Page 13 | AlliedWare™ OS How To Note: Hardware Filters
Appendix A: How to use the layer 4 mask in classifiers
Appendix A: How to use the layer 4 mask in classifiers
This section describes the use of L4 mask in classifiers and gives some examples on L4 masks.
The way that L4 masks work is similar to IP subnet masks. You need to be familiar with the
binary system to set the right mask for your need.
The L4 mask is a 2-byte hexadecimal number, the base-
1
6 number system, which consists of
1
6 unique symbols: the numbers 0 to 9 and the letters A to F.
For example, if we want to set our UDP destination port to 2000:
Applying a L4 mask to an UDP/TCP port allows you to identify the constant and variable
parts of the port number. The constant bits are represented by the
1
s in the mask, and the
variable bits are represented by the 0s. Performing a bitwise logical AND operation between
the port number and the L4 mask results in the first port number of the range.
Note:
The logical AND operation compares 2 bits and if they are both “
1
”, then the result
is “
1
”, otherwise, the result is “0”.
Let’s look at some examples.
Profile #1:
IPv4 bytes used ......... 3 of 16
Other-Eth bytes used .... 5 of 16
Profile used to match on packets
z
Number of bytes being used in the profile for matching
IPv4 packets
z
Number of bytes being used in the profile for matching
non-IPv4 ethernet packets
Device Resource, device #1:
Number of rules used ........ 1
Rule space usage ............ 8
Resources used by device number 2 - accelerator card
z
1
default rule in the IPv6 card
z
One 8-rule block has been allocated in the rule table on
the accelerator card
Number of rules per application:
Accel. Card(IPv6) ......... 1
Device rule space limit ... 1024
Splitting the rule allocation out on a per-application basis
z
1
default IPv6 rule
z
Total number of rules in the rule table on the accelerator
card
Profile Usage:
Profile #1:
IPv4 bytes used ......... 0 of 16
Other-Eth bytes used .... 6 of 16
Profile used to match on packets
z
Number of bytes being used in the profile for matching
IPv4 packets
z
Number of bytes being used in the profile for matching
non-IPv4 ethernet packets
2000
2000
The default mask
=
=
=
11111
0
1
0000 (in binary)
07D0 (in hexadecimal)
FF FF
which is
11111111
11111111
(in binary)
Command output
Description