3- INTRODUCTION TO FILTERING
The router provides programmable filtering which gives you the ability to control under what conditions Ethernet frames are forwarded to remote networks. There are many reasons why this might need to be accomplished, some of which are security, protocol discrimination, bandwidth conservation, and general restrictions.
Filtering may be accomplished by using two different methods. The first method is to filter or forward frames based solely on their source or destination MAC address. This method of filtering is useful when bridging between LANs and for providing remote access security in any type of network. The Ethernet MAC (Media Access Control) address is checked against the addresses in the filtering list and the frame is filtered or forwarded accordingly.
The second method of filtering is pattern filtering where each frame is checked against a filter pattern. The filter pattern may be defined to perform a check of any portion of the Ethernet frame. Separate filter patterns may be defined for bridged frames, IP routed frames, and IPX routed frames.
For more information on filtering, please refer to the Programmable Filtering section of the router reference manual file. The PDF file is located on the accompanying
MAC Address Filtering
MAC address filtering is provided by three
The first function is “Filter if Source”; the second is “Filter if Destination.” The third function allows you to change the filter operation from “positive” to “negative.” The positive filter operation causes frames with the specified MAC addresses to be filtered. The negative filter operation causes frames with the specified MAC addresses to be forwarded.
You may easily prevent any station on one segment from accessing a specific resource on the other segment; for this, “positive” filtering and the use of “Filter if Destination” would be appropriate. If you want to disallow a specific station from accessing any service, “Filter if Source” could be used.
57