Re: Problem on QoS marking based on MAC ACL on 3750

From: ccie2be (ccie2be@nyc.rr.com)
Date: Thu Nov 18 2004 - 18:44:27 GMT-3

• Next message: Raymond: "Re: Problem on QoS marking based on MAC ACL on 3750"
• Previous message: Bob Sinclair: "Re: Problem on QoS marking based on MAC ACL on 3750"
• Maybe in reply to: Raymond: "Problem on QoS marking based on MAC ACL on 3750"
• Next in thread: Raymond: "Re: Problem on QoS marking based on MAC ACL on 3750"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Bob,

I don't know for sure, but I remember learning that mac acl's (at least on
the 3550) only filter non-ip packets, but assuming that's true, there's
something that never made much sense to me about that.

If acl is filtering on mac addresses, how would it even know what layer 3
protocol is carried inside the packet. It seems to me that once the mac
address was matched, processing would end right there and nothing else
inside the layer 3 headers would matter.

What are your thoughts about that?

TIA, Tim
----- Original Message -----
From: "Bob Sinclair" <bsinclair@netmasterclass.net>
To: "Raymond" <maksir919@yahoo.com>; <ccielab@groupstudy.com>
Sent: Thursday, November 18, 2004 4:26 PM
Subject: Re: Problem on QoS marking based on MAC ACL on 3750

> Raymond,
>
> Double-check me on this, but I think the mac access-list only matches on
> non-ip traffic.
>
> Bob Sinclair
> CCIE #10427, CCSI 30427, CISSP
> www.netmasterclass.net
>
> ----- Original Message -----
> From: "Raymond" <maksir919@yahoo.com>
> To: <ccielab@groupstudy.com>
> Sent: Thursday, November 18, 2004 10:08 AM
> Subject: Problem on QoS marking based on MAC ACL on 3750
>
>
> > Dear All,
> >
> > I use the following configuration. I cannot mark the packet based on the
> > mac
> > acl, but I can succeed to mark the packet based on IP and TCP ports.
> > I use smartbit to generate the traffic and sniffer to capture the
packet.
> > What is the problem on the configuration of mac acl? or did I miss
> > anything?
> >
> > Thanks you for your help
> >
> > Regards,
> > mak
> >
> > mac access-list extended mac1
> > permit host 0000.0000.0010 any
> > mac access-list extended mac2
> > permit any host 0000.0000.0011
> >
> > mls qos
> >
> > class-map match-all ip1
> > match access-group 101
> > class-map match-all ip2
> > match access-group 102
> > class-map match-all mac2
> > match access-group name mac2
> > class-map match-all mac1
> > match access-group name mac1
> > class-map match-all tcp2
> > match access-group 104
> > class-map match-all tcp1
> > match access-group 103
> >
> > policy-map QoSMark
> > class mac1
> > set ip precedence 1
> > class mac2
> > set ip precedence 1
> > class ip1
> > set ip precedence 2
> > class ip2
> > set ip precedence 2
> > class tcp1
> > set ip precedence 5
> > class tcp2
> > set ip precedence 5
> >
> > interface GigabitEthernet0/2
> > service-policy input QoSMark
> >
> > _________________________________________________________
> > %21~'^!B6<:q!B$p,P,P...
> > .v:)9aAn 1!$_3sC4
> > http://us.rd.yahoo.com/evt=22281/*http://ringtone.yahoo.com.hk/
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Raymond: "Re: Problem on QoS marking based on MAC ACL on 3750"
• Previous message: Bob Sinclair: "Re: Problem on QoS marking based on MAC ACL on 3750"
• Maybe in reply to: Raymond: "Problem on QoS marking based on MAC ACL on 3750"
• Next in thread: Raymond: "Re: Problem on QoS marking based on MAC ACL on 3750"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:47 GMT-3