Allied Telesis x900-24 series User Manual
Page 3 | AlliedWare™ OS How To Note: Hardware Filters
Creating dedicated hardware filters
Creating dedicated hardware filters
Before we get into the details of the filter creation, we need to look at the underlying packet
classification process.
classification process.
Configuring packet classification
Dedicated hardware filters and QoS use the same packet classification process.
The basic construct in the classification process is a classifier. The syntax for creating a
classifier on the switch is:
classifier on the switch is:
CREate CLASSifier=rule-id
[MACSaddr={macadd|ANY|DHCPSnooping}]
[MACDaddr={macadd|ANY}][MACSMask=macadd][MACDMask=macadd]
[MACType={L2Ucast|L2Mcast|L2Bcast|ANY}] [TPID={tpid|ANY}]
[VLANPriority={0..7|ANY}] [VLAN={vlanname|1..<VIDMaxUser>|ANY}]
[INNERTpid={tpid|ANY}] [INNERVLANPriority={0..7|ANY}]
[INNERVLANId={vlanname|1..4094|ANY}]
[ETHFormat={802.2-Tagged|802.2-Untagged|ETHII-Tagged|
ETHII-Untagged|NETWARERAW-Tagged|Netwareraw-untagged|
SNAP-Tagged|SNAP-Untagged|ANY}] [PROTocol={protocoltype|IP|IPV6|ANY}]
[IPDScp={dscplist|ANY}] [IPTOs={0..7|ANY}]
[IPSAddr={ipaddmask|ANY|DHCPSnooping}] [IPDAddr={ipaddmask|ANY}]
[IPPRotocol={TCP|UDP|ICMp|IGMp|OSPf|ipprotocolnum|ANY}]
[IPXDAddr={ipxadd|ANY}]
[IPXDSocket={NCP|SAP|RIP|NNB|DIAg|NLSp|IPXwan|ipxsocketnum|ANY}]
[IPXSSocket={NCP|SAP|RIP|NNB|DIAg|NLSp|IPXwan|ipxsocketnum|ANY}]
[TCPSport={portid|port-range|ANY}] [TCPDport={portid|port-range|ANY}]
[UDPSport={portid|port-range|ANY}] [UDPDport={portid|port-range|ANY}]
[L4SMask=mask] [L4DMask=mask] [L5BYTE01=byteoffset,bytevalue[,bytemask]]
[L5BYTE02=byteoffset,bytevalue[,bytemask]]
...
[L5BYTE16=byteoffset,bytevalue[,bytemask]]
[TCPFlags={{Urg|Ack|Rst|Syn|Fin}[,...]|ANY}]
[ICmptype={Any|ECHORply|Unreachable|Quench|Redirect|ECHO|ADvertisement|
Solicitation|TImeexceed|Parameter|TSTAMP|TSTAMPRply|INFOREQ|INFOREP|
ADDRREQ|ADDRREP|NAMEREq|NAMERPly|icmp-type}]
[ICMPCode={Any|FIlter|FRAGMent|FRAGReassm|HOSTComm|HOSTIsolated|HOSTPrec|
HOSTREdirect|HOSTRTos|HOSTTos|HOSTUNKnown|HOSTUNReach|NETComm|
NETREdirect|NETRTos|NETTos|NETUNKnown|NETUNReach|NOptr|POrtunreach|
PREcedent|PROtunreach|PTrproblem|Sourceroute|Ttl|
icmp-code}]
[IGmptype={ANY|QUery|V1Report|DVmrp|PIMv1|CTRace|V2Report|V2Leave|
MCTRACEResponse|MCTRACE|V3Report|MRAdvert|MRSolicit|MRTermination|igmp-
type}]
[EIPBYTE01=byteoffset,bytevalue[,bytemask]]
[EIPBYTE02=byteoffset,bytevalue[,bytemask]]
...
[EIPBYTE16=byteoffset,bytevalue[,bytemask]]
From this, it can be seen that there are a large number of different attributes upon which
packets can be classified.
packets can be classified.
Most of these options are self-evident, but the following sections give more information
about the L4 mask and the “inner” options. For information about the other options, see the
Generic Classifier chapter of the Software Reference.
about the L4 mask and the “inner” options. For information about the other options, see the
Generic Classifier chapter of the Software Reference.