policy

Syntax

policy[] class {ip|ipv6|mac}  action {||} [{||}] [] comment ...

Description

Creates or modifies classifier policy and policy entries. A policy is made up of one or more policy entries ordered and prioritized by sequence numbers. Each entry has an IPv4/IPv6/MAC class and zero or more policy actions associated with it.

A policy must be applied using theapplycommand.

Thenoform of the command can be used to delete either a policy (usenowith the policy command) or an individual policy entry (usenowith the sequence number).

Command context

config

Thepolicycommand takes you into theconfig-policycontext where you enter the policy entries.

Parameters

Specifies the name of the policy.

Specifies a sequence number for the policy entry. Optional. Range: 1 to 4294967295.

comment

Stores the remaining entered text as a policy entry comment.

class {ip|ipv6|mac}

Specifies a type of class,ipfor IPv4,ipv6for IPv6 andmacfor a MAC policy. And specifies a class name.

Remark actions can be any of the following options:{pcp| ip-precedence| dscp| local-priority< LOCAL-PRIORITY-VALUE >}where:

pcp

Specifies Priority Code Point (PCP) value. Range: 0 to 7.

ip-precedence

Specifies the numeric IP precedence value. Range: 0 to 7.

dscp

指定一个差异化的服务代码点(DSCP) value. Enter either a numeric value (0 to 63) or a keyword as follows:

  • AF11- DSCP 10 (Assured Forwarding Class 1, low drop probability)

  • AF12- DSCP 12 (Assured Forwarding Class 1, medium drop probability)

  • AF13- DSCP 14 (Assured Forwarding Class 1, high drop probability)

  • AF21- DSCP 18 (Assured Forwarding Class 2, low drop probability)

  • AF22- DSCP 20 (Assured Forwarding Class 2, medium drop probability)

  • AF23- DSCP 22 (Assured Forwarding Class 2, high drop probability)

  • AF31- DSCP 26 (Assured Forwarding Class 3, low drop probability)

  • AF32- DSCP 28 (Assured Forwarding Class 3, medium drop probability)

  • AF33- DSCP 30 (Assured Forwarding Class 3, high drop probability)

  • AF41- DSCP 34 (Assured Forwarding Class 4, low drop probability)

  • AF42- DSCP 36 (Assured Forwarding Class 4, medium drop probability)

  • AF43- DSCP 38 (Assured Forwarding Class 4, high drop probability)

  • CS0- DSCP 0(0类选择器:Default)

  • CS1- DSCP 8 (Class Selector 1: Scavenger)

  • CS2- DSCP 16 (Class Selector 2: OAM)

  • CS3- DSCP 24 (Class Selector 3: Signaling)

  • CS4- DSCP 32 (Class Selector 4: Real time)

  • CS5- DSCP 40 (Class Selector 5: Broadcast video)

  • CS6- DSCP 48 (Class Selector 6: Network control)

  • CS7- DSCP 56 (Class Selector 7)

  • EF- DSCP 46 (Expedited Forwarding)

local-priority< LOCAL-PRIORITY-VALUE >

Specifies a local priority value. Range: 0 to 7.

Police actions can be the following{circbsexceed}where:

cir kbps

Specifies a Committed Information Rate value in Kilobits per second. Range: 1 to 4294967295.

cbs

Specifies a Committed Burst Size value in bytes. Range: 1 to 4294967295.

exceed

Specifies action to take on packets that exceed the rate limit.

Other actions can be the following:

drop

Specifies drop traffic.

Authority

Administrators or local user group members with execution rights for this command.

Usage

  • An applied policy will process a packet sequentially against policy entries in the list until the last policy entry in the list has been evaluated or the packet matches an entry.

  • Entering an existingvalue will cause the existing policy to be modified, with any newvalue creating an additional policy entry, and any existingvalue replacing the existing policy entry with the same sequence number.

  • If no sequence number is specified, a new policy entry will be appended to the end of the entry list with a sequence number equal to the highest policy entry currently in the list plus 10.

Examples

Creating a policy with several entries:

switch(config)#policy MY_POLICYswitch(config-policy)#10 class ipv6 MY_CLASS1 action dscp af21 action dropswitch(config-policy)#20 class ip MY_CLASS3 action mirror 1switch(config-policy)#exitswitch(config)#do show policyName Sequence Comment Class Type action ------------------------------------------------------------------------------- MY_POLICY 10 MY_CLASS1 ipv6 drop dscp AF21 20 MY_CLASS3 ipv4 mirror 1

Adding a comment to an existing policy entry:

switch(config)#policy MY_POLICYswitch(config-policy)#20 comment MY_TEST_POLICYswitch(config-policy)#exitswitch(config)#do show policyName Sequence Comment Class Type action ------------------------------------------------------------------------------- MY_POLICY 10 MY_CLASS1 ipv6 drop dscp AF21 20 MY_TEST_POLICY MY_CLASS3 ipv4 mirror 1

Removing a comment from an existing policy entry:

switch(config)#policy MY_POLICYswitch(config-policy)#no 20 commentswitch(config-policy)#exitswitch(config)#do show policyName Sequence Comment Class Type action ------------------------------------------------------------------------------- MY_POLICY 10 MY_CLASS1 ipv6 drop dscp AF21 20 MY_CLASS3 ipv4 mirror 1

Adding/Replacing a policy entry in an existing policy:

switch(config)#policy MY_POLICYswitch(config-policy)#10 class ip MY_CLASS3 action drop action dscp af21switch(config-policy)#exitswitch(config)#do show policyName Sequence Comment Class Type action ------------------------------------------------------------------------------- MY_POLICY 10 MY_CLASS3 ipv4 drop dscp AF21 20 MY_CLASS3 ipv4 mirror 1

Removing a policy entry:

switch(config)#policy MY_POLICYswitch(config-policy)#no 10switch(config-policy)#exitswitch(config)#do show policyName Sequence Comment Class Type action ------------------------------------------------------------------------------- MY_POLICY 20 MY_CLASS3 ipv4 mirror 1

Removing a policy:

switch(config)#no policy MY_POLICYswitch(config)#do show policyName Sequence Comment Class Type action ------------------------------------------------------------------------------- MY_POLICY2 2 MY_CLASS3 ipv4 mirror 1