access-group 104/* match access Control List 104 */

4. Policy Definition

Policy-map AAclass Critical-1 bandwidth percent 10/* defines the guaranteed bandwidth as 10% of the basic bandwidth */random-detect dscp-based/* defines the packet discard policy for router bandwidth congestion * /random-detect dscp 34 24 40 10/* defines the minimum packet loss rate/Maximum packet loss rate/discard probability of the DSCP = 34 packet in case of congestion: 24/40/10 */class Critical-2 bandwidth percent 5 random-detect dscp-based random-detect dscp 26 24 40 10 classs Critical-3 bandwidth percent 2 random-detect dscp-based random -detect dscp 35 24 40 10

5. apply policies on the corresponding vro ports

interface Serial0/0service-policy output AA

After the preceding settings, the service bandwidth that meets the access control list 102 on the port Serial0/0 is 10% of the basic bandwidth, the Business Guarantee bandwidth that meets the access control list 103 is 5% of the basic bandwidth, and the Business Guarantee bandwidth that complies with the access control list 104 is 2% of the basic bandwidth.

[1] [2]