Use this command to assign incoming untagged frames to a specific policy profile and to VLAN (Virtual LAN) or CoS (Class of Service) classification rules.
| port | Port string. |
| port | Port string - (data: 1; mask: 16). |
| macsource | MAC source address. |
| macsource | MAC source address - (data: a-b-c-d-e-f; mask: 1-48). |
| macdest | MAC destination address. |
| macdest | MAC destination address - (data: a-b-c-d-e-f; mask: 1-48). |
| ip6dest | IPv6 address. |
| ip6dest | IPv6 address (data: aaaa::bbbb; mask 1-128). |
| ipsourcesocket | Source IP address / Source IpSocket (a.b.c.d / a.b.c.d:0-65535). |
| ipsourcesocket | Source IP address (data: a.b.c.d; mask: 1-32). |
| ipdestsocket | Destination IP address / Destination IpSocket (a.b.c.d / a.b.c.d:0-65535).. |
| ipdestsocket | Destination IP address (data: a.b.c.d; mask: 1-32). |
| ipfrag | IP fragmentation flag. |
| tcpdestportIP | TCP port dst with optional post-fix IPv4 address. |
| tcpdestportIP | TCP port dst with optional post-fix IPv4 address - (data: ab[:c.d.e.f]); mask: 1-48. |
| udpdestportIP | UDP port dst with optional post-fix IPv4 address. |
| udpdestportIP | UDP port dst with optional post-fix IPv4 address - (data: ab[:c.d.e.f]); mask: 1-48. |
| tcpsourceportIP | TCP port src with optional post-fix IPv4 address. |
| tcpsourceportIP | TCP port src with optional post-fix IPv4 address - (data: ab[:c.d.e.f]); mask: 1-48. |
| udpsourceportIP | UDP port src with optional post-fix IPv4 address. |
| udpsourceportIP | UDP port src with optional post-fix IPv4 address - (data: ab[:c.d.e.f]); mask: 1-48. |
| ipttl | IP time to live. |
| ipttl | ipttl IP time to live (data: 0-255 or 0x0-0xFF; mask:1-8). |
| iptos | IPv4 type of service / IPv6 traffic class field. |
| iptos | ipproto Protocol field in IP packet - (data: 0-255 or 0x0-0xFF; mask: 1-8). |
| ipproto | Protocol field in IP packet. |
| ipproto | Protocol field in IP packet - (data: 0-255 or 0-0xFF; mask: 1-8). |
| ether | Type field in Ethernet II packet. |
| ether | Type field in Ethernet II packet - (data: 0-65535 or 0x0-0xFFFF; mask: 1-16). |
| icmp6type | Specifies type code in ICMPv6 packet. |
| icmp6type | ICMPv6 type code [(data: 123.456 (dotted-decimal) or AB-CD (dashed-hexadecimal)] mask: 1–16). |
| icmptype | Specifies type code in ICMP packet. |
| icmptype | ICMP type code (data: a.b; mask: 1–16). |
| cos | Class of Service [0-255] or -1 for no CoS or forwarding behavior modification is desired |
| cos | Class of Service [0-255] or -1 for no CoS or forwarding behavior modification is desired. |
Classification rules are automatically enabled when created.
Note
ExtremeSwitching X440-G2 and X620 series switches do not support macsource, macdest, or ip6dest classification rule types. Example:configure policy rule 1 macsource 00-00-00-00-00-01 port-string 3 drop ERROR: Set failed!
Note
The ExtremeSwitching X870 does not support a port-string with the ip6dest classification rule type.configure policy rule 1 ether 1526 dropThis example shows how to create (and enable) a classification rule to associate with policy profile number 5. This rule specifies that UDP frames from source port 45 will be forwarded:
configure policy rule 5 udpsourceportip 45 forward forward
This command was first available in ExtremeXOS 16.1.
ICMP and ICMPv6 rule types added in ExtremeXOS 22.5.
This command is available on the Summit X450-G2, X460-G2, X670-G2, and ExtremeSwitching X440-G2, X620, X690, X870 series switches.
Print
this page
Email this topic
Feedback
View PDF
Download EPUB