Page 3 | AlliedWare™ OS How To Note: Hardware Filters
Creating dedicated hardware filters
Creating dedicated hardware filters
Before we get into the details of the filter creation, we need to look at the underlying packet
classification process.
Configuring packet classification
Dedicated hardware filters and QoS use the same packet classification process.
The basic construct in the classification process is a classifier. The syntax for creating a
classifier on the switch is:
CREate CLASSifier=
rule-id
[MACSaddr={
macadd
|ANY|DHCPSnooping}]
[MACDaddr={
macadd
|ANY}][MACSMask=
macadd
][MACDMask=
macadd
]
[MACType={L2Ucast|L2Mcast|L2Bcast|ANY}] [TPID={tpid|ANY}]
[VLANPriority={0..7|ANY}] [VLAN={
vlanname
|1..<VIDMaxUser>|ANY}]
[INNERTpid={tpid|ANY}] [INNERVLANPriority={0..7|ANY}]
[INNERVLANId={
vlanname
|1..4094|ANY}]
[ETHFormat={802.2-Tagged|802.2-Untagged|ETHII-Tagged|
ETHII-Untagged|NETWARERAW-Tagged|Netwareraw-untagged|
SNAP-Tagged|SNAP-Untagged|ANY}] [PROTocol={
protocoltype
|IP|IPV6|ANY}]
[IPDScp={
dscplist
|ANY}] [IPTOs={0..7|ANY}]
[IPSAddr={
ipaddmask
|ANY|DHCPSnooping}] [IPDAddr={
ipaddmask
|ANY}]
[IPPRotocol={TCP|UDP|ICMp|IGMp|OSPf|
ipprotocolnum
|ANY}]
[IPXDAddr={
ipxadd
|ANY}]
[IPXDSocket={NCP|SAP|RIP|NNB|DIAg|NLSp|IPXwan|
ipxsocketnum
|ANY}]
[IPXSSocket={NCP|SAP|RIP|NNB|DIAg|NLSp|IPXwan|
ipxsocketnum
|ANY}]
[TCPSport={
portid
|
port-range
|ANY}] [TCPDport={
portid
|
port-range
|ANY}]
[UDPSport={
portid
|
port-range
|ANY}] [UDPDport={
portid
|
port-range
|ANY}]
[L4SMask=
mask
] [L4DMask=
mask
] [L5BYTE01=
byteoffset,bytevalue
[,
bytemask
]]
[L5BYTE02=
byteoffset,bytevalue
[,
bytemask
]]
...
[L5BYTE16=
byteoffset
,
bytevalue
[,
bytemask
]]
[TCPFlags={{Urg|Ack|Rst|Syn|Fin}[,...]|ANY}]
[ICmptype={Any|ECHORply|Unreachable|Quench|Redirect|ECHO|ADvertisement|
Solicitation|TImeexceed|Parameter|TSTAMP|TSTAMPRply|INFOREQ|INFOREP|
ADDRREQ|ADDRREP|NAMEREq|NAMERPly|
icmp-type
}]
[ICMPCode={Any|FIlter|FRAGMent|FRAGReassm|HOSTComm|HOSTIsolated|HOSTPrec|
HOSTREdirect|HOSTRTos|HOSTTos|HOSTUNKnown|HOSTUNReach|NETComm|
NETREdirect|NETRTos|NETTos|NETUNKnown|NETUNReach|NOptr|POrtunreach|
PREcedent|PROtunreach|PTrproblem|Sourceroute|Ttl|
icmp-code
}]
[IGmptype={ANY|QUery|V1Report|DVmrp|PIMv1|CTRace|V2Report|V2Leave|
MCTRACEResponse|MCTRACE|V3Report|MRAdvert|MRSolicit|MRTermination|
igmp-
type
}]
[EIPBYTE01=
byteoffset,bytevalue
[,
bytemask
]]
[EIPBYTE02=
byteoffset,bytevalue
[,
bytemask
]]
...
[EIPBYTE16=
byteoffset,bytevalue
[,
bytemask
]]
From this, it can be seen that there are a large number of different attributes upon which
packets can be classified.
Most of these options are self-evident, but the following sections give more information
about the L4 mask and the “inner” options. For information about the other options, see the
Generic Classifier
chapter of the Software Reference.