Policies and Filters
December 2000
C - 5
NOTE:
If you do choose to apply filters for multiple layers to the same port, note that Layer 2 MAC filters can
affect the Layer 3 IP traffic that a port permits or denies on multinetted interfaces. A multinetted interface has
multiple IP sub-net interfaces on the same port. MAC filters can filter on the Ethertype field. This field includes
Layer 3 protocol information and identifies packets as IP packets, ARP packets, and so on.
If you configure a MAC filter, then leave the default action as “deny any”, all packets from one of the IP sub-net
addresses to another address on the same multinetted interface that do not match the filter are denied. This
includes packet types such as IP and ARP. The result is that you have a Layer 2 filter but Layer 3 traffic is
dropped. To avoid this, make sure you configure a filter to “permit any” traffic, thus changing the default action to
permit for packets that are not denied by the other MAC filters.
Precedence Among Filters on the Same Layer
For most types of filters, a Foundry device applies filters based on the order in which you list them in a port’s
inbound or outbound filter list. For example, if you apply three filters, 3, 2, and 1024 to port 1/1’s outbound filter
list, the filters are applied in the following order: 3, 2, 1024.
You must configure the policies or filters before you can add them to a policy or filter group.
When you configure a policy or filter group, you must add all the policies or filters at the same time. You cannot
edit policy or filter groups. To change a group, you must delete it, then add a new one.
NOTE:
Foundry devices apply Layer 2 broadcast and multicast filters in ascending numerical order, beginning
with 1.
Foundry Policies
On a Foundry device, a policy is a set of rules that defines how the device handles packets. Table C.3 on page C-
5 lists the types of policies you can configure on Foundry devices.
Table C.3: Foundry Policies
Policy Type
Supported on...
See page...
Router
Switch
ServerIron
Quality-of-Service (QoS) Policies
X
X
X
C-6
Layer 3 Policies
C-8
Protocol-based VLANs – either forward or drop
Layer 3 traffic based on protocol (or, for IP sub-net
VLANs and IPX network VLANs, sub-net or
network address)
X
X
X
C-8
IP access policies – either forward or drop IP
packets
X
C-9
Router acceleration policies – either switch
(accelerate) IP or IPX packets or send them to a
router
X
a
C-18
Layer 4 Policies
C-39
TCP/UDP access policies – either forward or drop
packets based on TCP or UDP port
X
X
X
C-20
Summary of Contents for Switch and Router
Page 2: ...December 2000 Copyright 2000 by Foundry Networks Inc ...
Page 26: ...Foundry Switch and Router Installation and Configuration Guide xxvi December 2000 ...
Page 64: ...Foundry Switch and Router Installation and Configuration Guide 2 34 December 2000 ...
Page 162: ...Foundry Switch and Router Installation and Configuration Guide 5 38 December 2000 ...
Page 196: ...Foundry Switch and Router Installation and Configuration Guide 6 34 December 2000 ...
Page 208: ...Foundry Switch and Router Installation and Configuration Guide 7 12 December 2000 ...
Page 236: ...Foundry Switch and Router Installation and Configuration Guide 8 28 December 2000 ...
Page 258: ...Foundry Switch and Router Installation and Configuration Guide 9 22 December 2000 ...
Page 420: ...Foundry Switch and Router Installation and Configuration Guide 13 32 December 2000 ...
Page 442: ...Foundry Switch and Router Installation and Configuration Guide 14 22 December 2000 ...
Page 554: ...Foundry Switch and Router Installation and Configuration Guide 15 112 December 2000 ...
Page 574: ...Foundry Switch and Router Installation and Configuration Guide 16 20 December 2000 ...
Page 626: ...Foundry Switch and Router Installation and Configuration Guide 17 52 December 2000 ...
Page 682: ...Foundry Switch and Router Installation and Configuration Guide 18 56 December 2000 ...
Page 826: ...Foundry Switch and Router Installation and Configuration Guide 20 20 December 2000 ...
Page 994: ...Foundry Switch and Router Installation and Configuration Guide 26 10 December 2000 ...
Page 1004: ...Foundry Switch and Router Installation and Configuration Guide B 6 December 2000 ...
Page 1044: ...Foundry Switch and Router Installation and Configuration Guide C 40 December 2000 ...
Page 1048: ...Foundry Switch and Router Installation and Configuration Guide D 4 December 2000 ...
Page 1070: ...Foundry Switch and Router Installation and Configuration Guide Index 18 December 2000 ...