beautypg.com

Understand pending and active filters – Net Optics Smart Filtering none User Manual

Page 40

background image

36

*** Confidential - DO NOT Distribute ***

Director

Understand pending and active filters

To understand the actions of filter commands such as filter commit, filter discard, and filter delete, it is helpful to

visualize the pending filter list and the CAM that holds the active filters.

The previous section explained how the active filters are stored in a CAM, which can be thought of as list of active

filters. These filters, which are actively running in the device, may be referred to as active, running, or committed.

Pending filters, that is, filters that have been defined using filter add and filter ins commands but not yet committed,

are kept in a pending filter list that shadows the CAM. These filters may be referred to as pending or uncommitted. The

following table shows which filter commands affect the pending filter list and which affect the CAM.

Commands apply to

Pending filter list

CAM

filter add
filter del
filter discard
filter ins
filter list
filter sync

commit
filter clear
filter commit
filter running

As can be seen from the table, most of the time you work with the contents of the pending filter list. When you have

the filters set up the way you want them in the pending filter list, a commit or filter commit command transfers the

contents of the pending filter list to the CAM, activating that filter set-up.

A common workflow for changing the Director filter configuration might be as follows.
To change the Director filter configuration:

Pending filter list

Address

Filter

CAM

Address

Filter

1

n1.1 ip_proto=UDP action=drop

2

n1.1 m.1

Starting state

Figure 39:

Enter

1.

filter running to view the currently active filters in the CAM.

Net Optics> filter running

001 ip_src=00000000/ffffffff,ip_dst=00000000/ffffffff,ip_proto=0017

l4_src_port=0000,l4_dst_port=0000,vlan=0000,action=1

in_ports=00

002 ip_src=00000000/ffffffff,ip_dst=00000000/ffffffff,ip_proto=0000

l4_src_port=0000,l4_dst_port=0000,vlan=0000,action=3

in_ports=00

redir_ports=12

Net Optics>

Filter running command

Figure 40:

Enter

2.

filter sync. The contents of the CAM are copied to the pending filter list.

See also other documents in the category Net Optics Hardware: