Types of marking rules, How to create a packet marking rule – Avaya 3.7 User Manual
Page 194
Establishing security
194 Avaya VPNmanager Configuration Guide Release 3.7
Types of marking rules
Two kinds of packet marking rules can be created.
●
A rule can be made to examine the ToS field of a header and copy the existing mark to the
TOS field of the new packet, which is entering or exiting the VSU. This is known as
inheriting a mark.
●
A rule can be made to skip the ToS field, but examine the remaining fields of the header. If
a match is made, then the ToS field is appropriately marked.
How to create a packet marking rule
The Packet Filtering Policy wizard is used to create a Marking Rule. VPNmanager Console is
then used to update a specific VSU with the new rule. The different types of marks used in a
rule are briefly described in Step 7.
Before marking any packets, you must gather the information described in
. Basically,
the type of marks, type of packets, and the direction of packet flow (in and/or out of the VSU) is
needed to create a marking rule.
To create a packet marking rule:
1. Move to the Configuration Console window.
2. From the Contents column, select the VSU where the new rule has to be located.
3. From the GO menu, select Policy Manager, to open the Policy Manager window.
4. From the Type of Policy drop-down list, select Packet Filtering to view the Policy Manager
for Packet Filtering.
5. Click the Add button to start the Packet Filtering Policy Wizard.
Table 13: IP packet marking information
Item
Description
User defined marks
Identify which user defined marks are being
read by your routers.
Packet type associated with a
specific user defined mark
Examine the PFB rule associated with a
specific user defined mark to identify the type
of IP packet being marked.
Predefined marks
Identify which predefined marks are being read
by your routers.
Packet type associated with a
specific predefined mark
Examine the PFB rule associated with a
specific predefined mark to identify the type of
IP packet being marked.