beautypg.com

EXP Computer PathBuilder S200 User Manual

Page 65

background image

Bridging

61

T0008-16F

Release 5.2M

Bridge Filtering

Mac Filtering
Process

As shown in Figure 30, if a match is detected, the system applies the filtering action
configured for that entry. The filtering action is to either PASS the frame or BLOCK
the frame for all links or for a configured list of links. This filtering action overrides
the action specified in the MAC Address Filter Action parameter.

If there is no match between the frame MAC Address and any entry in the MAC
Address Filter Table, then filtering action on that frame is not controlled by the MAC
Address Filter Table.

When the filtering action is not controlled by the MAC Address Filter Table, the
action taken by the bridge is determined by the MAC Address Filter Action
parameter in the Bridge Link Table; the action is to either PASS the frame or
BLOCK it.

The MAC Address Filter Action parameter determines if the filter table is enabled on
a bridge link. This same parameter is used to define the action taken (PASS or
BLOCK) when no match is made in the MAC Address Filter Table.

For a detailed description of the MAC Address Filter parameters, refer to
“Configuring the MAC Address Filter Table” section on page 66.”

Incoming and
Outgoing Frames

The filtering action is applied to each link. The frames passing on a link can be either
incoming or outgoing (see Figure 31). Incoming means that the frame is entering the
bridge from elsewhere either from the LAN or WAN. Outgoing means the frame is
leaving the bridge. Therefore, a given frame can be incoming on one link and
outgoing on another link (provided it does not get blocked due to filtering).
Filtering can be applied at each of those links.

For any link, the PASS or BLOCK attribute can be set for either the source address
or the destination address. This method allows you to individually configure every
combination of in/out and source/destination to either a pass or a block action for any
link.

Figure 31. Example of a Frame Passing on a Bridge Link

The source address (incoming or outgoing) refers to the frame having the indicated
MAC source address. The destination address (incoming or outgoing) refers to the
frame having the indicated MAC destination address.

Token

Ring 1

Bridge

WAN

Network

Frames passing on a link can be either incoming or outgoing.
The same frame can be incoming on one link and outgoing on another link.

Bridge Links

Outgoing Frame

(from Bridge)

Incoming Frame

(to Bridge)