cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
504
Views
0
Helpful
2
Replies
Highlighted
Beginner

Question about ACL building for QoS or Policing

Hi,

I would like to apply policing on a C3750 interface, for all trafic matching 10.0.0.0 / 8, except for subnet 10.0.0.0 / 24.

I plan to apply the following configuration, with an ACL that denies 10.0.0.0 / 24 then accept 10.0.0.0 / 8.

I quite sure of the answer but need a confirmation about the following configuration correct ? (10.0.0.0 / 24 will be not blocked, and no policing will be apply on it?)

ip access-list extended TEST

deny tcp 10.0.0.0 0.0.0.255 any eq 5000

permit tcp any 10.0.0.0 0.255.255.255 any eq 5000

!

class-map TEST

match access-group name TEST

!

policy-map TEST

class TEST

police 100000

!

interface f0/1

service-policy input TEST

Thanks by advance

P.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Hall of Fame Master

Hello Paris,

your understanding is correct

10.0.0.0/24 will not be blocked (because the ACL is not applied at interface level)  and will not be policed because it is not part of traffic class TEST

Hope to help

Giuseppe

View solution in original post

2 REPLIES 2
Highlighted
Hall of Fame Master

Hello Paris,

your understanding is correct

10.0.0.0/24 will not be blocked (because the ACL is not applied at interface level)  and will not be policed because it is not part of traffic class TEST

Hope to help

Giuseppe

View solution in original post

Highlighted

Hi Giuseppe.

ok, thanks

P

Content for Community-Ad