Manuals / Force10 Networks / Computer Equipment / Switch

Force10 Networks S2410s manual Secondary-vlan, Secondary-cos, Assign-queue, Redirect

Models: S2410s

1 304
Download 304 pages 5.91 Kb
Page 289
Image 289

 

 

{denypermit}

 

 

 

 

 

 

 

 

 

secondary-vlan

(Optional) As above, for the vlan keyword.

 

 

 

 

 

secondary-cos

(Optional) As above, for the cos keyword.

 

 

 

 

 

assign-queue

(Optional) The assign-queueparameter allows specification of a particular

 

 

hardware queue for handling traffic that matches this rule. The allowed

 

 

queue-idvalue is 0-(n-1), where n is the number of user configurable queues

 

 

available for the hardware platform. (See the Usage section, below.)

 

 

 

 

 

redirect

(Optional) The redirect parameter redirects traffic matching this rule to the

 

 

specified egress port. The redirected packet carries the same MAC address

 

 

as it would have if it had not been redirected (the MAC address of the next

 

 

hop defined in the routing table). Basically, it looks like a mirrored packet on

 

 

the redirect port. (See the Usage section, below.)

 

 

 

 

Note: The no form of this command is not supported, as the rules within an ACL group

 

 

 

 

 

 

cannot be deleted individually. Rather, the entire ACL group must be deleted and

 

 

 

re-specified.

 

 

 

 

 

 

Usage

A rule may either deny or permit traffic according to the specified classification fields. At a

 

 

minimum, the source and destination MAC value must be specified, each of which may be

 

 

substituted using the keyword any to indicate a match on any value in that field. The

 

 

remaining command parameters are all optional, but the most frequently used parameters

 

 

appear in the same relative order as shown in the command format.

The srcmacmask variable uses a wildcard called an inverted mask. In an inverted mask, a zero in a bit in the mask means “exact match required”. A one in a mask bit means “match anything here”. For example:

To deny all traffic from MAC address 00:00:00:00:03:02, the mask is 00:00:00:00:00:00.

To deny all traffic from 00:00:00:00:03:xx, the mask is 00:00:00:00:00:ff.

The Ethertype (ethertypekey) may be specified as either a keyword or a four-digit hexadecimal value from 0x0600-0xFFFF. The currently supported ethertypekey values are: appletalk, arp, ibmsna, ipv4, ipv6, ipx, mplsmcast, mplsucast, netbios, novell, pppoe, and rarp. Each of these translates into its equivalent Ethertype value(s), as shown in Table 23.

Table 23 Ethertype Keyword and 4-digit Hexadecimal Value

Ethertype Keyword

Corresponding Value

 

 

appletalk

0x809B

 

 

arp

0x0806

 

 

ibmsna

0x80D5

 

 

ipv4

0x0800

 

 

ipv6

0x86DD

 

 

ipx

0x8037

 

 

mplsmcast

0x8848

 

 

mplsucast

0x8847

 

 

netbios

0x8191

 

 

SFTOS Command Reference for the S2410, Version 2.4.1.0

289

Page 288 Page 290
Page 289
Image 289
Force10 Networks S2410s manual Secondary-vlan, Secondary-cos, Assign-queue, Redirect
Page 288 Page 290