Perle Systems IOLINK-520 Mask Combinations, Mask would be 6-010203040506&12-0800&23-06 Example

Page 75

Programmable Filtering

Mask Combinations

Mask combinations may be required to ensure that a frame is sufficiently qualified before the decision to filter is made. The qualification a frame must go through before a filter decision is made depends on the reason for the filter. Nonetheless, a few examples below have been provided that should aid in the creation of a mask that may require that extra little bit of qualification.

Example

To prevent a specific Ethernet station from accessing any TCP/IP host on the other segment. Assume the Ethernet address is 01-02-03-04-05-06.

The mask would be: 6-010203040506&12-0800&23-06

Example

To prevent a specific protocol type from accessing a specific Ethernet Address. Assume the Ethernet address is 01- 02-03-04-05-06, and the protocol type is Appletalk®. The filter mask would be: 0-010203040506&12-809B

Example

To prevent any Ethernet address with the 10th bit set to a 0 from accessing a LAT host or an IP host with an Internet address of 128.001.001.128.

This particular mask, although not particularly useful, might be best served by creating two masks instead of one long mask. The decision is up to the Bridge Manager, but a longer mask is always more difficult to understand later. Both methods are presented below:

Combined Filters 4-X’XX0X’&(12-6004(12-0800&30-80010180))

Separate Filters 4-X’XX0X’&12-6004 4-X’XX0X’&12-0800&30-80010180

B.12 IOLINK-PRO & 520 Reference Manual

Image 75
Contents Reference Manual IP Routing and the IOLINK-PRO & 520 Routers IOLINK-PRO & 520 RoutersARP-Address Resolution Protocol Proxy ARPComplete IP Connection IOLINK-PRO & 520 Reference Manua Header Checksum IP Header DetailsProtocol Time to liveRedirect Icmp MessagesOptions UnreachableTime and Mask server PingUpdate Mechanism RIP-Routing Information ProtocolRoute Tables IPX Address Format IPX Routing and The IOLINK-PRO & 520 RoutersIPX Addressing Network Layer Addressing vs. MAC AddressingIPX Header Other IPX Header InformationService Advertisement Protocol Establishing an IPX ConnectionSAP Broadcasts RIP/X Operation Server TypesRouting Information Protocol SAP RequestsBridging and the IOLINK-PRO & 520 Routers RIP/X RequestsRIP/X Metrics Station Address Learning Initial Bridging ProcessAddress Purging Aging TimerAging Exception Filled Address TableIolink Router Feature Definitions TelnetLink Compression Introduction Multipoint WAN TopologiesBandwidth On Demand Point-to-PointTime of Day Connect Application Disaster Recovery Backup Link Operating Software UpgradesIsdn Single Active Link & Dual Active Link Iolink PRO & 520 Isdn Connection Management Wide Area Network Topologies SupportedCall Establishment Methods Auto-Call Time-of-Day Connections Isdn Connection ManagementManual Call Address ConnectCombination Connection ProcessInteresting Traffic Idle TimerProtocol Awareness Suspension ProcessTermination Process Session Keepalive MessagesRIP-Routing Information Protocol IP SpecificsIP Address Connect Suspension of TCP/IP SessionsIPX Serialization Frames IPX SpecificsRIP/IPX and SAP/IPX Suspension of IPX SessionsPinout Information Module IdentificationLink Clocking Information Link Interfaces Reference ATL CSU/DSU Link Module InformationConsole Pinouts T1/E1 Module CSU/DSU ModuleRS232 Link Pinouts 24 & RS232C Link PinoutsDB15 Female DTE Direction Contact Circuits From Number 11 & X.21 Link PinoutsDB25 Female DTE Direction Contact Circuit From Number Name RS442 & RS530 Link PinoutsLink Pinouts DB25Number Name 11 RS232 Null-Modem Cable RS232 Null-Modem Cable Configuration12 V.35 Null-Modem Cable Null-Modem Cable Configuration13 RS530 Null-Modem Cable RS530 Null-Modem Cable Configuration14 RS530 to RS449 Conversion Cable RS530 To RS449 Conversion Cable15 V.11/X.21 Null-Modem Cable 11/X.21 Null-Modem Cable ConfigurationWAN Link Control-Signal Operation Event logs Appendix a Event LogsEvent Logs IOLINK-PRO & 520 Reference Manual A.3 Event Logs IOLINK-PRO & 520 Reference Manual A.5 Event Logs IOLINK-PRO & 520 Reference Manual A.7 Event Logs Alarm Logs Event Logs IOLINK-PRO & 520 Reference Manual A.11 Event Logs IOLINK-PRO & 520 Reference Manual A.13 Event Logs IOLINK-PRO & 520 Reference Manual A.15 Event Logs IOLINK-PRO & 520 Reference Manual A.17 Event Logs IOLINK-PRO & 520 Reference Manual A.19 PPP Security Logs Security MAC Address FilteringSecurity-Filter if Destination Programmable FilteringSecurity-Filter if Source Security-Forward if Destination Security-Forward if Source Programmable Filtering Pattern Filter Operators Bridge Pattern FilteringProtocol Discrimination IP, and no more Protocol Type FieldInternet Protocol IP Filter all IP PacketsFilter all except TCP/IP Transport Control Protocol / Internet Protocol TCP/IPFilter only TCP/IP Filter all IP without TCP trafficEthernet Multicasting Bandwidth ConservationFilter all DEC Ethernet BroadcastingGeneral Restrictions Internet AddressesEthernet Station Addresses Mask would be 6-010203040506&12-0800&23-06 Example Mask CombinationsIPX Router Pattern Filtering IP Router Pattern FilteringPage Appendix C Frame Formats Octet Locations on an IP Routed TCP/IP Frame IOLINK-PRO & 520 Reference Manual C.3