beautypg.com

Packet types, Packet types 304 – Enterasys Networks CSX6000 User Manual

Page 304

background image

USER’S GUIDE

304 CyberSWITCH

Because the Packet Types within the conditions specify both source and destination address
information, Global application may often be sufficient to filter IP traffic across the entire system.
However, the Input, Output and User-Based application points are defined in case the
administrator needs to apply a finer level of filtering which cannot be obtained on a Global basis.

Example: order of execution of filter application points

Application to Network Interfaces

A forwarding filter is

applied to an IP Network Interface

through the IP Interface configuration. A filter

may be applied to both the input and output stages of the Network Interface.

It is important to note that the Unnumbered WAN Interface which appears in the IP Interface
configuration is simply the enabling condition for operation with unnumbered WAN links. The
actual unnumbered Network Interfaces are created dynamically at run-time, with the name of the
remote WAN device providing the unique identifier for the Interface. Consequently, when a filter
is applied to the externally visible Unnumbered WAN Interface, it will apply to all dynamic
unnumbered interfaces which are created internally at run-time. If it desired to apply a filter to a
specific unnumbered interface, this can be accomplished by applying a User-Based filter.

P

ACKET

T

YPES

A Packet Type is a set of comparisons which are made against the contents of an IP packet. It is the
fundamental element of an IP filter condition. For a match to occur, ALL the constituent
comparisons must yield a TRUE result. The type is composed of a common packet portion which
specifies fields in the IP header, and a protocol-specific portion which references the upper- layer
protocol fields and is dependent upon which Protocol field of the IP Header, if any, is used as a
criterion.

OUTPUT

USER

INPUT

USER

Network Interface

Network Interface

GLOBAL

IP Routing Process

CONNECTION

Filter Application Points

Filter Execution Order

This manual is related to the following products: