Introduction to filtering, Mac address filtering, 3introduction to filtering – Perle Systems IOLINK-520 User Manual

Introduction to Filtering

IOLINK-520 & IOLINK-PRO Installation & Applications Guide — 3. 1

3

Introduction

to Filtering

The IOLINK-520 & IOLINK-PRO provide programmable filtering which gives you the

ability to control under what conditions Ethernet frames are forwarded from one network

to another. There are many reasons why this might need to be accomplished, some of

which are security, protocol discrimination, bandwidth conservation, and general

restrictions.

Filtering may be accomplished by using two different methods. The first method is to filter

or forward frames based solely on their source or destination MAC address. This method

of filtering is useful when bridging between LANs and for providing remote access security

in any type of network. The Ethernet MAC (Media Access Control) address is checked

against the addresses in the filtering list and the frame is filtered or forwarded accordingly.

The second method of filtering is pattern filtering where each frame is checked against a

filter pattern. The filter pattern may be defined to perform a check of any portion of the

Ethernet frame. Separate filter patterns may be defined for bridged frames, IP routed

frames, and IPX routed frames.

For more information on filtering, please refer to the Programmable Filtering section of the

IOLINK-520 & IOLINK-PRO Reference Manual located on the accompanying CD-ROM.

MAC Address Filtering

MAC address filtering is provided by three built-in functions.

The first function is “Filter if Source”; the second is “Filter if Destination.” The third

function allows you to change the filter operation from “positive” to “negative.” The

positive filter operation causes frames with the specified MAC addresses to be filtered. The

negative filter operation causes frames with the specified MAC addresses to be forwarded.

You may easily prevent any station on one segment from accessing a specific resource on

the other segment; for this, “positive” filtering and the use of “Filter if Destination” would

be appropriate. If you want to disallow a specific station from accessing any service, “Filter

if Source” could be used.

You may easily prevent stations on one segment from accessing all but a specific resource

on the other segment; for this, “negative” filtering and the use of “Forward if Destination”

would be appropriate. If you want to disallow all but one specific station from accessing any

service on the other segment, the use of “Forward if Source” could be used.