Filter
Top Products
SmartSwitch Router User Reference Manual 321
Chapter 22: WAN Configuration Guide
Source Filtering and ACLs
Source filtering and ACLs can be applied to a WAN interface; however, they affect the
entire module, not an individual port.
For example, if you want to apply a source MAC address filter to a WAN serial card
located in slot 5, port 2, your configuration command line would look like the following:
Port se.5 is specified instead of se.5.2 because source filters affect the entire WAN module.
Hence, in this example, source-mac 000102:030405 would be filtered from ports se.5.1,
se.5.2, se.5.3, and se.5.4 (assuming that you are using a four-port serial card).
ACLs work in a similar fashion. For example, if you define an ACL to deny all http traffic
on one of the WAN interfaces, it will apply to the other WAN interfaces on that module as
well. In practice, by making your ACLs more specific, for example by specifying source
and destination IP addresses with appropriate subnet masks, you can achieve your
intended level of control.
Weighted-Fair Queueing
Through the use of Weighted-Fair Queueing QoS policies, WAN packets with the highest
priority can be allotted a sizable percentage of the available bandwidth and “whisked
through” WAN interface(s). Meanwhile, the remaining bandwidth is distributed for
“lower-priority” WAN packets according to the user’s percentage-of-bandwidth
specifications. Please refer to Chapter 35: “qos Commands” in the SmartSwitch Router
Command Line Interface Reference Manual for more detailed configuration information.
Note: Weighted-Fair Queueing applies only to best-effort traffic on the WAN card. If
you apply any of the WAN specific traffic shaping commands, then weighted fair
queuing will no longer be applicable.
Congestion Management
One of the most important features of configuring the SSR to ensure Quality of Service is
the obvious advantage gained when you are able to avoid network congestion. The
following topics touch on a few of the most prominent aspects of congestion avoidance
when configuring the SSR.
Random Early Discard (RED)
RED allows network operators to manage traffic during periods of congestion based on
policies. Random Early Discard (RED) works with TCP to provide fair reductions in traffic
proportional to the bandwidth being used. Weighted Random Early Discard (WRED)
ssr(config)# filters add address-filter name wan1 source-mac
000102:030405 vlan 2 in-port-list se.5