Alcatel-Lucent omnistack 6300 Guía Del Usuario
♦ ACL-CoS is configured on an interface basis. Only one IP ACL and/or one MAC ACL per port.
Interoperability with OmniSwitch 6624/6648 7700/7800 8800
ACL-CoSs are fully compliant with the “priority policies” configured on the OmniSwitches.
They both give priority on a packet flow basis by using an ACL or a “policy condition” to specify the packet flow.
However, an ACL-CoS is always attached to an interface whereas a “priority policy” is chassis wide.
OmniSwitch 6300 does not need a “qos apply” (that flushes the mac and arp tables) after creating a new ACL.
ACLs are enforced to a dedicated filtering hardware that does not interact with “source learning”.
ACLs always work at “wire speed”, there is no software processing at all.
They both give priority on a packet flow basis by using an ACL or a “policy condition” to specify the packet flow.
However, an ACL-CoS is always attached to an interface whereas a “priority policy” is chassis wide.
OmniSwitch 6300 does not need a “qos apply” (that flushes the mac and arp tables) after creating a new ACL.
ACLs are enforced to a dedicated filtering hardware that does not interact with “source learning”.
ACLs always work at “wire speed”, there is no software processing at all.
4. ACL Marker: 802.1p, ToS, Dscp stamping
The previous chapters explained how a packet is getting prioritized using the CoS.
With CoS priority, egress packets are never modified; only the queuing differs with the different configurations.
To modify the 802.1p, IP Precedence or IP DSCP value on the egress packets, the switch uses a feature called
“ACL Marker”.
The feature allows the stamping of a specific 802.1p, IP precedence or IP dscp value to a packet matching an
ACL.
With MAC ACL you can only set the priority (802.1p value)
With IP ACL, you can set:
With CoS priority, egress packets are never modified; only the queuing differs with the different configurations.
To modify the 802.1p, IP Precedence or IP DSCP value on the egress packets, the switch uses a feature called
“ACL Marker”.
The feature allows the stamping of a specific 802.1p, IP precedence or IP dscp value to a packet matching an
ACL.
With MAC ACL you can only set the priority (802.1p value)
With IP ACL, you can set:
♦ Priority (802.1p value)
♦ Precedence (TOS value 0-7)
♦ Dscp (value 0-63)
♦ Priority and precedence
♦ Priority and dscp
The ACL marker will always stamp the required value in the egress packet.
However, the stamping will also modify the priority of the packet.
As explained before, the priority is always mapped to a CoS value.
There are 3 CoS modes on incoming packets:
However, the stamping will also modify the priority of the packet.
As explained before, the priority is always mapped to a CoS value.
There are 3 CoS modes on incoming packets:
♦ 802.1p value from packet of interface default priority (default mode)
♦ IP precedence if switch is configured with “map ip precedence”
♦ IP dscp if switch is configured with “map ip dscp”
With ACL marker, if the stamped value type (802.1p, IP precedence or IP dscp) corresponds to the CoS mode,
the stamped value will change the CoS value and therefore the priority queue
Example
The switch uses the default CoS mode. (switch takes CoS from 802.1p seen on incoming packets)
Tagged packets are sent to interface 1/1.
We configure an IP ACL and a MAC ACL to stamp 802.1p, IP Precedence or IP dscp.
You have the choice between 2 IP ACL Markers
Tagged packets are sent to interface 1/1.
We configure an IP ACL and a MAC ACL to stamp 802.1p, IP Precedence or IP dscp.
You have the choice between 2 IP ACL Markers
♦ (1): to stamp “802.1p and IP precedence”
♦ (2): to stamp “802.1p and ip dscp”.
Then we sniff the egress packets to verify the stamping was correctly made.
Console(config)# access-list ip standard FROM_IP_3
Console(config-std-acl)# permit host 2.0.0.3
Console(config-std-acl)# exit
Console(config)# access-list mac FROM_MAC_3
Console(config-mac-acl)# permit host 00-00-00-00-00-03 any
Console(config-mac-acl)#exit
Console(config)# access-list ip mask-precedence in
Console(config-ip-mask-acl)#mask host
Console(config-ip-mask-acl)#exit
Then we sniff the egress packets to verify the stamping was correctly made.
Console(config)# access-list ip standard FROM_IP_3
Console(config-std-acl)# permit host 2.0.0.3
Console(config-std-acl)# exit
Console(config)# access-list mac FROM_MAC_3
Console(config-mac-acl)# permit host 00-00-00-00-00-03 any
Console(config-mac-acl)#exit
Console(config)# access-list ip mask-precedence in
Console(config-ip-mask-acl)#mask host
Console(config-ip-mask-acl)#exit