Allied Telesis SwitchBlade x900-24XT User Manual

C613-16119-00 REV Dwww.alliedtelesis.comAlliedWare PlusTM OSHow To |ContentsContents ...

Page 10 | AlliedWare Plus™ OS How To NoteCreating Numbered IP Hardware ACLsTCP and UDP packetsYou can filter TCP and UDP packets on the basis of: sou

Page 11 | AlliedWare Plus™ OS How To NoteCreating Numbered MAC address Hardware ACLsCreating Numbered MAC address Hardware ACLsMAC address hardware AC

Page 12 | AlliedWare Plus™ OS How To NoteThe effects of the action keywords in ACLsThe effects of the action keywords in ACLsThe following lists the e

Page 13 | AlliedWare Plus™ OS How To NoteApplying Named Sequential Hardware Filters to port interfacesApplying Named Sequential Hardware Filters to po

Page 14 | AlliedWare Plus™ OS How To NoteApplying Named Sequential Hardware Filters to a channel-groupApplying Named Sequential Hardware Filters to a

Page 15 | AlliedWare Plus™ OS How To NoteApplying Numbered Hardware Filters to port interfacesApplying Numbered Hardware Filters to port interfaces Yo

Page 16 | AlliedWare Plus™ OS How To NoteApplying Numbered Hardware Filters globallyApplying Numbered Hardware Filters globally You can apply Numbered

Page 17 | AlliedWare Plus™ OS How To NoteChanging Numbered Hardware ACL orderChanging Numbered Hardware ACL orderUnlike Named Sequential Hardware ACLs

Page 18 | AlliedWare Plus™ OS How To NoteApplying filters by using QoS class-mapsApplying filters by using QoS class-mapsThe addition of QoS class-map

Page 19 | AlliedWare Plus™ OS How To NoteApplying filters by using QoS class-maps2. Create the class-map, as shown below.3. Specify what the class-map

Page 2 | AlliedWare Plus™ OS How To NoteContentsApplying Named Sequential Hardware Filters to a channel-group ...

Page 20 | AlliedWare Plus™ OS How To NoteApplying filters by using QoS class-mapsMost of these options are self-evident, but the following sections gi

Page 21 | AlliedWare Plus™ OS How To NoteApplying filters by using QoS class-mapsMatch on TCP flagUnlike other match commands, you can match on multip

Page 22 | AlliedWare Plus™ OS How To NoteApplying filters by using QoS class-mapsProtocol options are also extremely flexible. You can identify common

Page 23 | AlliedWare Plus™ OS How To NoteThe logic of the operation of the hardware filtersThe logic of the operation of the hardware filtersFilter op

Page 24 | AlliedWare Plus™ OS How To NoteCombining interface ACLs and QoS class-mapsCombining interface ACLs and QoS class-mapsThe switch compares the

Page 25 | AlliedWare Plus™ OS How To NoteExamplesExamplesBlocking all multicast trafficThis example uses an interface ACL with an action of deny.Consi

Page 26 | AlliedWare Plus™ OS How To NoteExamples3. Attach the ACLs to the port (for example, 1.0.10). You must first attach the permit ACL, then the

Page 27 | AlliedWare Plus™ OS How To NoteExamples2. Create ACLs to match and mirror HTTP and SMTP traffic. To do this, return to global configuration

Page 28 | AlliedWare Plus™ OS How To NoteExamples3. Create a class-map that matches on ARP traffic and uses the ACL. To do this, use the commands:awpl

Page 29 | AlliedWare Plus™ OS How To NoteExamples3. Create a second class-map that matches on packets that have only the SYN flag set. Use the ACL to

Page 3 | AlliedWare Plus™ OS How To NoteIntroductionIntroductionThe SwitchBlade x908, x900-12XT/S, and x900-24 series switches support a powerful hard

Page 30 | AlliedWare Plus™ OS How To NoteExamples7. Attach the Named Sequential Hardware ACLs to the port (for example, 1.0.9). To do this, use the co

Page 31 | AlliedWare Plus™ OS How To NoteHow many filters can you create?How many filters can you create?The total number of filters that you can crea

Page 32 | AlliedWare Plus™ OS How To NoteHow many filters can you create?on them. In this mixed-configuration case, the global ACLs actually consume m

Page 33 | AlliedWare Plus™ OS How To NoteHow many filters can you create?Add a local ACL to port 2 (implicitly 'after' the global ACL refere

Page 34 | AlliedWare Plus™ OS How To NoteHow many filters can you create?The allocation of silicon filter table entries Conceptually, the allocation o

Page 35 | AlliedWare Plus™ OS How To NoteHow many filters can you create?About port range table entry consumption:A single filter table entry for an L

Page 36 | AlliedWare Plus™ OS How To NoteHow many filters can you create?Divide the total number of the ports you want to cover into a sum of powers o

Page 37 | AlliedWare Plus™ OS How To NoteHow many filters can you create?field types to filter on. However, more bytes are filled within the mask when

Page 38 | AlliedWare Plus™ OS How To NoteHow many filters can you create?if you next make an ACL that matches on destination TCP or UDP port, that use

Page 39 | AlliedWare Plus™ OS How To NoteHow many filters can you create?Some other features also use filters, so use some of the lengthThe following

Page 4 | AlliedWare Plus™ OS How To NoteIntroductionWhich products and software versions does this Note apply to? Products: SwitchBlade x908, x900-12

USA Headquarters | 19800 North Creek Parkway | Suite 100 | Bothell | WA 98011 | USA | T: +1 800 424 4284 | F: +1 425 481 3895European Headquarters | V

Page 5 | AlliedWare Plus™ OS How To NoteBenefits of Named Sequential Hardware ACLsBenefits of Named Sequential Hardware ACLsThe recommended ACL type t

Page 6 | AlliedWare Plus™ OS How To NoteStructure of a Named Sequential Hardware ACLStructure of a Named Sequential Hardware ACLA Named Sequential Har

Page 7 | AlliedWare Plus™ OS How To NoteCreating Named Sequential Hardware ACLsCreating Named Sequential Hardware ACLsThe first step to configuring a

Page 8 | AlliedWare Plus™ OS How To NoteCreating Named Sequential Hardware ACLsThe entry with sequence number 5 is now removed from the ACL:#show acce

Page 9 | AlliedWare Plus™ OS How To NoteCreating Numbered IP Hardware ACLsCreating Numbered IP Hardware ACLsIP hardware ACLs filter packets from the f