Page 20 | AlliedWare Plus™ OS How To Note
How many filters can you create?
Are there enough bytes for your set of filters?Of course, the mask cannot increase without limit—it has a maximum size of 16 bytes.
When it reaches the 16-byte limit, no more ACLs or QoS match commands can be created
which would cause the mask to increase in size. The switch can still accept ACLs or QoS
match commands that use fields that have already been included in the mask.
There is no part icular number of ACLs o r QoS match commands that will cause the mask to
reach its 16-byte limit—it could happen after a few ACLs, or you might be able to create
hundreds of ACLs and QoS match commands without the mask reaching its limit.
So to determine whether you will have enough filter length, look at the fields you want to
filter, determine the number of bytes for each field, and sum up the total number of
bytes. If that number is less than 16, there is enough filter length. Don’t forget to count TCP
and UDP source port as a single field, and likewise to count TCP and UDP destination port
as a single field.
Okay length For example, this set of ACLs would work:
source MAC address
source UDP port
destination IP address + destination TCP port
The total number of bytes for the switch to check in a packet would be:
source MAC address + IP protocol type + source TCP/UDP port +
destination IP address + destination TCP/UDP port =
6 + 1 + 2 + 4 + 2 = 15 bytes
Too long But this set of ACLs would not work:
source MAC address
destination MAC address
destination IP address + destination TCP port
The total number of bytes for the switch to check in a packet would be:
source MAC address + destination MAC address + IP protocol type +
destination IP address + destination TCP/UDP port =
6 + 6 + 1 + 4 + 2 = 19 bytes