Net Optics Director User Manual

Page 53

Advertising
background image

Director

49

Filter parameters

Switches and filters are defined using the filter add and filter ins commands. The filter add command syntax is:

filter ipv6=y add in_ports=<portlist> <filter_parameter_list> action=<redir|drop> redir_ports=<portlist>

The <filter_parameter_list> is a sequence of zero or more of the filter qualifiers as listed in the following table.

If the <filter_parameter_list> is empty, the filter add command specifies an aggregation of the traffic received on all of

the in_ports. If the action=redir, the aggregated traffic stream is regenerated to all of the redir_ports.

If the <filter_parameter_list> contains filters, aggregation and regeneration take place as described in the previous

paragraph. However, the filters are applied to the aggregated traffic stream before it is copied to the monitor ports. If

multiple filter qualifiers are specified, a packet must satisfy all of the filter qualifiers in order to be copied to the monitor

ports. In other words, the filter qualifiers are combined with a logical AND condition. A logical OR condition can be

created by using multiple filter add commands with identical port lists.

The filter add and filter ins commands define filters but do not activate them. A subsequent filter commit or commit

command must be executed to activate the filters. This mechanism enables an interrelated group of filters to be activated

simultaneously. It also allows you to double-check your filter definitions before you activate them. The commit command

also rewrites the default Director configuration (the defaultcfg file), while filter commit does not.

Note that IPv6 and IPv4 filters are maintained separately. It is important to include the "ipv6=y" argument when dealing

with IPv6 filters, and omit it when dealing with IPv4 filters.

It is also important to note that packets are filtered using a Content Addressable Memory or CAM. Each filter is a CAM

entry, and the CAM is filled in the order that the filter add commands are entered. Filter ins commands create filters

in specific locations in the CAM. When a packet is processed, the first filter in the CAM that matches the packet is the

only filter that is activated. Each packet can activate exactly zero or one filters. See Understand filter interactions

near the end of Chapter 3 for examples.

All supported filter qualifiers are shown in the table on the following page.

Advertising
Popular Brands
Popular manuals