Allied Telesis AT-9900 Series Function Manual Download Page 10 | Manualshive

Page: 10 / 18

background image

Page 10 | AlliedWare™ OS How To Note: Hardware Filters

How many filters can you create?

Protocol type—2 bytes

Ethernet format—2 bytes

VLAN ID—2 bytes

IP protocol type (TCP, UDP, etc)—

1

byte

source IP address—4 bytes

destination IP address—4 bytes

TCP port number—2 bytes

UDP port number—2 bytes

DSCP—

1

byte

For example, if you make a hardware filter that matches on destination IP address and source
TCP port, this adds 7 bytes to the mask:

1

byte for the IP protocol field (to indicate TCP)

4 bytes for the destination IP address
2 bytes for the source TCP port number.

If you next make a hardware filter that matches on source MAC address, this adds 6 more
bytes to the mask.

If you next make a QoS flow group with a classifier that matches on destination IP address
(4 bytes) and DSCP (

1

byte), this adds

1

more byte to the mask, for the DSCP. It does not

add 4 more bytes for the destination IP address because the switch already matches on that
field.

If you next make a hardware filter that matches on source IP address and source TCP port,
then that does not change the mask, because the switch already matches on those fields.

If you next make a hardware filter that matches on source UDP port, this also does not add
any length to the mask, because it shares the same 2 bytes as the source TCP port. However,
if you next make a hardware filter that matches on

destination

TCP or UDP port, that uses

another 2 bytes.

Are there enough bytes for your set of filters?

Of course, the mask cannot increase without limit—it has a maximum size of

1

6 bytes.

When it reaches the

1

6-byte limit, no more classifiers can be used that would cause the mask

to increase in size. The switch can still accept classifiers that use fields that have already been
included in the mask.

There is no particular number of hardware filters or QoS flow groups that will cause the
mask to reach its

1

6-byte limit—it could happen after a few filters, or you might be able to

create hundreds of filters without the mask reaching its limit.

So to determine whether you will have enough filter length, look at the fields you want to
filter, determine the number of bytes for each field, and sum up

the total number of

bytes.

If that number is less than

1

6, there is enough filter length. Don’t forget to count TCP

and UDP source port as a single field, and likewise to count TCP and UDP destination port
as a single field.

«
...
8
9
10
11
12
...
»

Summary of Contents for AT-9900 Series

Page 1: ...he throughput of the switch It is possible to configure over 1000 different filters and still have complete wire speed throughput on the switch The following configuration methods are available 1 To f...

Page 2: ...en combining QoS and hardware filters 8 2 The profile mask 9 Are there enough bytes for your set of filters 10 Some protocols also use filters so use some of the length 11 How to see the current filte...

Page 3: ...B DIAg NLSp IPXwan ipxsocketnum ANY TCPSport portid port range ANY TCPDport portid port range ANY UDPSport portid port range ANY UDPDport portid port range ANY L4SMask mask L4DMask mask L5BYTE01 byteo...

Page 4: ...ote see page 13 Note The default value of each mask is FFFF This means that if you specify a port number without specifying a mask then the classifier matches only that one value of the port number Th...

Page 5: ...hey will all be treated like core ports if at least one of the ports is a core port Creating hardware filters Once you have created a classifier create a filter The filter uses the classifier and spec...

Page 6: ...matches the packets in the stream and specify copy discard for the action setl2qos Note that this action has the other parameters associated with it as the following syntax shows add switch hwfilter f...

Page 7: ...cket as if it belongs to the default traffic class for the port s QoS policy For this reason we only recommend combining hardware filters and QoS if all your hardware filters result in traffic being d...

Page 8: ...an be configured on different ports So the rules for allocating packet to flow groups can differ from port to port Hence QoS can result in the rule table containing different sets of rules for differe...

Page 9: ...filters that can be created Also the protocols that use filters see page 11 create at least one entry each 2 The profile mask The other item that affects the number of filters you can create is called...

Page 10: ...already matches on those fields If you next make a hardware filter that matches on source UDP port this also does not add any length to the mask because it shares the same 2 bytes as the source TCP po...

Page 11: ...n IP address destination TCP UDP port 6 6 1 4 2 19 bytes Some protocols also use filters so use some of the length The following protocols use filters and therefore use up some of the available profil...

Page 12: ...one block on the base system for packets arriving in via any other port z one block allocated on the IPv6 accelerator Number of rules per application MLD Snooping 4 Accel Card IPv6 1 Switch HwFilter 2...

Page 13: ...they are both 1 then the result is 1 otherwise the result is 0 Let s look at some examples Profile 1 IPv4 bytes used 3 of 16 Other Eth bytes used 5 of 16 Profile used to match on packets z Number of b...

Page 14: ...choose the number of the ports as 4 power of 2 to simplify the example Before going into the complex examples there are some points to remember for the L4 mask calculation z if the beginning port is...

Page 15: ...drop Example 3 ports 333 777 A more complex situation let s try to write the classifiers for UDP ports between 333 777 As we are trying to get rid of odd numbers in the beginning of our port range we...

Page 16: ...ed 2 x 2 blocks one at the start classifier 2 and one at the end classifier 8 256 384 383 511 Port range Number of ports Command 333 334 335 336 351 352 383 384 511 512 767 768 775 776 777 1 2 16 32 1...

Page 17: ...12288 24576 49152 4096 8192 16384 32768 65536 5120 10240 20480 40960 6144 12288 24576 49152 7168 14336 28672 57344 8192 16384 32768 65536 9216 18432 36864 10240 20480 40960 11264 22528 45056 12288 245...

Page 18: ...ts reserved Information in this document is subject to change without notice All company names logos and product designs that are trademarks or registered trademarks are the property of their respecti...

Reviews:

No comments

Related manuals for AT-9900 Series

Brand: Quantum Pages: 20

Brand: 3Com Pages: 32

Brand: BWI Pages: 5

AirStation WZR-1166DHP

Brand: Buffalo Pages: 2

ApplianceStor 15MT

Brand: Rasilient Pages: 30

Brand: ExtraHop Pages: 2

RuggedNet 10G/Si

Brand: OST Pages: 8

Brand: Tripp Lite Pages: 2

Brand: ADTRAN Pages: 2

Brand: ADTRAN Pages: 2

Brand: ADTRAN Pages: 4

Brand: ADTRAN Pages: 9

Brand: AT&T Pages: 16

BiPAC 7404V series

Brand: Billion Pages: 165

Brand: Magnescale Pages: 73

Brand: Johnson Controls Pages: 20

Brand: Bluepath Pages: 6

Brand: 3Com Pages: 82

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands