R0106-HP MSR Router Series ACL and QoS Configuration Guide(V7)
65
Configuration example
Network requirements
As shown in Figure 19, configure traffic filtering on GigabitEthernet 2/1/0 to deny the incoming packets
with a source port number other than 21.
Figure 19 Network diagram
Configuration procedure
# Create advanced ACL 3000, and configure a rule to match packets whose source port number is not
21.
<Router> system-view
[Router] acl number 3000
[Router-acl-adv-3000] rule 0 permit tcp source-port neq 21
[Router-acl-adv-3000] quit
# Create a traffic class named classifier_1, and use ACL 3000 as the match criterion in the traffic class.
[Router] traffic classifier classifier_1
[Router-classifier-classifier_1] if-match acl 3000
[Router-classifier-classifier_1] quit
# Create a traffic behavior named behavior_1, and configure the traffic filtering action to drop packets.
[Router] traffic behavior behavior_1
[Router-behavior-behavior_1] filter deny
[Router-behavior-behavior_1] quit
# Create a QoS policy named policy, and associate traffic class classifier_1 with traffic behavior
behavior_1 in the QoS policy.
[Router] qos policy policy
[Router-qospolicy-policy] classifier classifier_1 behavior behavior_1
[Router-qospolicy-policy] quit
# Apply the QoS policy named policy to the incoming traffic of GigabitEthernet 2/1/0.
[Router] interface gigabitethernet 2/1/0
[Router-GigabitEthernet2/1/0] qos apply policy policy inbound