Alcatel-Lucent 6850-48 Network Guide
Configuring Access Guardian
Configuring User Network Profiles
OmniSwitch AOS Release 6 Network Configuration Guide
September 2009
page 34-41
Note the following guidelines when configuring QoS policy rules and lists:
• A default policy list exists in the switch configuration. Rules are added to this list when the rule is
created. A rule can belong to multiple policy lists. As a result, the rule remains a member a of the
default list even when it is subsequently assigned to additional lists.
default list even when it is subsequently assigned to additional lists.
• Each time a rule is assigned to a policy list, an instance of that rule is created. Each instance is allo-
cated system resources. To exclude a rule from the default policy list, use the no default-list option of
the
the
command when the rule is created. For example:
-> policy rule r1 condition c1 action a1 no default-list
• Up to 13 policy lists (including the default list) are supported per switch. Only one policy list per UNP
is allowed, but a policy list can be associated with multiple profiles.
• If a rule is a member of multiple policy lists but one or more of these lists are disabled, the rule is still
active for those lists that are enabled.
• If the QoS status of an individual rule is disabled, then the rule is disabled for all policy lists, even if a
list to which the policy belongs is enabled.
• Policy lists are not active on the switch until the qos apply command is issued.
Use the
command to display the QoS policy rule configuration for the switch.
Configuring User Network Profile Mobile Rules
The Group Mobility device classification policy option uses both VLAN mobile rules and UNP mobile
rules to classify user devices. VLAN rules dynamically assign users into VLANs. UNP rules specify a
user profile that is applied to the user device. The profile determines the VLAN assignment for the device.
rules to classify user devices. VLAN rules dynamically assign users into VLANs. UNP rules specify a
user profile that is applied to the user device. The profile determines the VLAN assignment for the device.
Note that UNP mobile rules take precedence over VLAN rules. For information about how to configure
VLAN rules, see
VLAN rules, see
For more information about user profiles, see
There are three types of UNP mobile rules available: MAC address, MAC address range, and IP network
address rules. To configure a UNP MAC address rule, use the
address rules. To configure a UNP MAC address rule, use the
command. For example, the following command applies the “accounting” profile to a device with the
specified source MAC address:
specified source MAC address:
-> aaa classification-rule mac-address 00:00:2a:33:44:01 user-network-profile
name accounting
To configure a UNP MAC address range rule, use the
command. For example, the following command applies the “accounting” profile to a device with a source
MAC address that falls within the specified range of MAC addresses:
MAC address that falls within the specified range of MAC addresses:
-> aaa classification-rule mac-address-range 00:00:2a:33:44:01 00:00:2a:33:44:10
user-network-profile name accounting
To configure a UNP IP address rule, use the
command. For example,
the following command applies the “accounting” profile to a device with the specified source IP address:
-> aaa classification-rule ip-address 10.1.1.1 user-network-profile name
accounting
Use the
command to verify the UNP mobile rule configuration for the
switch. For more information about UNP rules, see