•Layer-4 flows – The X-Pedition can store Layer-4 flows on each line card. A Layer-4 flow consists of the source and destination addresses in the IP or IPX packet combined with the TCP or UDP source and destination port number (for IP) or the source and destination socket (for IPX). You can therefore manage and control individual flows between hosts on an individual application basis.
A single host can have many individual Layer-4 entries in the X-Pedition. For example, an IP host might have separate Layer-4 application entries for E-mail, FTP, HTTP, and so on, or separate Layer-4 flow entries for specific E-mail destinations and for specific FTP and Web connections.
Security
The bridging, routing, and application (Layer-2, Layer-3, and Layer-4) support described in previous sections enables you to implement security filters that meet specific needs. You can implement the following types of filters to secure traffic on the X-Pedition.
•Layer-2 source filters (block bridge traffic based on source MAC address)
•Layer-2 destination filters (block bridge traffic based on destination MAC address)
•Layer-2 flow filters (block bridge traffic based on specific source-destination pairs)
•Layer-3 source filters (block IP or IPX traffic based on source IP or IPX address)
•Layer-3 destination filters (block IP or IPX traffic based on destination IP or IPX address)
•Layer-3 flow filters (block IP or IPX traffic based on specific source-destination pairs)
•Layer-4 flow filters (block traffic based on application flows)
•Layer-4 application filters (block traffic based on UDP or TCP source and destination ports for IP or source and destination sockets for IPX)
Quality of Service
Although the X-Pedition supplies non-blocking wire-speed throughput, you can configure the X-Pedition to apply Quality of Service (QoS) policies during peak periods to guarantee service to specific hosts, applications, and flows (source-destination pairs). This is especially useful in networks where the traffic level can exceed the network medium’s capacity.
The X-Pedition QoS is based on four queues: control, high, medium, and low. Control traffic has the highest priority, high the second highest, and so on. The default priority for all traffic is low.
