Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring the Firewall Filter for VPLS Family Type (NSM Procedure)

    You can configure firewall filters to filter virtual private LAN service (VPLS) packets.

    To configure the vpls firewall filter in NSM:

    1. In the NSM navigation tree, select Device Manager > Devices.
    2. Click the Device Tree tab, and then double-click the device to select it.
    3. Click the Configuration tab. In the configuration tree, expand Firewall > Family > VPLS.
    4. Add or modify settings as specified in Table 1.
    5. Click one:
      • OK—Saves the changes.
      • Cancel—Cancels the modifications.

    Table 1: VPLS Firewall Filter Configuration Details

    TaskYour Action

    Configure a firewall filter to filter VPLS packets.

    1. Click Filter next to VPLS.
    2. Click Add new entry next to Filter.
    3. Expand Filter.
    4. In the Name box, enter the name that identifies the filter.
    5. In the Comment box, enter the comment.
    6. Select the Interface Specific check box to configure interface-specific names for firewall counters.

    Configure accounting for firewall filters.

    1. Click Accounting Profile next to filter.
    2. Click Add new entry next to Accounting Profile.
    3. In the New accounting-profile window, enter the name to be assigned to the accounting profile.

    Define a firewall filter term.

    1. Click Term next to Accounting Profile.
    2. Click Add new entry next to Term.
    3. Expand Term.
    4. In the Name box, enter the name that identifies the term.
    5. In the Comment box, enter the comment for the term.
    6. From the Filter list, select the name that identifies the filter.
    7. Expand From.
    8. In the Comment box, enter the comment.
    9. From the listed protocol-independent match conditions, select the filters defined for the VPLS family type.

      The protocol-independent match conditions are Destination Mac Address, Destination Port, Dscp, Ether Type, Forwarding Class, Icmp Code, Icmp Type, Interface Group, IP Address, IP Destination Address, IP Precedence, IP Protocol, IP Source Address, Learn Vlan, 1p Priority, Learn Vlan id, Loss Priority, Port, Source Mac Address, Source Port, Traffic Type, User Vlan 1p priority, User Vlan id, Vlan Ether Type.

    10. Expand Then.
    11. In the Comment box, enter the comment for then.
    12. In the Count box, enter the number of packets.
    13. Select the Sample check box to sample the packet traffic.
    14. From the Loss Priority list, set the packet loss priority (PLP) to low, medium-low, medium-high, or high.
    15. In the Forwarding Class box, enter the packet forwarding class name.
    16. Select the Port Mirror check box to configure port mirroring for VPLS traffic.
    17. Click Accept next to Then.
    18. Select one of the following:
      • Accept—To accept a packet.
      • Discard—To discard a packet silently, without sending an ICMP message.
      • Next—To evaluate the next term in the firewall filter.
    19. Click Policer next to Then.
    20. Select one of the following:
      • Policer—To configure a new policer for each filter and select the policer name.
      • three-color-policer —To configure a tricolor marking policer,
        1. Expand Three Color Policer.
        2. Click Single Rate next to Three Color Policer.
        3. Select one of the following:
          • single-rate—If the named tricolor policer is a single-rate policer.
          • two-rate—If the named tricolor policer is a two-rate policer.

    Published: 2013-01-02