Specifications
xStack DGS-3400 Series Layer 2 Gigabit Managed Switch CLI Manual
config access_profile (IP)
• rst: TCP control flag (reset)
• syn: TCP control flag (synchronize)
• protocol_id <value 0-255> − Specifies that the Switch will examine the Protocol
field in each packet and if this field contains the value entered here, apply the
appropriate rules.
deny – Specifies that packets that do not match the access profile are not permitted to be
forwarded by the Switch and will be filtered.
• fin: TCP control flag (finish)
• udp − Specifies that the Switch will examine the Universal Datagram Protocol
(UDP) field in each packet.
• src_port <value 0-65535> − Specifies that the access profile will apply only to
packets that have this UDP source port in their header.
• dst_port <value 0-65535> − Specifies that the access profile will apply only to
packets that have this UDP destination port in their header.
• user_define <hex 0x0-0xffffffff> − Enter a hexadecimal value that will identify the
protocol to be discovered in the packet header.
port <portlist> | all - The access profile for IP may be defined for each port on the Switch.
The port list is specified by listing the lowest switch number and the beginning port
number on that switch, separated by a colon. Then the highest switch number, and the
highest port number of the range (also separated by a colon) are specified. The
beginning and end of the port list range are separated by a dash. For example, 1:3
specifies switch number 1, port 3. 2:4 specifies switch number 2, port 4. 1:3-2:4 specifies
all of the ports between switch 1, port 3 and switch 2, port 4 − in numerical order. Up to
128 rules may be configured for each port. Selecting all will configure this rule for all
ports on the Switch. Non-contiguous portlist entries are separated by a comma. (ex: 1:1-
1:3,1:7-1:9)
permit – Specifies that packets that match the access profile are permitted to be
forwarded by the Switch.
replace_dscp <value 0-63> − Allows you to specify a value to be written to the DSCP
field of an incoming packet that meets the criteria specified in the first part of the
command. This value will over-write the value in the DSCP field of the packet.
rx_rate - Use this to limit Rx bandwidth for the profile being configured. This rate is
implemented using the following equation – 1 value = 64kbit/sec. (ex. If the user selects a
rx rate of 10 then the ingress rate is 640kbit/sec.) The user many select a value between
1- 156249 or no limit. The default setting is no limit.
{time_range <range_name 32>} – Choose this parameter and enter the name of the
Time Range settings that has been previously configured using the config time_range
command. This will set specific times when this access rule will be enabled or disabled
on the Switch.
delete access_id <value 1-128> − Use this command to delete a specific rule from the IP
profile. Up to 128 rules may be specified for the IP access profile.
Restrictions Only administrator-level users can issue this command.
• priority <value 0-7> − This parameter is specified if you want to re-write the 802.1p
default priority previously set in the Switch, which is used to determine the CoS
queue to which packets are forwarded to. Once this field is specified, packets
accepted by the Switch that match this priority are forwarded to the CoS queue
specified previously by the user.
• {replace_priority} − Enter this parameter if you want to re-write the 802.1p default
priority of a packet to the value entered in the Priority field, which meets the criteria
specified previously in this command, before forwarding it on to the specified CoS
queue. Otherwise, a packet will have its incoming 802.1p user priority re-written to
its original value before being forwarded by the Switch.
Example usage:
To configure a rule for the IP access profile:
190