Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 1257
Brocade Mobility RFS Controller CLI Reference Guide
1249
53-1003098-01
25
Sets the match clauses
Each route map entry has a set of match clauses used to segregate and filter packets. Packets can
be segregated using any one of the following criteria:
•
IP Access List - A typical IP ACL can be used for routing traffic. The mark and log actions in ACL
rules however are neglected. Route-map entries have separate logging. Only one ACL can be
configured per route map entry.
ACL rules configured under route map entries merge to create a single ACL. Route map
precedence values determine the prioritization of the rules in this merged ACL. An IP DSCP
value is also added to the ACL rules.
•
IP DSCP - Packet filtering can be performed by traffic class, as determined from the IP
Differentiated Services Code Point (DSCP) field. One DSCP value can be configured per route
map entry. If IP ACLs on a WLAN, ports or SVI mark packets, the new/marked DSCP value is
used for matching.
•
Incoming WLAN - Packets can be filtered on the basis of the incoming WLAN. Depending on
whether the receiving device has an onboard radio or not, the following two scenarios are
possible:
•
Device with an onboard radio: If a device having an onboard radio and capable of PBR
receives a packet on a local WLAN, this WLAN is used for selection.
•
Device without an onboard radio: If a device, without an onboard radio, capable of PBR
receives a packet from an extended VLAN, it passes the WLAN information in the MiNT
packet to the PBR router. The PBR router uses this information as match criteria.
•
Client role - The client role can be used as match criteria, similar to a WLAN. Each device has to
agree on a unique identifier for role definition and pass the same MINT tunneled packets.
•
Incoming SVI - A source IP address qualifier in an ACL typically satisfies filter requirements. But
if the source host (where the packet originates) is multiple hops away, the incoming SVI can be
used as match criteria. In this context the SVI refers to the device interface performing PBR,
and not to the source device.
The action taken for filtered packets is determined by the mark (action) clauses. If no action is
defined, the default is to fallback to destination-based routing for packets satisfying the match
criteria. For more information on configuring mark clauses, see
. And for more information on
fallback action, see
.
Supported in the following platforms:
•
Access Points — Brocade Mobility 650 Access Point, Brocade Mobility 6511 Access Point,
Brocade Mobility 1220 Access Point, Brocade Mobility 71XX Access Point, Brocade
Mobility 1240 Access Point
•
Wireless Controllers — Brocade Mobility RFS4000, Brocade Mobility RFS6000, Brocade
Mobility RFS7000
•
Service Platforms — Brocade Mobility RFS9510
Syntax:
match [incoming-interface|ip|ip-access-list|wireless-client-role|wlan]
match incoming-interface [<ROUTER-IF-NAME>|pppoe1|vlan <1-4094>|wwan1]
match ip dscp <0-63>
match ip-access-list <IP-ACCESS-LIST-NAME>
match wireless-client-role <ROLE-POLICY-NAME> <ROLE-NAME>
match wlan <WLAN-NAME>