Using IP Access Control List, Abilis CPX filters transit datagrams basing on the information carried by the header (source address and destination, internet protocol version and numbers of logical port) and not on their content.
IPACL provides two different kinds of filters:
PERMIT: permitted to transit.
DENY: denied to transit.
Filters also allow assigning each datagram data flow a different service class:
HIGH: service class “HIGH”.
NORMAL: service class “NORMAL”.
LOW: service class “LOW”.
Usually the service classes are also called “priorities” so that it is possible to speak of “the traffic prioritisation”.
Tip | |
---|---|
This feature is very important when VoIp and Data applications use the same link. In these cases, voice packets must have the highest priority. |
Changes on IPACL are immediately active, restart to Abilis CPX isn't required.
Caution | |
---|---|
“Packet filtering” definitions must be added carefully cause the access to the Abilis by IP may be blocked! |
TOS is just a hint to the routing algorithm that helps it choose among various paths to a destination. Each datagram data flow can be associated with a different Type Of Service (TOS).
The Type of Service is used to indicate the quality of the service desired.
It's abstract set of parameters characterizing the service choices provided in the networks which make up the internet.
Type of service indication is used by gateways to:
select the actual transmission parameters for a particular network;
choose the network to use for the next hop;
choose the next gateway;
when routing an internet datagram.
The five values allowed are:
N = None;
D = Minimize Delay;
T = Maximize Throughput;
R = Maximize Reliability;
C = Minimize Monetary Cost.
The IP Access Control List must be enabled into the IPRTR Resource.
[15:14:30] ABILIS_CPX:d p iprtr
RES:Iprtr ---------------------------------------------------------------------
Run DESCR:IP_Router_general_properties
- General --------------------------------------------------------------
R-ID:AUTO (192.168.029.254)
maxroute:500 DFTTTL:255 ps:2048
DEF-LOCAL-AD:0 DEF-STATIC-AD:1 DEF-OSPF-AD:110 DEF-RIP-AD:120
pvc:0 bsvc:0 LINKS:6 virtual:0
- IP Access List -------------------------------------------------------
ACL:NO ACLBYPASS:#
COS:DISABLED COSDFT:NORMAL
COSBALANCE:NO NORMRATE:50 LOWRATE:50
- IPCOS to 802.1q (VLAN) priority --------------------------------------
LOW:1 NORMAL:0 HIGH:5
- Ppp-Dns --------------------------------------------------------------
PPP-DNS-PRI:000.000.000.000 PPP-DNS-SEC:000.000.000.000
The highlight parameters manages the IPACL activation and functionality mode.
ACL
It activates the IP
Access List service and chooses the operating mode
[
,
NO
YES
]
.
ACLBYPASS
It sets the IP address of the IP datagram received that will
be managed without considering filters eventually defined in the
IP Access List [*
: stands for “any IP
address”, that is the IP access list service will be
applied to any IP datagrams; #
: stands for
“no IP address”, that is the IP access list service
will NOT be applied to any IP datagrams; 1-126.x.x.x,
128-223.x.x.x
].
COS
It activates/deactivates the IP classes of service. Class of service is a feature used to assign different priorities to specific paths of IP datagrams. The assignment of this priority is done by IPRTR upon reception of every IP datagram, using the information present in the IPACL.
COSDFT
It sets the Class of IP service default value
[
,
LOW
,
NORMAL
].HIGH
COSBALANCE
It activates/deactivates the balance functionality of the IP
classes of service. This procedure provides an acceptable service
to each class by avoiding that higher priority classes are too
prevalent respect the lower ones. The user, through the parameters
NORMRATE
and LOWRATE
, can
set the percentage balance ratio.
NORMRATE
It sets the percentage balance ratio between resources allocated for the classes with “NORMAL” priority and the ones with “HIGH” priority.
LOWRATE
It sets the percentage balance ratio between resources allocated for the classes with “LOW” priority and the ones with “NORMAL” priority.
For example, the command for enable the IPACL and the COS Management is:
[15:28:50] ABILIS_CPX:s p iprtr acl:yes cos:enabled
COMMAND EXECUTED [15:36:47] ABILIS_CPX:d p iprtr
RES:Iprtr --------------------------------------------------------------------- Run DESCR:IP_Router_general_properties - General -------------------------------------------------------------- R-ID:AUTO (192.168.029.254) maxroute:500 DFTTTL:255 ps:2048 DEF-LOCAL-AD:0 DEF-STATIC-AD:1 DEF-OSPF-AD:110 DEF-RIP-AD:120 pvc:0 bsvc:0 LINKS:6 virtual:0 - IP Access List ------------------------------------------------------- ACL:YES ACLBYPASS:# COS:ENABLED COSDFT:NORMAL COSBALANCE:NO NORMRATE:50 LOWRATE:50 - IPCOS to 802.1q (VLAN) priority -------------------------------------- LOW:1 NORMAL:0 HIGH:5 - Ppp-Dns -------------------------------------------------------------- PPP-DNS-PRI:000.000.000.000 PPP-DNS-SEC:000.000.000.000
Caution | |
---|---|
To activate the changes made on the upper case parameters, execute the initialization command init res:iprtr; while to set act the changes made on the lowercase parameters a save conf and an Abilis restart are required (i.e. with warm start command). |