Extreme Networks

Create Date: Jun 28 2012 12:55PM

Hey Tyler

There are two types of access-lists in XOS dynamic and static. Static ACLs require a policy file that has the entries for the type of traffic you want to look at. Static ACLs will exist after a reboot dynamic will not and are usually done as part of a script where you want to affect traffic based on a network event.

In this case I think what you want is a static script. The policy file can be created on the switch using vi (if you are comfortable with vi) or created in a txt editor and TFTPed to the switch.

You are correct that you first need to create a qosprofile.

Create qosprofile qp2 (this adds the queue on all ports)

Here's how the policy would be built. Please look in the concepts guide for all of the options for the match and action modifiers.

entry allow_tcp_2000_source {
if {
protocol tcp;
source-port 2000;
} then {
permit;
count tcp_2000_1;
qosprofile qp2;
}
}
entry allow_tcp_2000_dest {
if {
protocol tcp;
destination-port 2000;
} then {
permit;
count tcp_2000_2;
qosprofile qp2;
}
}

You can see if these ACLs are working by doing a show access-list counters in addition you can look on a port level at the qosmonitor using the show port 1 qosm

Let me know if this helps.

P (from Paul_Russo)