Filter Policy Configuration Overview; Service -Based Filtering - Alcatel-Lucent 7210 SAS Configuration Manual

Hide thumbs Also See for 7210 SAS:

Service manual (952 pages)

Configuration manual (558 pages)

Quality of service manual (404 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

page of 138

/ 138
Contents
Table of Contents
Bookmarks

Table of Contents

Filter Policy Configuration Overview

Filter policies, also referred to as Access Control Lists (ACLs), are templates applied to services or

access uplink ports to control network traffic into (ingress) or out of (egress) a service access port

(SAP) or access uplink based on IP and MAC matching criteria. Filters are applied to services to

look at packets entering or leaving a SAP . Filters can be used on several interfaces. The same filter

can be applied to ingress traffic, egress traffic, or both. Ingress filters affect only inbound traffic

destined for the routing complex, and egress filters affect only outbound traffic sent from the

routing complex.

Configuring an entity with a filter policy is optional. If an entity such as a service is not configured

with filter policies, then all traffic is allowed on the ingress and egress interfaces. By default, there

are no filters associated with services or interfaces. They must be explicitly created and associated.

When you create a new filter, default values are provided although you must specify a unique filter

ID value to each new filter policy as well as each new filter entry and associated actions. The filter

entries specify the filter matching criteria.

Only one ingress IP or MAC filter policy and one egress IP or MAC filter policy can be applied to

a Layer 2 SAP. Only one ingress IP filter policy and one egress IP filter policy can be applied to a

Layer 3 SAP

Note that non-IP packets are not hitting the IP filter policy, so the default action in the filter policy

will not apply to these packets.

Service -Based Filtering

IP and MAC filter policies specify either a forward or a drop action for packets based on

information specified in the match criteria.

Filter entry matching criteria can be as general or specific as you require, but all conditions in the

entry must be met in order for the packet to be considered a match and the specified entry action

performed. The process stops when the first complete match is found and executes the action

defined in the entry, either to drop or forward packets that match the criteria.

Page 60

7210 SAS D, E OS Router Configuration Guide

Table of Contents

Filter Policy Configuration Overview; Service -Based Filtering - Alcatel-Lucent 7210 SAS Configuration Manual

Filter Policy Configuration Overview

Filter Policy Configuration Overview

Service -Based Filtering

Related Manuals for Alcatel-Lucent 7210 SAS

Related Content for Alcatel-Lucent 7210 SAS

Table of Contents