Packet Matching Criteria - Alcatel-Lucent 7210 SAS M OS Configuration Manual

Hide thumbs Also See for 7210 SAS M OS:

Service manual (952 pages)

Configuration manual (558 pages)

Quality of service manual (404 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

page of 160

/ 160
Contents
Table of Contents
Bookmarks

Table of Contents

.Creating and Applying Policies

Packet Matching Criteria

Up to 65535 IP and 65535 MAC filter IDs (unique filter policies) can be defined. A maximum of

16384 filter entries can be defined in one filter at the same time. Each filter ID can contain up to

65535 filter entries. A maximum of 16384 filter entries can be defined in 1 filter at the same time.

As few or as many match parameters can be specified as required, but all conditions must be met in

order for the packet to be considered a match and the specified action performed. The process stops

when the first complete match is found and then executes the action defined in the entry, either to

drop or forward packets that match the criteria.

IP filter policies match criteria that associate traffic with an ingress or egress SAP. Matching

criteria to drop or forward IP traffic include:

•

Page 84

Source IP address and mask

Source IP address and mask values can be entered as search criteria. The IP Version 4

addressing scheme consists of 32 bits expressed in dotted decimal notation (X.X.X.X).

Address ranges are configured by specifying mask values, the 32-bit combination used to

describe the address portion which refers to the subnet and which portion refers to the host.

The mask length is expressed as an integer (range 1 to 32).

Destination IP address and mask — Destination IP address and mask values can be entered

as search criteria.

Protocol — Entering a protocol ID (such as TCP, UDP, etc.) allows the filter to search for

the protocol specified in this field.

Source port — Entering the source port number allows the filter to search for matching

TCP or UDP port values.

Destination port — Entering the destination port number allows the filter to search for

matching TCP or UDP port.

DSCP marking — Entering a DSCP marking enables the filter to search for the DSCP

marking specified in this field. See

page

95.

ICMP code — Entering an ICMP code allows the filter to search for matching ICMP code

in the ICMP header.

ICMP type — Entering an ICMP type allows the filter to search for matching ICMP types

in the ICMP header.

Fragmentation — IPv4 only: Enable fragmentation matching. A match occurs if packets

have either the MF (more fragment) bit set or have the Fragment Offset field of the IP

header set to a non-zero value.

Option present — Enabling the option presence allows the filter to search for presence or

absence of IP options in the packet. Padding and EOOL are also considered as IP options.

Table 7, DSCP Name to DSCP Value Table, on

7210 SAS M Router Configuration Guide

Table of Contents

Packet Matching Criteria - Alcatel-Lucent 7210 SAS M OS Configuration Manual

Packet Matching Criteria

Related Manuals for Alcatel-Lucent 7210 SAS M OS

Related Content for Alcatel-Lucent 7210 SAS M OS

Table of Contents