Manualshelf

Specifications

ManualsBrandsBlack Box ManualsNetwork RouterLR1530A-EU-R3
51525354555657585960
Programmable Filtering
54
Bridge Pattern Filtering
Protocol Discrimination
Protocol discrimination may be required to prevent or limit the protocols that may traverse a bridged Local Area Network.
In Local Area Networks there may be many different Network and Transport layer protocols that coexist on the same
physical media. TCP/IP, DECNET, and XNS are just a few of the common protocols in use today. Each of these protocols
is encapsulated within an Ethernet frame, and therefore is transparent to the normal bridging function. If you would like to
discriminate against a particular protocol to prevent its use of the bridged LAN facilities, the Ethernet bridge/router provides
programmable filter masks that may be defined to act on any part of the Ethernet frame.
In the examples below, several protocol types and combinations are presented to demonstrate the use of programmable filter
masks to control the protocol traffic between Local Area Network segments. Since there are many possible combinations,
these examples are only representative of some of them.
The Bridge Filter Patterns menu is located under the FILTER SET-UP MENU. Within the Bridge Filter Patterns Menu there
exists a Help function that can be used as a reference during Bridge Filter Pattern creation. This Help function includes all of
the logical operators that may be applied to the mask expression.
Protocol Type Field
Within an Ethernet frame, a protocol field exists at octet 12 and 13. These two octets, or 8-bit bytes, will represent
the type of higher level protocol that exists in the Ethernet frame. There are more than 100 different protocol types
that are defined for use within an Ethernet frame. In many networks there will be fewer than 10 that are in use, but
in many larger networks there may be upwards of 30 or more. This, of course, will depend on the type of equipment
and the applications that are being used within the Local Area Network.
Internet Protocol (IP)
The Internet Protocol (IP) is the most widely used protocol within an Ethernet environment. As a result there may
be a need to restrict in one form or another this protocol traffic.
Filter all IP Packets
To prevent IP traffic from being passed across the bridged network, a mask must be created that represents this
protocol type. The IP protocol type is 0800H.
Since the protocol field starts at octet location 12, the necessary filter mask to prevent IP traffic from traversing the
bridged network is as follows: 12-0800
The 12 is the offset into the Ethernet frame, the “-” is the argument separator, and the 0800 represents the protocol
type of IP.
In this example, whenever a frame is seen on the LAN port, for which this filter mask has been specified, with a
protocol of type equal to IP, the frame will be filtered.
Note that when you filter on IP frames, all frames using the IP protocol will also be filtered. This includes TCP,
UDP, SNMP, etc.