Nortel Networks 2000 Manual De Usuario
282 Chapter 4 Policy-enabled networks
208700-B
For example, to configure a policy that changes the IEEE 802.1p priority and drop
precedence of traffic belonging to VLAN 100 received on untrusted ports that are
associated with a specific role combination (or interface group), you would need
the following two filters:
precedence of traffic belonging to VLAN 100 received on untrusted ports that are
associated with a specific role combination (or interface group), you would need
the following two filters:
•
A layer 2 filter that changes the DSCP, IEEE 802.1p priority, and drop
precedence of IP traffic in VLAN 100
precedence of IP traffic in VLAN 100
•
A layer 2 filter that changes IEEE 802.1p priority and drop precedence of all
types of traffic (both IP and non-IP) in VLAN 100
types of traffic (both IP and non-IP) in VLAN 100
The layer 2 filter is able to match against multiple layer 3 protocols. Otherwise,
numerous layer 2 filters would be necessary to match against all non-IP traffic.
The first filter identifies IP traffic, and the second filter matches everything else
for VLAN 100. Because the first filter is installed on an untrusted port, it must
change the DSCP, IEEE 802.1p priority, and drop precedence of the matching IP
traffic.
numerous layer 2 filters would be necessary to match against all non-IP traffic.
The first filter identifies IP traffic, and the second filter matches everything else
for VLAN 100. Because the first filter is installed on an untrusted port, it must
change the DSCP, IEEE 802.1p priority, and drop precedence of the matching IP
traffic.
For trusted ports, you also need two layer 2 filters. However, the actions will not
re-mark the fields. Layer 2 filters that do not match IP traffic pass the traffic
through untouched. With layer 2 filters that match IP traffic, the hardware matches
the fields using mapping tables you configure (or uses the preset default tables,
which Nortel Networks recommends).
re-mark the fields. Layer 2 filters that do not match IP traffic pass the traffic
through untouched. With layer 2 filters that match IP traffic, the hardware matches
the fields using mapping tables you configure (or uses the preset default tables,
which Nortel Networks recommends).
for more information on layer 2 traffic, either IP or non-IP, and
trusted, untrusted, or unrestricted ports.
Ports
BPS 2000 ports are classified into three categories: trusted, untrusted, and
unrestricted ports. These three categories are also referred to as interface classes.
In your network, trusted ports are usually connected to the core of the DiffServ
network, and untrusted ports are typically access links that are connected to end
stations. Unrestricted ports can be either access links or connected to the core
network.
unrestricted ports. These three categories are also referred to as interface classes.
In your network, trusted ports are usually connected to the core of the DiffServ
network, and untrusted ports are typically access links that are connected to end
stations. Unrestricted ports can be either access links or connected to the core
network.
Note:
Layer 2 filters should have the same evaluation order (or
precedence order) as shown in this example to ensure that IP traffic will
be treated properly.
be treated properly.