Allied Telesis x900-24 series manual AlliedWareTM OS, Introduction

Page 1

AlliedWareTM OS

How To Configure Hardware Filters on AT-9900, x900-48, and x900-24 Series Switches

Introduction

The AT-9900, x900-48, and x900-24 series switches support a powerful hardware based packet-filtering facility.

These switches can filter on a range of Layer 2, Layer 3, and Layer 4 packet attributes, and perform a variety of different actions on the packets that match the filters.

Because the filters are hardware-based, they put no load on the CPU of the switch, and have no affect on the throughput of the switch. It is possible to configure over 1000 different filters, and still have complete wire speed throughput on the switch.

The following configuration methods are available:

1.To filter traffic across all ports on the switch, create dedicated hardware filters.

2.To filter traffic on a per-port basis, apply filtering actions to QoS flow groups or traffic classes.

This Note only describes method 1. Method 2 is described in How To Configure Filtering Actions on QoS Flow Groups and Traffic Classes, available from www.alliedtelesis.com/resources/ literature/howto.aspx.

C613-16058-00 REV C

www.alliedtelesis.com

Page 1 Page 2
Image 1
Page 1 Page 2
Contents Introduction AlliedWareTM OSThis document contains the following What information will you find in this document?Creating dedicated hardware filters Configuring packet classificationCore port 1st tag 2nd tag Nested VLANs disabled Configuring inner parameters for nested VLANsCustomer port 1st tagCreating hardware filters Then, enter the following commandFor example, imagine you have the following set of filters Effects of the action parameters Logic of the operation of the hardware filtersHow many filters can you create? Combining hardware filters and QoSFilter rules table Rule Empty Rule table Extra rules used when combining QoS and hardware filtersFollowing figure shows the copies of these rules Profile maskRule Are there enough bytes for your set of filters? Some protocols also use filters, so use some of the length Disabled by defaultOkay length For example, this set of filters would work How to see the current filter resource usage on the switch Default mask Appendix a How to use the layer 4 mask in classifiersBinary 07D0 in hexadecimalPoints to remember Example 1 portsExample 3 ports Example 2 portsNow it is really easy to write the classifiers 256 128512 02465536 Following table shows the port ranges for the largest blocksC613-16058-00 REV C
Top Page Image Contents