14NETBUILDER SOFTWARE VERSION 11.1 RELEASE NOTES

of the queue policies, Priority Queuing, and Protocol Reservation are supported. In addition to the currently supported policies, a metering algorithm has been added. If the queue handler detects that the underlying bandwidth exceeds a certain threshold specified, then the queueing and metering functions are effectively bypassed and packets are transmitted directly without queuing. This optimizes high-speed interfaces in which the customer assumes that everything presented to the interface can be transmitted without going through the prioritization or metering processing and without much fear of packet loss.

Firewall Enhancements

The recent enormous growth in the Internet has increased the security risks to corporate and government networks. The existing Firewall Service has been enhanced to support more predefined filters for popular applications, to allow you to create your own filter definitions, and to combine noncontiguous IP addresses into named groups to which firewall policies may be applied.

Firewall enhancements include:

Predefined service filters for multimedia applications such as Real Networks’ RealPlayer.

The ability to define a service and group of IP addresses.

Support for traceroute.

Additional predefined service filters.

Secure HTTP

BGP-4

Finger

Whois

SOCKS

DNS client-to-server.

IPSEC support for Encapsulated Security Payload (ESP) headers and Authentication Headers (AH).

IP Version 6 (Phase II)

IPv6 Phase II features include the BGP-4 multiprotocol extensions for IPv6 inter-domain routing plus native IPv6 routing over PPP and point-to-point ATM PVCs.

BGP-4 Enhancements

Enhancements have been incorporated that address the scaling issues with the current BGP implementation. The new implementation also includes BGP-4+ features. BGP-4+ is an extension to the existing BGP protocol for handling multiprotocol routing. For example, it enables interdomain routing of IPv4 multicast, IPv6 unicast, and IPv6 multicast network layers. The following network layer reachability information attributes are implemented:

Multiprotocol Reachable NLRI

Multiprotocol Unreachable NLRI

Page 13
Image 13
3Com 11.1 manual Firewall Enhancements, IP Version 6 Phase, BGP-4 Enhancements