Avaya P3343T-ML Manuel D’Utilisation
Chapter 11 Avaya P330 Layer 2 Features
Avaya P334T-ML User’s Guide
111
Multilayer Policy
Multilayer Policy is a set of features for enforcing QoS and Access Control policy on
routed and switched packets. One of its major goals is supporting Differentiated
Services for Avaya VoIP solutions.
routed and switched packets. One of its major goals is supporting Differentiated
Services for Avaya VoIP solutions.
About Multilayer Policy
Multilayer Policy is enforced on the 10/100 Mbps ports of a P334T-ML module. In
general, Multilayer Policy consists of the following parts:
•
general, Multilayer Policy consists of the following parts:
•
Policy Lists — groupings of Access lists, DSCP-to-COS maps, and Trust mode
attributes.
attributes.
•
Access Lists — ordered lists of classification rules applied to frames received
and action pairs determining how they are to be handled.
and action pairs determining how they are to be handled.
•
DSCP-to-COS Maps — mapping function that set the frame 802.1p priority
according to its DSCP value.
according to its DSCP value.
•
Trust Modes — policy-list attribute; either “untrusted,” “trust-COS,” or
“trust-DSCP.”
“trust-DSCP.”
Access Lists
Access Lists (ACL) are at the center of Multilayer Policy. Typically, users specify
their classification demands by defining Access Lists. An Access List is an ordered
list of classification rules and actions. For each frame received by the system, the
Multilayer Policy application tries the classification rules—one-by-one—and
executes the action associated with the first rule that matches.
Rules are based on the following properties:
•
their classification demands by defining Access Lists. An Access List is an ordered
list of classification rules and actions. For each frame received by the system, the
Multilayer Policy application tries the classification rules—one-by-one—and
executes the action associated with the first rule that matches.
Rules are based on the following properties:
•
IP:IP version 4 packets with specific source and destination addresses (+
wildcards)
wildcards)
•
IP version 4 packets with a specific protocol number – 0 to 255 – with specific
source and destination addresses (+ wildcards).
source and destination addresses (+ wildcards).
•
TCP:TCP/IPv4 packets with specific source and destination addresses (+
wildcards) and source and destination ports (+port ranges). The keyword
“established” enables “permit” for TCP packets with “ack” flag set. E.g., this
will not allow matching packets that open TCP connections.
wildcards) and source and destination ports (+port ranges). The keyword
“established” enables “permit” for TCP packets with “ack” flag set. E.g., this
will not allow matching packets that open TCP connections.
•
UDP:UDP/IPv4 packets with specific source and destination addresses (+
wildcards) and source and destination ports (+ port ranges).
wildcards) and source and destination ports (+ port ranges).
Actions supported include:
•
•
permit – allows the packet through
•
deny – drops the packet
•
deny-and-notify – drops the packet and sends an SNMP trap
•
fwd0, fwd1 .... fwd7 – assigns priority to the packet