Allied Telesis x900-24 series user manual

User manual for the device Allied Telesis x900-24 series

Device: Allied Telesis x900-24 series
Category: Switch
Manufacturer: Allied Telesis
Size: 0.18 MB
Added : 3/12/2013
Number of pages: 18
Print the manual

Download

How to use this site?

Our goal is to provide you with a quick access to the content of the user manual for Allied Telesis x900-24 series. Using the online preview, you can quickly view the contents and go to the page where you will find the solution to your problem with Allied Telesis x900-24 series.

For your convenience

If looking through the Allied Telesis x900-24 series user manual directly on this website is not convenient for you, there are two possible solutions:

  • Full Screen Viewing - to easily view the user manual (without downloading it to your computer), you can use full-screen viewing mode. To start viewing the user manual Allied Telesis x900-24 series on full screen, use the button Fullscreen.
  • Downloading to your computer - You can also download the user manual Allied Telesis x900-24 series to your computer and keep it in your files. However, if you do not want to take up too much of your disk space, you can always download it in the future from ManualsBase.
Allied Telesis x900-24 series User manual - Online PDF
Advertisement
« Page 1 of 18 »
Advertisement
Print version

Many people prefer to read the documents not on the screen, but in the printed version. The option to print the manual has also been provided, and you can use it by clicking the link above - Print the manual. You do not have to print the entire manual Allied Telesis x900-24 series but the selected pages only. paper.

Summaries

Below you will find previews of the content of the user manuals presented on the following pages to Allied Telesis x900-24 series. If you want to quickly view the content of pages found on the following pages of the manual, you can use them.

Abstracts of contents
Summary of the content on the page No. 1

TM
AlliedWare OS
How To | Configure Hardware Filters on AT-9900, x900-48,
and x900-24 Series Switches
Introduction
The AT-9900, x900-48, and x900-24 series switches support a powerful hardware based
packet-filtering facility.
These switches can filter on a range of Layer 2, Layer 3, and Layer 4 packet attributes, and
perform a variety of different actions on the packets that match the filters.
Because the filters are hardware-based, they put no load on the CPU of the switch, and have
no affe

Summary of the content on the page No. 2

Introduction What information will you find in this document? This document contains the following: Introduction .............................................................................................................................................. 1 Which products and software versions does this information apply to? ............................ 2 Creating dedicated hardware filters .................................................................................................... 3 Con

Summary of the content on the page No. 3

Creating dedicated hardware filters Creating dedicated hardware filters Before we get into the details of the filter creation, we need to look at the underlying packet classification process. Configuring packet classification Dedicated hardware filters and QoS use the same packet classification process. The basic construct in the classification process is a classifier. The syntax for creating a classifier on the switch is: CREate CLASSifier=rule-id [MACSaddr={macadd|ANY|DHCPSnooping}] [MACDad

Summary of the content on the page No. 4

Creating dedicated hardware filters Configuring Layer 4 source and destination port number masks A common filtering requirement is the ability to filter on a range of TCP or UDP port numbers. For example, we often want to be able to allow through all packets with a TCP destination port greater than 1024, as such packets are deemed to be replies coming back to sessions initiated from the other side of the switch.The l4smask and l4dmask parameters make it possible for a single classifier to ma

Summary of the content on the page No. 5

Creating dedicated hardware filters When packets arrive at a customer port of a nested VLAN, the “inner” parameters will match the attributes of the first tag in the packets. This is because when the packet is forwarded from the core port, that first tag will have become the inner tag. So, from the point of view of the nested VLAN, the tag that is on the packet when it arrives into the customer port is the inner tag. When nested VLANs are disabled, and “inner” parameters have been configur

Summary of the content on the page No. 6

Creating dedicated hardware filters The logic of the operation of the hardware filters The operation of the filters follows the standard ACL logic: if a packet matches an filter, the comparison process stops and the action attached to the filter is performed. If a packet fails to match any of the filters, then the default action (forward) is taken. Note: Hardware filters will act on packets that are destined for the switch itself (packets that would be passed up to the switch's own CPU) in ex

Summary of the content on the page No. 7

Combining hardware filters and QoS Combining hardware filters and QoS The switch compares the packet with every hardware filter before it compares the packet with any QoS flow group. If the packet matches a hardware filter, the switch takes the action specified by that hardware filter and stops the comparison process. If a packet matches both a hardware filter and a QoS flow group, the packet only gets matched against the hardware filter. It bypasses the QoS process. If the hardware filter

Summary of the content on the page No. 8

How many filters can you create? Extra rules used when combining QoS and hardware filters In fact, QoS can cause the limit on the number of hardware filters to be reduced rather more radically than might be initially evident. To see why this is, we have to understand a bit more about how the rule table is used. When a packet is to be compared against rules in the rule table, the comparison does not have to start at the top of the table—it can start at other points in the table. The decision

Summary of the content on the page No. 9

How many filters can you create? The following figure shows the copies of these rules. 1 Rule 1 Port Start 11 2 Rule 2 2 1 3 Rule 3 3 1 4 Rule 4 49 5 59 6 6 1 7 ... ... 8 ... ... 9 Copy of rule 1 10 Copy of rule 2 11 Copy of rule 3 12 Copy of rule 4 13 QoS rule #1 52114 QoS rule #2 Table that maps ingress port Rule table to the starting point of the rule comparison process When a QoS policy has been applied to ports 4 and 5, all the hardware filter rules have to be replicated further down in t

Summary of the content on the page No. 10

How many filters can you create? Protocol type—2 bytes Ethernet format—2 bytes VLAN ID—2 bytes IP protocol type (TCP, UDP, etc)—1 byte source IP address—4 bytes destination IP address—4 bytes TCP port number—2 bytes UDP port number—2 bytes DSCP—1 byte For example, if you make a hardware filter that matches on destination IP address and source TCP port, this adds 7 bytes to the mask: 1 byte for the IP protocol field (to indicate TCP) 4 bytes for the destination IP address 2 bytes for the source

Summary of the content on the page No. 11

How many filters can you create? Okay length For example, this set of filters would work: source MAC address source UDP port destination IP address + destination TCP port The total number of bytes for the switch to check in a packet would be: source MAC address + IP protocol type + source TCP/UDP port + destination IP address + destination TCP/UDP port = 6 + 1 + 2 + 4 + 2 = 15 bytes Too long But this set of filters would not work: source MAC address destination MAC address destination IP addres

Summary of the content on the page No. 12

How many filters can you create? How to see the current filter resource usage on the switch The show switch command outputs a number of counters that display the current usage of filtering resources. A typical output from this command, and a discussion of each of the values it outputs, is shown below: Command output Description Traffic Control Unit,hardware Total number of classifiers/filter rules available in the system. resource usage: This is the sum of the rules available on the base sys

Summary of the content on the page No. 13

Appendix A: How to use the layer 4 mask in classifiers Command output Description Profile #1: Profile used to match on packets Number of bytes being used in the profile for matching IPv4 bytes used ......... 3 of 16 IPv4 packets Other-Eth bytes used .... 5 of 16 Number of bytes being used in the profile for matching non-IPv4 ethernet packets Device Resource, device #1: Resources used by device number 2 - accelerator card 1 default rule in the IPv6 card Number of rules used ........ 1 One 8

Summary of the content on the page No. 14

Appendix A: How to use the layer 4 mask in classifiers Example 1: ports 2000-2003 Let’s say we want to have a UDP port range of 2000-2003, then the mask we need to have is: 2000 = 00010011 10001100 2001 = 00010011 10001101 2002 = 00010011 10001110 2003 = 00010011 10001111 The changed bits from 2000-2003 are bolded. We must now write a L4 mask which will meet these requirements. The easiest way to do is, we must set the changed bits (between 2000 and 2003) in the mask to 0. In our example, the

Summary of the content on the page No. 15

Appendix A: How to use the layer 4 mask in classifiers Example 2: ports 5004-5008 In some more complex situations, we may need more than one classifier to cover all the range we want to. Let’s take UDP destination ports between 5004-5008 5004 = 00010011 10001100 5005 = 00010011 10001101 5006 = 00010011 10001110 5007 = 00010011 10001111 5008 = 00010011 10010000 According to the bolded bits, we may think that the changed bits are the last 5 bits so the mask should be 11111111 11100000. 5 But r

Summary of the content on the page No. 16

Appendix A: How to use the layer 4 mask in classifiers So our biggest block fits into the range 512-767. The next second biggest block is 128 in our example … it should fit into 384-511. ... 256 - 383 384 - 511 ... ... With these 2 blocks, we cover from 384-767. If we keep repeating the same procedure for the other blocks, we get the commands in the following table. In some of the cases, the blocks need to be divided into smaller blocks. In our example, instead of having a single block of 4,

Summary of the content on the page No. 17

Appendix A: How to use the layer 4 mask in classifiers The following table shows the port ranges for the largest blocks. L4 mask: FC00 F800 F000 E000 C000 8000 0000 number of ports: 1024 2048 4096 8192 16384 32768 65536 00 00 00 0 1024 2048 4096 8192 16384 32768 65536 2048 4096 8192 16384 32768 65536 3072 6144 12288 24576 49152 4096 8192 16384 32768 65536 5120 10240 20480 40960 6144 12288 24576 49152 7168 14336 28672 57344 8192 16384 32768 65536 9216 18432 36864 10240 20480 40960 11264 22528

Summary of the content on the page No. 18

L4 mask: FC00 F800 F000 E000 C000 8000 0000 number of ports: 1024 2048 4096 8192 16384 32768 65536 49152 50176 51200 52224 53248 54272 55296 56320 57344 58368 59392 60416 61440 62464 63488 64512 65536 USA Headquar ters | 19800 Nor th Cr eek Parkwa y | Suite 200 | Bothell | WA 98011 | USA | T: +1 800 424 4284 | F: +1 425 481 3895 Eur opean Headquar ters | Via Motta 24 | 6830 Chiasso | Switzerland | T: +41 91 69769.00 | F: +41 91


Alternative user manuals
# User manual Category Download
1 Allied Telesis 24i User manual Switch 24
2 Allied Telesis AT -8000S/24 User manual Switch 182
3 Allied Telesis 8100S User manual Switch 28
4 Allied Telesis 4000 Series User manual Switch 9
5 Allied Telesis 48W User manual Switch 5
6 Allied Telesis AT -8000S/48 User manual Switch 33
7 Allied Telesis 86241-06 User manual Switch 0
8 Allied Telesis 613-001480 User manual Switch 4
9 Allied Telesis 8PS User manual Switch 1
10 Allied Telesis AT-8100L/8POE User manual Switch 3
11 Allied Telesis AT-8100S/24F-LC User manual Switch 0
12 Allied Telesis AT-8000GS/48 User manual Switch 34
13 Allied Telesis AT-8100S/16F8-SC User manual Switch 3
14 Allied Telesis AT-8100S/16F8-LC User manual Switch 0
15 Allied Telesis AT-8100S/48 User manual Switch 6
16 Sony 4-296-436-11 (2) User manual Switch 0
17 3Com 10/100BASE-TX User manual Switch 61
18 3Com 2226-SFP User manual Switch 688
19 3Com 16985ua.bk User manual Switch 10
20 3Com 10BASE-T User manual Switch 4