beautypg.com

Classifier overview – Allied Telesis AT-S63 User Manual

Page 284

background image

Chapter 14: Classifiers

284

Section II: Advanced Operations

Classifier Overview

A classifier defines a traffic flow. A traffic flow consists of packets that
share one or more characteristics. A traffic flow can range from being very
broad to very specific. An example of the former might be all IP traffic
while an example of the latter could be packets with specific source and
destination MAC addresses.

A classifier contains a set of criteria you configure to match the traffic flow
you want the classifier to define. Examples of the variables include source
and destination MAC addresses, source and destination IP addresses, IP
protocols, source and destination TCP and UDP ports numbers, and so
on. You can also specify more than one criteria within a classifier to make
the definition of the traffic flow more specific. Some of the variables you
can mix-and-match, but there are restrictions, as explained later in this
section in the descriptions of the individual variables.

By itself, a classifier does not perform any action or produce any result
because it lacks instructions on what a port should do when it receives a
packet that belongs to the defined traffic flow. Rather, the action is
established outside the classifier. As a result, you will never use a
classifier by itself.

There are two AT-S63 features that use classifiers. They are:

ˆ

Access control lists (ACL)

ˆ

Quality of Service (QoS) policies

As explained in Chapter 15, “Access Control Lists” on page 303, an ACL
filters ingress packets on a port by controlling which packets a port will
accept and reject. You can use this feature to improve the security of your
network or enhance network performance by creating network paths or
links dedicated to carrying specific types of traffic.

When you create an ACL you must specify the traffic flow you want the
ACL to control. You do that by creating one or more classifiers and adding
the classifiers to the ACL. The action that the port takes when an ingress
packet matches the traffic flow specified by a classifier is contained in the
ACL itself. The action will be to either accept packets of the traffic flow or
discard them.

The other feature that uses classifiers is Quality of Service (QoS) policies.
You can use this feature to regulate the various traffic flows that pass
through the switch. For instance, you might raise or lower their user
priority values or increase or decrease their allotted bandwidths.

As with an ACL, you specify the traffic flow of interest by creating one or
more classifiers and applying them to a QoS policy. The action to be taken
by a port when it receives a packet that corresponds to the prescribed flow