Allied Telesis x900-24 series User Manual

Page 15 | AlliedWare™ OS How To Note: Hardware Filters

Example 2: ports 5004-5008

In some more complex situations, we may need more than one classifier to cover all the 
range we want to. Let’s take UDP destination ports between 5004-5008

According to the bolded bits, we may think that the changed bits are the last 5 bits so the 
mask should be 11111111 11100000. 

But remember that if we set the last 5 bits to 0, the mask will cover 2

5

 = 32 ports. But we 

want to cover only 5 ports, so let’s divide 5 into 4+1.

Now it is really easy to write the classifiers!

create class=1 udpdp=5004 l4dmask=FFFC

create class=2 udpdp=5008 

add swi hwfilt class=1,2 action=drop

Example 3: ports 333-777

A more complex situation, let’s try to write the classifiers for UDP ports between 333-777. 
As we are trying to get rid of odd numbers in the beginning of our port range, we will prefer 
to write classifiers for single port number for 333.

z

777-334+1 = 444 total number of port (+1 for including 333)

z

256 + 128 + 32 + 16 + 8 + 4 = 444 (7 classifiers)

z

7 classifiers + 1 classifier (for 333) = 8 classifiers

Now the question is how to locate these blocks. The short-cut to do that is, first, find the 
position of the biggest block, which is 256 for our example. 256 should fit into one of the 
following blocks:

5004

5005

5006

5007

5008

=

=

=

=

=

00010011 10001100 

00010011 10001101

00010011 10001110

00010011 10001111

00010011 10010000

5004

5005

5006

5007

5008

=

=

=

=

=

00010011 10001100 

00010011 10001101

00010011 10001110

00010011 10001111

00010011 10010000

4 ports

+

1 port

0

256

512

768

...

65280

-

-

-

-

-

255

512

767

1024

65536