Filters and QoS Configuration for ERS 5500
Technical Configuration Guide v2.0 NN48500-559
___________________________________________________________________________________________________________________________
Nortel Confidential Information Copyright © 2008 Nortel Networks. All Rights Reserved.
External Distribution
3
Table of Contents DOCUMENT UPDATES.................................................................................................................. 5
CONVENTIONS............................................................................................................................... 5
1. OVERVIEW: ETHERNET ROUTING SWITCH 5500 QOS AND FILTERING ........................6
2. QOS FLOW CHART................................................................................................................ 9
3. FILTER FUNCTIONALITY ....................................................................................................10
3.1 OVERALL CLASSIFICATION FUNCTIONALITY........................................................................10
3.2 CLASSIFIER BLOCK FUNCTIONALITY.................................................................................. 10
3.3 PORT RANGE FUNCTIONALITY........................................................................................... 11
3.4 POLICIES......................................................................................................................... 12
4. QUEUE SETS........................................................................................................................ 14
5. TRAFFIC METER AND SHAPING........................................................................................ 19
5.1 ACTUAL BUCKET SIZE.......................................................................................................20
5.2 POLICING TRAFFIC........................................................................................................... 20
5.3 INTERFACE SHAPER .........................................................................................................22
6. DEFAULT NORTEL CLASS OF SERVICE ..........................................................................24
7. QOS ACCESS LISTS (ACL)................................................................................................. 25
7.1 ACL CONFIGURATION.......................................................................................................25
8. IP SECURITY FEATURES.................................................................................................... 30
8.1 DHCP SNOOPING............................................................................................................ 30
8.2 DYNAMIC ARP INSPECTION.............................................................................................. 30
8.3 IP SOURCE GUARD ..........................................................................................................31
9. BPDU FILTERING................................................................................................................. 32
9.1 BPDU FILTERING CONFIGURATION................................................................................... 32
10. QOS INTERFACE APPLICATIONS.................................................................................. 33
10.1 ARP SPOOFING............................................................................................................... 34
10.2 DHCP ATTACKS.............................................................................................................. 35
10.3 DOS................................................................................................................................ 36
10.4 BPDU BLOCKING............................................................................................................. 37
11. CONFIGURATION STEPS – POLICY CONFIGURATION............................................... 38
11.1 ROLE COMBINATION......................................................................................................... 38
11.2 CLASSIFICATION...............................................................................................................39
11.3 METERS...........................................................................................................................41
11.4 ADD A NEW POLICY.......................................................................................................... 42
12. CONFIGURATION EXAMPLES........................................................................................ 43
12.1 PRE-DEFINED VALUES...................................................................................................... 43
12.2 CONFIGURATION EXAMPLE 1 – TRAFFIC METER USING POLICIES........................................ 44
12.3 CONFIGURATION EXAMPLE – IP ACL, DHCP SNOOPING, ARP INSPECTION, BPDU
FILTERING, AND SOURCE GUARD.................................................................................................. 50
12.4 CONFIGURATION EXAMPLE 3: PORT RANGE USING ACL OR POLICY ................................... 59
12.5 CONFIGURATION EXAMPLE 4 – L2 CLASSIFICATION BASED ON MAC ADDRESS ...................62
12.6 CONFIGURATION EXAMPLE 5 – L2 AND L3 CLASSIFICATION................................................ 64