Filter Policy Configuration Overview; Service And Network Ip Interface-Based Filtering - Alcatel-Lucent 7210 SAS M Configuration Manual

Hide thumbs Also See for 7210 SAS M:

Service manual (952 pages)

Configuration manual (558 pages)

Quality of service manual (404 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

page of 168

/ 168
Contents
Table of Contents
Bookmarks

Table of Contents

Filter Policy Configuration Overview

Filter policies, also referred to as Access Control Lists (ACLs), are templates applied to services or

network IP interfaces to control network traffic into (ingress) or out of (egress) a service access

port (SAP) or network IP interface based on IP and MAC matching criteria. Filters are applied to

services to look at packets entering or leaving a SAP . Filters can be used on several interfaces. The

same filter can be applied to ingress traffic, egress traffic, or both. Ingress filters affect only

inbound traffic destined for the routing complex, and egress filters affect only outbound traffic sent

from the routing complex.

Configuring an entity with a filter policy is optional. If an entity such as a service or network IP

interface is not configured with filter policies, then all traffic is allowed on the ingress and egress

interfaces. By default, there are no filters associated with services or interfaces. They must be

explicitly created and associated. When you create a new filter, default values are provided

although you must specify a unique filter ID value to each new filter policy as well as each new

filter entry and associated actions. The filter entries specify the filter matching criteria and also an

action to be taken upon a match.

Only one ingress IP or MAC filter policy and one egress IP or MAC filter policy can be applied to

a Layer 2 SAP. Only one ingress IP filter policy and one egress IP filter policy can be applied to a

network IP interface

Network filter policies control the forwarding and dropping of packets based on IP match criteria.

Note that non-IP packets are not hitting the IP filter policy, so the default action in the filter policy

will not apply to these packets.

Service and Network IP Interface-Based Filtering

IP and MAC filter policies specify either a forward or a drop action for packets based on

information specified in the match criteria.

Filter entry matching criteria can be as general or specific as you require, but all conditions in the

entry must be met in order for the packet to be considered a match and the specified entry action

performed. The process stops when the first complete match is found and executes the action

defined in the entry, either to drop or forward packets that match the criteria.

Page 88

7210 SAS M, X Router Configuration Guide

Table of Contents

Filter Policy Configuration Overview; Service And Network Ip Interface-Based Filtering - Alcatel-Lucent 7210 SAS M Configuration Manual

Filter Policy Configuration Overview

Filter Policy Configuration Overview

Service and Network IP Interface-Based Filtering

Related Manuals for Alcatel-Lucent 7210 SAS M

Related Content for Alcatel-Lucent 7210 SAS M

Table of Contents