Ip Filters - Alcatel-Lucent 7705 Service Manual
Service aggregation router os
Hide thumbs
Also See for 7705:
- Configuration manual (532 pages) ,
- Interface configuration manual (226 pages) ,
- Installation manual (176 pages)
Table of Contents
Advertisement
IP Filters
In Release 3.0 of the 7705 SAR, IP filters are applied to ingress pseudowire SAPs (Epipes
and Ipipes), VPRN SAPs, and IES SAPs, as well as to ingress network interfaces and IES
management SAPs.
IP pseudowires are generally used to transparently switch traffic across an MPLS network to
the far end. However, in some cases, the traffic that is switched over the network, consuming
valuable bandwidth, is just discarded at the other end of the pseudowire. As well, with the
7705 SAR expanding into areas such as vertical markets, and with local area networks being
connected to the 7705 SAR Ethernet ports, an increasing amount of traffic must stay local
and not pass through the MPLS network to the far end. By using IP filters at the access
ingress, operators can determine what traffic is passed through the pseudowire and therefore
use the network links more efficiently.
Another use for IP filters is in cases where a customer router is connected to an access port
on the 7705 SAR with ppp/mlppp encapsulation. The service provider may want to filter
incoming traffic from the customer at the boundaries of the network.
IP filters can also be used for security purposes, by allowing access only to designated
services (for example, allowing e-mail and FTP services while disallowing Telnet services)
at the origin of the traffic.
IP filter policies specify either a forward or a drop action for packets, based on information
specified in the match criteria. You can create up to 16 IP unique filter policies per adapter
card and up to 96 IP filters per node. Within each filter policy, you can create up to 64
matching entries.
The same IP filter policy can be assigned to any entity (network interfaces, IP pseudowires,
Ethernet pseudowires, IES, and VPRN services), all of which can be configured on the same
adapter card. For example, a filter policy defined as filter-5 can be assigned to multiple Ipipe
SAPs and, simultaneously, to network interfaces on the same adapter card.
A filter policy assigned to an entity on one adapter card can also be assigned to any entity on
another adapter card. For example, a filter policy defined as filter-2 can be assigned to an
Ipipe on an Ethernet Adapter card and to a network interface on another Ethernet Adapter
card.
Up to 16 unique filter policies are supported per adapter card, and assigning the same filter
policy to different entities on a card counts as using one filter policy.
7705 SAR OS Services Guide
VLL Services
Page 171
Advertisement
Table of Contents
Troubleshooting
