Switch 7700 Configuration Guide
QoS Overview 147
server of the Financial Dept. is accessed through Ethernet1/0/1 (at 129.110.1.2).
The ACL must be properly configured to prevent departments other than the
Office of President from having access to the payment query server between 8:00
AM and 6:00 PM. The Office of President (at 129.111.1.2) can access the server
without limitation.
Figure 1 Access Control Configuration Example
Note: In the following configuration steps, only the commands related to ACL
configurations are listed.
Define the work time range:
1 Set the time range from 8:00 to 18:00.
[SW7700] time-range 3com 8:00 to 18:00
Define the ACL to access the payment server:
1 Enter the name of the advanced ACL.
[SW7700] acl name traffic-of-payserver advanced match-order config
2 Set the rules for other department to access the payment server.
[SW7700-acl-adv-traffic-of-payserver] rule 1 deny ip source any
destination 129.110.1.2 0.0.0.0 time-range 3com
3 Set the rules for the Office of President to access the payment server.
[SW7700-acl-adv-traffic-of-payserver] rule 2 permit ip source
129.111.1.2 0.0.0.0 destination 129.110.1.2 0.0.0.0
Activate ACL:
1 Activate the traffic-of-payserver ACL .
[SW7700-Ethernet1/0/1] packet-filter inbound ip-group
traffic-of-payserver
QoS Overview In a traditional IP network, all packets are treated equally without priority
difference. Every switch or router handles the packets following the first in, first
#3
#4
#1
#2
Switch
Office of President
129.111.1.2
Pay query server
129.110.1.2
Administration Department
subnet address
10.120.0.0
Connected to
a router
Financial Department
subnet address
10.110.0.0