Classifier Example - ZyXEL Communications GS1920v2 Series User Manual

Figure 270 SECURITY > ACL > Classifier > Classifier Global Setting
The following table describes the labels in this screen.
Table 209 SECURITY > ACL > Classifier > Classifier Global Setting
LABEL
Match
Order
Logging
Active
Interval
Apply
Cancel

58.5 Classifier Example

The following screen shows an example where you configure a classifier that identifies all traffic from
MAC address 00:50:ba:ad:4f:81 on port 2.
Chapter 58 Classifier
DESCRIPTION
Use this field to set the match order for the classifier rules.
A traffic flow can only be classified to one classifier. When a traffic flow matches more than one
classifier rule, the Switch classifies the traffic based on the Match Order.
Select manual to have classifier rules applied according to the weight of each rule you configured in
SECURITY > ACL > Classifier > Classifier Setup. If they have the same weight, the Switch will classify the
traffic to the classifier with a higher name priority (see Classifier Name Priority).
Alternatively, select auto to have classifier rules applied according to the layer of the item configured
in the rule. Layer-4 items have the highest priority, and layer-2 items has the lowest priority. For
example, you configure a layer-2 item (VLAN ID) in classifier A and configure a layer-3 item (source IP
address) in classifier B. When an incoming packet matches both classifier rules, classifier B has priority
over classifier A. If both classifiers have the same priority, the Switch will apply the classifier with a
higher name priority.
Classifier Name Priority
The longer the classifier name, the higher the classifier priority. If two classifier names are the same
length, the bigger the character, the higher the classifier priority. The lowercase letters (such as a and
b) have higher priority than the capitals (such as A and B) in the classifier name. For example, the
classifier with the name of class 2, class a or class B takes priority over the classifier with the name of
class 1 or class A.
Enable the switch button to allow the Switch to create a log when packets match a classifier rule
during a defined time interval.
Set the length of the time period (in seconds) to count matched packets for a classifier rule. Enter an
integer from 0 – 65535. 0 means that no logging is done.
Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it
is turned off or loses power, so use the Save link on the top navigation panel to save your changes to
the non-volatile memory when you are done configuring.
Click Cancel to begin configuring this screen afresh.
GS1920v2 Series User's Guide
372