Acl Profile Rules; Acl Profile Actions - ZyXEL Communications MSC1000G User Manual
Management switch card
Hide thumbs
Also See for MSC1000G:
- Specifications (6 pages) ,
- User manual (1092 pages) ,
- User manual (553 pages)
Table of Contents
Advertisement
11.24.1 ACL Profile Rules
If you apply multiple profiles to a PVC, the system checks the profiles by rule number. The lower the
rule number, the higher the priority the rule (and profile) has. For example, there are two ACL
profiles assigned to a PVC. Profile1 is for VLAN ID 100 (rule number 9) traffic, and Profile2 is for
IEEE 802.1p priority 0 traffic (rule number 12). The system checks Profile1 first. If the traffic is
VLAN ID 100, the system follows the action in Profile1 and does not check Profile2.
You can assign a PVC multiple rules of the same number as long as the rules do not conflict. For
example, you can assign a PVC a profile with a number 9 rule that allows VLAN 100 traffic and
another profile with a number 9 rule that allows VLAN 200 traffic. However you could not assign a
PVC a profile with a number 9 rule that allows VLAN 100 traffic and another profile with a number 9
rule that denies VLAN 100 traffic.
11.24.2 ACL Profile Actions
The system can perform the following actions after it classifies upstream traffic.
• rate: change the rate to the specified value (1~65535 kbps)
• rvlan: change the VLAN ID to the specified value (1~4094)
• rpri: change the IEEE 802.1p priority to the specified value (0~7)
• deny: do not forward the packet
The system can apply more than one action to a packet, unless you select deny.
If you select the rvlan action, the system replaces the VLAN ID before it compares the VLAN ID of
the packet to the VID of the PVC. As a result, it is suggested that you replace VLAN ID on super
channels, not normal PVC, since super channels accept any tagged traffic. If you replace the VLAN
ID for a normal PVC, the system drops the traffic because the new VLAN ID does not match the VID
of the PVC. This is illustrated in the following scenario.
There is a PVC with PVID 900. You create an ACL rule to replace the VLAN ID with 901. Initially, the
traffic for the PVC belongs to VLAN 900. Then, the system checks the ACL rule and changes the
traffic to VLAN 901. When the system finally compares the VLAN ID of the traffic (901) to the VID of
the PVC (900), the system drops the packets because they do not match.
11.25 ACL Profile Setup Screen
Use this screen to set up ACL profiles. To open this screen, click Profile > ACL.
Management Switch Card User's Guide
Chapter 11 Profile Screens
403
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
