class ipv6
Syntax
Syntax to create an IPv6 class and enter its context. Plus syntax to remove a class:
class ipv6 <CLASS-NAME>
no class ipv6 <CLASS-NAME>Syntax (within the class context) for creating or removing class entries for protocols
ah,
gre,
esp,
igmp,
ospf,
pim (ipv6any):
[<SEQUENCE-NUMBER>]
{match|ignore}
{any|ipv6|ah|gre|esp|igmp|ospf|pim|<IP-PROTOCOL-NUM>}
{any|<SRC-IP-ADDRESS>[/{<PREFIX-LENGTH>|<SUBNET-MASK>}]}
{any|<DST-IP-ADDRESS>[/{<PREFIX-LENGTH>|<SUBNET-MASK>}]}
[dscp <DSCP-SPECIFIER>] [ecn <ECN-VALUE>] [ip-precedence <IP-PRECEDENCE-VALUE>]
[tos <TOS-VALUE>] [fragment] [vlan <VLAN-ID>] [ttl <TTL-VALUE>] [count]
no <SEQUENCE-NUMBER>Syntax (within the class context) for creating or removing class entries for protocols
sctp,
tcp,
udp:
[<SEQUENCE-NUMBER>]
{match|ignore}
{sctp|tcp|udp}
{any|<SRC-IP-ADDRESS>[/{<PREFIX-LENGTH>|<SUBNET-MASK>}]}
[{eq|gt|lt} <PORT>|range <MIN-PORT> <MAX-PORT>]
{any|<DST-IP-ADDRESS>[/{<PREFIX-LENGTH>|<SUBNET-MASK>}]}
[{eq|gt|lt} <PORT>|range <MIN-PORT> <MAX-PORT>]
[urg] [ack] [psh] [rst] [syn] [fin] [established]
[dscp <DSCP-SPECIFIER>] [ecn <ECN-VALUE>] [ip-precedence <IP-PRECEDENCE-VALUE>]
[tos <TOS-VALUE>] [fragment] [vlan <VLAN-ID>] [ttl <TTL-VALUE>] [count]
no <SEQUENCE-NUMBER>Syntax (within the class context) for creating or removing class entries for protocol
icmpv6:
[<SEQUENCE-NUMBER>]
{permit|deny}
{icmpv6}
{any|<SRC-IP-ADDRESS>[/{<PREFIX-LENGTH>|<SUBNET-MASK>}]}
{any|<DST-IP-ADDRESS>[/{<PREFIX-LENGTH>|<SUBNET-MASK>}]}
[icmp-type {echo|echo-reply|<ICMP-TYPE-VALUE>}] [icmp-code <ICMP-CODE-VALUE>]
[dscp <DSCP-SPECIFIER>] [ecn <ECN-VALUE>] [ip-precedence <IP-PRECEDENCE-VALUE>]
[tos <TOS-VALUE>] [fragment] [vlan <VLAN-ID>] [ttl <TTL-VALUE>] [count]
no <SEQUENCE-NUMBER>Syntax (within the class context) for class entry comments:
[<SEQUENCE-NUMBER>] comment <TEXT-STRING>
no <SEQUENCE-NUMBER> commentDescription
Creates or modifies an IPv6 traffic class to match specified packets. Class is composed of one or more class entries ordered and prioritized by sequence numbers. With this command, each class can classify traffic based on IPv6 header information.
The
no form of the command deletes either an IPv6 traffic class (use
no with the class command) or an individual IPv6 traffic class entry (use
no with the sequence number).
Command context
config
The
class ipv6 <CLASS-NAME> command takes you into the
config-class-ipv6 command context where you enter the class entries.
Parameters
ipv6Specifies create or modify an IPv6 class.
<CLASS-NAME>Specifies the name of this class.
<SEQUENCE-NUMBER>Specifies a sequence number for the class entry. Optional. Range: 1-4294967295.
{match|ignore}Creates a rule to match or ignore specified packets.
<IP-PROTOCOL-NUM>Specifies the protocol as its Internet Protocol number. For example, 2 corresponds to the IGMP protocol. Range: 0 to 255.
{any|<SRC-IP-ADDRESS>[/{<PREFIX-LENGTH>|<SUBNET-MASK>}]}- Specifies the source IPv6 address.
any- specifies any source IPv6 address.<SRC-IP-ADDRESS>- specifies the source IPv4 host address.<PREFIX-LENGTH>- specifies the address bits to mask (CIDR subnet mask notation). Range: 1 to 32.<SUBNET-MASK>- specifies the address bits to mask (dotted decimal notation).
{any|<DST-IP-ADDRESS>[/{<PREFIX-LENGTH>|<SUBNET-MASK>}]}- Specifies the destination IPv4 address.
any- specifies any destination IPv6 address.<DST-IP-ADDRESS>- specifies the destination IPv6 host address.<PREFIX-LENGTH>- specifies the address bits to mask (CIDR subnet mask notation). Range: 1 to 32.<SUBNET-MASK>- specifies the address bits to mask (dotted decimal notation).
[{eq|gt|lt} <PORT>|range <MIN-PORT> <MAX-PORT>]- Specifies the port or port range. Port numbers are in the range of 0 to 65535.
eq <PORT>- specifies the Layer 4 port.gt <PORT>- specifies any Layer 4 port greater than the indicated port.lt <PORT>- specifies any Layer 4 port less than the indicated port.range <MIN-PORT> <MAX-PORT>- specifies the Layer 4 port range.
urg, ack, psh, rst, syn, fin, establishedThese TCP flag matching parameters are not supported.
dscp <DSCP-SPECIFIER>Specifies the Differentiated Services Code Point (DSCP), either a numeric
<DSCP-VALUE>(0 to 63) or one of these keywords:AF11- DSCP 10 (Assured Forwarding Class 1, low drop probability)AF12- DSCP 12 (Assured Forwarding Class 1, medium drop probability)AF13- DSCP 14 (Assured Forwarding Class 1, high drop probability)AF21- DSCP 18 (Assured Forwarding Class 2, low drop probability)AF22- DSCP 20 (Assured Forwarding Class 2, medium drop probability)AF23- DSCP 22 (Assured Forwarding Class 2, high drop probability)AF31- DSCP 26 (Assured Forwarding Class 3, low drop probability)AF32- DSCP 28 (Assured Forwarding Class 3, medium drop probability)AF33- DSCP 30 (Assured Forwarding Class 3, high drop probability)AF41- DSCP 34 (Assured Forwarding Class 4, low drop probability)AF42- DSCP 36 (Assured Forwarding Class 4, medium drop probability)AF43- DSCP 38 (Assured Forwarding Class 4, high drop probability)CS0- DSCP 0 (Class Selector 0: Default)CS1- DSCP 8 (Class Selector 1: Scavenger)CS2- DSCP 16 (Class Selector 2: OAM)CS3- DSCP 24 (Class Selector 3: Signaling)CS4- DSCP 32 (Class Selector 4: Real time)CS5- DSCP 40 (Class Selector 5: Broadcast video)CS6- DSCP 48 (Class Selector 6: Network control)CS7- DSCP 56 (Class Selector 7)EF- DSCP 46 (Expedited Forwarding)
ecn <ECN-VALUE>Specifies an Explicit Congestion Notification value. Range: 0 to 3.
ip-precedence <IP-PRECEDENCE-VALUE>Specifies an IP precedence value. Range: 0 to 7.
tos <TOS-VALUE>Specifies the Type of Service value. Range: 0 to 31.
fragmentSpecifies a fragment packet.
vlan <VLAN-ID>Specifies VLAN tag to match on. 802.1Q VLAN ID.
NOTE:This parameter cannot be used in any class that will be applied to a VLAN.
ttl <TTL-VALUE>Specifies a time-to-live (hop limit) value. Range: 0 to 255.
countKeeps the hit counts of the number of packets matching this class entry.
[<SEQUENCE-NUMBER>] comment <TEXT-STRING>Adds a comment to a class entry. The
noform removes only the comment from the class entry.
Authority
Administrators or local user group members with execution rights for this command.
Usage
If you enter an existing
<CLASS-NAME>value, the existing class is modified with any new<SEQUENCE-NUMBER>value. This action creates an additional class entry. Any existing<SEQUENCE-NUMBER>value replaces the existing class entry with the same sequence number.If no sequence number is specified, a new class entry is appended to the end of the class with a sequence number equal to the highest class entry currently in the list plus 10.
If the
<IP-PROTOCOL-NUM>parameter is used instead of a protocol name, ensure that any needed class entry-definition parameters specific to the selected protocol are also provided.
Examples
Creating an IPv6 class with two entries:
switch(config)# class ipv6 MY_IPV6_CLASS
switch(config-class-ipv6)# 10 match icmpv6 any any
switch(config-class-ipv6)# 20 ignore udp any any
switch(config-class-ipv6)# exit
switch(config)# do show class
Type Name
Sequence Comment
Action L3 Protocol
Source IP Address Source L4 Port(s)
Destination IP Address Destination L4 Port(s)
Additional Parameters
-------------------------------------------------------------------------------
IPv6 MY_IPV6_CLASS
10 match icmpv6
any
any
20 ignore udp
any
any
Adding a comment to an existing IPv6 class entry:
switch(config)# class ipv6 MY_IPV6_CLASS
switch(config-class-ipv6)# 10 match icmpv6 any any
switch(config-class-ipv6)# 20 ignore udp any any
switch(config-class-ipv6)# 20 comment myipv6class
switch(config-class-ipv6)# exit
switch(config)# do show class
Type Name
Sequence Comment
Action L3 Protocol
Source IP Address Source L4 Port(s)
Destination IP Address Destination L4 Port(s)
Additional Parameters
-------------------------------------------------------------------------------
IPv6 MY_IPV6_CLASS
10 match icmpv6
any
any
20 myipv6class
ignore udp
any
any
Removing a comment from an existing IPv6 class entry:
switch(config)# class ipv6 MY_IPV6_CLASS
switch(config-class-ipv6)# no 20 comment
switch(config-class-ipv6)# exit
switch(config)# do show class
Type Name
Sequence Comment
Action L3 Protocol
Source IP Address Source L4 Port(s)
Destination IP Address Destination L4 Port(s)
Additional Parameters
-------------------------------------------------------------------------------
IPv6 MY_IPV6_CLASS
10 match icmpv6
any
any
20 ignore udp
any
any
Replacing an IPv6 class entry in an existing IPv6 class:
switch(config)# class ipv6 MY_IPV6_CLASS
switch(config-class-ipv6)# 10 match any any 1020::
switch(config-class-ipv6)# exit
switch(config)# do show class
Type Name
Sequence Comment
Action L3 Protocol
Source IP Address Source L4 Port(s)
Destination IP Address Destination L4 Port(s)
Additional Parameters
-------------------------------------------------------------------------------
IPv6 MY_IPV6_CLASS
10 match any
any
1020::
20 ignore udp
any
any
Removing an IPv6 class entry:
switch(config)# class ipv6 MY_IPV6_CLASS
switch(config-class-ipv6)# no 10
switch(config-class-ipv6)# exit
switch(config)# do show class
Type Name
Sequence Comment
Action L3 Protocol
Source IP Address Source L4 Port(s)
Destination IP Address Destination L4 Port(s)
Additional Parameters
-------------------------------------------------------------------------------
IPv6 MY_IPV6_CLASS
20 ignore udp
any
any
The corresponding entries are only removed if the class is unused by all policy entries.
switch(config)# no class ipv6 MY_IPV6_CLASS switch(config)# do show class No Class found.