Allied Telesis x900-24 series manual Configuring inner parameters for nested VLANs, Customer port

Page 4

Creating dedicated hardware filters

Configuring Layer 4 source and destination port number masks

A common filtering requirement is the ability to filter on a range of TCP or UDP port numbers. For example, we often want to be able to allow through all packets with a TCP destination port greater than 1024, as such packets are deemed to be replies coming back to sessions initiated from the other side of the switch.The l4smask and l4dmask parameters make it possible for a single classifier to match a whole range of port numbers.

These parameters take on HEX values, and are used in conjunction with the parameters tcpsport, tcpdport, udpsport, and udpdport. A range of port numbers matches the classifier if performing a logical AND with the mask would give the same result as performing a logical AND with the value specified in the corresponding sport or dport parameter.

Of course, this is not quite so convenient as being able to simply specify a range of decimal numbers. Often it can require multiple port/mask combinations to cover a particular range of numbers.

This maths of all this is described in detail in Appendix A of this How To Note—see page 13.

Note: The default value of each mask is FFFF. This means that if you specify a port number without specifying a mask, then the classifier matches only that one value of the port number. This is the same as specifying a port number and a mask of FFFF.

Configuring “inner” parameters for nested VLANs

The tpid, innertpid, innervlanid, and innervlanpriority parameters all apply to nested VLAN configuration. In this situation, the packets arriving at the core-facing port can have two VLAN tags configured on them.

zThe tpid parameter matches on the first Tag Protocol Identifier field in the packet.

zThe innertpid parameter matches on the TPID in the second 802.1Q tag in the packet.

zThe innervlanid parameter matches on the tunnelled VLAN ID in the second 802.1Q tag in the packet.

zThe innervlanpriority parameter matches on the 802.1P field in the second tag in the packet.

The following table shows where in the packet the inner and outer tags will be matched.

 

Outer VLAN parameters

Inner VLAN parameters

 

(normal)

 

 

 

 

Customer port

VLAN

1st tag

 

 

 

Core port

1st tag

2nd tag

 

 

 

Nested VLANs disabled

1st tag

2nd tag

 

 

 

Some important points to keep in mind while configuring the “inner” parameters are:

zWhen packets arrive at a customer port of a nested VLAN, the parameter vlan will match the VID of the nested VLAN that the port is a member of, which is just how this parameter normally operates.

Page 4 AlliedWare™ OS How To Note: Hardware Filters

Page 3 Page 5
Image 4
Page 3 Page 5
Contents AlliedWareTM OS IntroductionWhat information will you find in this document? This document contains the followingConfiguring packet classification Creating dedicated hardware filtersConfiguring inner parameters for nested VLANs Core port 1st tag 2nd tag Nested VLANs disabledCustomer port 1st tagCreating hardware filters Then, enter the following commandFor example, imagine you have the following set of filters Logic of the operation of the hardware filters Effects of the action parametersHow many filters can you create? Combining hardware filters and QoSFilter rules table Extra rules used when combining QoS and hardware filters Rule Empty Rule tableFollowing figure shows the copies of these rules Profile maskRule Are there enough bytes for your set of filters? Some protocols also use filters, so use some of the length Disabled by defaultOkay length For example, this set of filters would work How to see the current filter resource usage on the switch Appendix a How to use the layer 4 mask in classifiers Default maskBinary 07D0 in hexadecimalExample 1 ports Points to rememberExample 3 ports Example 2 portsNow it is really easy to write the classifiers 128 256512 024Following table shows the port ranges for the largest blocks 65536C613-16058-00 REV C
Top Page Image Contents