Filter
Top Products
Web OS 10.0 Application Guide
172
Chapter 7: Filtering
212777-A, February 2002
Stacking Filters
Stacking filters are assigned and enabled on a per-port basis. Each filter can be used by itself or
in combination with any other filter on any given switch port. The filters are numbered 1
through 2048 on Alteon 184 and Alteon AD4 Web switches, and 1 though 224 on other Alteon
Web switches. When multiple filters are stacked together on a port, the filter’s number deter-
mines its order of precedence: the filter with the lowest number is checked first. When traffic is
encountered at the switch port, if the filter matches, its configured action takes place and the
rest of the filters are ignored. If the filter criteria doesn’t match, the next filter is tried.
As long as the filters do not overlap, you can improve filter performance by making sure that
the most heavily utilized filters are applied first. For example, consider a filter system where
the Internet is divided according to destination IP address:
Figure 7-1 Assigning Filters According to Range of Coverage
Assuming that traffic is distributed evenly across the Internet, the largest area would be the
most utilized and is assigned to Filter 1. The smallest area is assigned to Filter 4.
Overlapping Filters
Filters are permitted to overlap, although special care should be taken to ensure the proper
order of precedence. When overlapping filters are present, the more specific filters (those that
target fewer addresses or ports) should be applied before the generalized filters.
Example:
Figure 7-2 Assigning Filters to Overlapping Ranges
In this example, Filter 2 must be processed prior to Filter 3. If Filter 3 was permitted to take
precedence, Filter 2 could never be triggered.
Allow Deny Redirect
Filtering by Destination IP Address Ranges
Deny
0.0.0.0 255.255.255.255
Filter 1Filter 3Filter 4Filter 2
Allow
Redirect
Filtering by Destination IP Address Ranges
Deny
0.0.0.0 255.255.255.255
Filter 1Filter 3 Filter 2