Manualshelf

WESM zl Management and Configuration Guide WT.01.28 and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
541542543544545546547548549550
7-7
Access Control Lists (ACLs)
Overview
Remember, the operation only affects traffic that meets all of the criteria of the rule.
Also, the operation is explicit. That is, the module performs the operation on selected
traffic, but does not perform the opposite action on traffic that is not selected. Instead,
the module attempts to match the traffic against the next rule in order of precedence.
However, all ACLs include an implicit deny any rule at the end, which drops all traffic
not selected by other rules. In other words, traffic is permitted only if explicitly
permitted by one of the ACLs rules. Therefore, whenever you apply an ACL to an
interface, make sure that you include a rule to permit all traffic that you want the
Wireless Edge Services zl Module to forward.
Mark. Besides deny and permit, a third operation is mark, which marks traffic for
a particular type of QoS or Type of Service (TOS). Marked traffic is also forwarded.
The mark operation only takes effect for ACLs applied to physical interfaces.
Two protocols define QoS classes:
802.1p—a mechanism for implementing QoS at Layer 2
802.1p divides traffic into different classes and provides expedited service to
traffic in higher-priority classes. Eight different classes of service (0 through 7)
are available. The class is indicated in three bits of an 802.1Q VLAN tag.
Table 7-1 shows the type of service typically associated with each 802.1p class.
However, the actual treatment for each class is left to your network implemen-
tation. The Wireless Edge Service zl Module simply marks traffic for a particular
class.
Table 7-1. Standard QoS for 802.1p Classes
TOS—a mechanism for implementing QoS at Layer 3
The value for the IP headers one-byte TOS field can range from0 through 255.
Typically, only values 0 through 63 are used—the six-bit Differential Services
(DiffServ) Code Point (DSCP) values. (The other two bits make up the explicit
congestion notification field.)
Again, higher values typically receive higher priority, but the exact handling
depends on your network’s implementation.
Priority Value Service Type
1 and 2 lowest priority (background)
0 and 3 default priority (best effort)
4 and 5 higher priority (video and voice)
6 and 7 highest priority (network control traffic)