User guide

ManualsBrandsCisco ManualsComputer equipmentSCE 1000 2xGBE

Glossary of Terms

SCE 1000 2xGBE Release 2.0.10 User Guide

2 OL-7117-02

In addition, a subscriber associated with the

attack may be notified about the attack.

The SCE 1000 maintains a list of the most

active IP addresses flowing through it, with

a measure of the activity of each IP address.

(Activity is measured by number of flows

opened to/from that address). If there are IP

addresses in the table whose number of

flows is above the configured threshold,

these IP addresses are assumed to be

attacking, or being attacked. If the SCE

1000is configured to block the attack, it

drops the attack packets.

Duplex

Duplex refers to the bi-directional capacity

of the link, that is, the link can both receive

and transmit.

Full duplex data transmission means that

data can be received and transmitted

simultaneously.

Half duplex data transmission means that the

line can transmit in only one direction at a

time. When data is being transmitted, it

cannot be received and vice versa.

F

Flow

All packets travelling in both directions on a

single application layer connection (such as

a TCP or UDP connection). A flow is

identified by the tuple information: <Source

IP, Destination IP, Source Port, Destination

Port, IP Protocol>. (Note that if the IP

protocol is neither TCP or UDP, the port

number is defined as '0'.)

IN this guide, the term 'flow' represents bi-

directional flows (packets from both the

client and server of each connection). When

referencing a uni-directional flow, this is

explicitly mentioned.

Flow Bundle

A group of one or more flows comprising

the set of application-layer connections (

such as a TCP or UDP connection) used in a

single, logical application session. The

semantics of flow-bundles are application

dependant, and relate to the way each

application spawns and negotiates additional

flows as part of a single session. A few

common examples are:

• An SIP (VoIP) flow bundle comprises

the signaling flow as well as all the

RTP/UDP flows containing the actual

media data (voice).

• An RTSP (Streaming) flow bundle

comprises the signaling flow as well as

the RTP/UDP flows containing the audio

and/or video transmissions.

• AN FTP (file transfer) flow bundle

comprises the control flow (used to login

an FTP server) and the actual file-

transfer flows

In each of these cases, the SCE 1000 tracks

the application communication to identify

new connections created and bundle them

into a single context. This is important for

classification and accounting purposes, as

otherwise these spawned flows would be

unclassifiable.

I

Inline connection mode

The SCE 1000 physically resides bump-in-

the-wire on the data links between the

subscriber and the network

L

Link mode

A specified behavior that may be enforced

on the link. This may be useful during

installation and for debugging the network.

The available link modes are:

• forwarding

• bypass