AlliedWare PlusTM OS

How To Configure Hardware Filters on SwitchBlade x908, x900-12XT/S, and x900-24 Series Switches

Introduction

The SwitchBlade x908, x900-12XT/S, and x900-24 series switches support a powerful hardware based packet-filtering facility.

These switches can filter on a range of Layer 2, Layer 3, and Layer 4 packet attributes, and perform a variety of different actions on the packets that match the filters.

Because the filters are hardware-based, they put no load on the CPU of the switch, and do not affect the throughput of the switch. It is possible to configure over 1000 different filters, and still have complete wire speed throughput on the switch.

On the AlliedWare Plus OS, hardware-based packet filtering is carried out by using hardware ACLs (Access Control Lists). The following configuration methods are available:

1.To make a simple filter based on IP address, MAC address, TCP/UDP port, or ICMP type, you simply create one or more ACLs and apply them to a port.

You can build up a filter hierarchy by applying multiple ACLs to a port (e.g. make one ACL to allow traffic from a source IP address to a destination address, then a second ACL to drop all (other) traffic from that source IP address).

This How To Note calls ACLs that are applied to ports interface ACLs.

2.To make a filter based on a range of other packet settings, you use QoS match commands in one or more QoS class-maps, mostly in combination with ACLs. Then you use QoS to apply the class-maps to a policy-map and port.

This note describes both approaches. Then it gives a series of examples, and ends by discussing how many filters you can make.

C613-16119-00 REV A

www.alliedtelesis.com

Page 1
Image 1
Allied Telesis X900-12XT/S, x908 manual AlliedWare PlusTM OS

X900-12XT/S, x908 specifications

The Allied Telesis x908 and the SwitchBlade x900 series of network switches are cutting-edge solutions designed to address the demands of modern networking environments. These switches are known for their high performance, reliability, and robust feature sets, making them ideal for enterprise and service provider networks.

The Allied Telesis x908 series consists of modular and chassis-based systems that can accommodate a variety of network configurations. One of the main features of the x908 series is its ability to offer high scalability with support for a large number of ports. This makes it suitable for data centers and large enterprise networks where space and bandwidth optimization are critical.

In addition to scalability, the x908 series supports advanced Layer 2 and Layer 3 switching capabilities. This allows for efficient traffic management and routing, ensuring that data is delivered swiftly and reliably. The x908 also incorporates intelligent features such as Quality of Service (QoS), which prioritizes critical network traffic, ensuring that time-sensitive data—like voice and video—maintains its quality during transmission.

The SwitchBlade x900 series takes this functionality further with its innovative modular architecture. This allows organizations to configure their networks to meet specific needs by choosing from a variety of interface cards and service modules. The SwitchBlade x900 also supports advanced security features such as Access Control Lists (ACLs) and VLAN segmentation, which provide enhanced protection against unauthorized access and network threats.

Another hallmark of the x908 and SwitchBlade series is their support for high-speed Ethernet technologies, including 10G and 40G Ethernet. This enables organizations to keep pace with the increasing bandwidth demands of applications and services, particularly in cloud computing and data-intensive workloads.

Both the x908 and the SwitchBlade x900 series are designed with energy efficiency in mind, featuring power-saving technologies that reduce overall operational costs. Coupled with Allied Telesis' management tools, which provide detailed analytics and monitoring, network administrators can optimize performance and energy consumption simultaneously.

In summary, the Allied Telesis x908 and SwitchBlade x900 series offer a comprehensive suite of features, high performance, scalability, and advanced networking technologies. They represent a strategic investment for organizations looking to build resilient, efficient, and future-proof network infrastructures.