6-8
Cisco SCE8000 Software Configuration Guide
OL-16479-02
Chapter 6 Configuring the Line Interface
Configuring Traffic Rules and Counters
How to Display the Tunneling Configuration
Step 1
From the SCE# prompt, type
show interface linecard 0 (VLAN|L2TP|IP-tunnel)
and press
Enter
.
Displays the current configuration for the specified tunnel option.
Configuring Traffic Rules and Counters
•
Traffic Rules and Counters, page 6-8
•
Configuring Traffic Counters, page 6-10
•
Configuring Traffic Rules, page 6-11
•
Managing Traffic Rules and Counters, page 6-14
Traffic Rules and Counters
•
What are Traffic Rules and Counters?, page 6-8
•
•
What are Traffic Rules and Counters?
Traffic rules and counters may be configured by the user. This functionality enables the user to define
specific operations on the traffic flowing through the SCE Platform, such as blocking or ignoring certain
flows or counting certain packets. The configuration of traffic rules and counters is independent of the
application loaded by the SCE platform, and thus is preserved when the application being run by the SCE
platform is changed.
Possible uses for traffic rules and counters include:
•
Enabling the user to count packets according to various criteria. Since the traffic counters are
readable via the
ciscoServiceControlTpStats
MIB, these might be used to monitor up to 32 types of
packets, according to the requirements of the installation.
•
Ignoring certain types of flows. When a traffic rules specifies an “ignore” action, packets matching
the rule criteria will not open a new flow, but will pass through the SCE platform without being
processed. This is useful when a particular type of traffic should be ignored by the SCE platform.
Possible examples include ignoring traffic from a certain IP range known to require no service, or
traffic from a certain protocol.
•
Blocking certain types of flows. When a traffic rules specifies a “block” action, packets matching
the rule criteria (and not belonging to an existing flow) will be dropped and not passed to the other
interface. This is useful when a particular type of traffic should be blocked by the SCE platform.
Possible examples include performing ingress source address filtering (dropping packets originating
from a subscriber port whose IP address does not belong to any defined subscriber-side subnet), or
blocking specific ports.