Manualshelf

Deployment Guide

ManualsBrandsDell ManualsAccess PlatformsNetworking OS for OpenFlow
21222324252627282930
28
4.3.2.7 Policy ACL Flow Table
The Policy ACL Flow Table supports wide, multi-field matching. Most fields can be wildcard matched, and
explicit priority must be included in all flow entry modification. This is the preferred table for matching
BPDU and ARP packets. It is also the only table where QoS actions are available.
The Policy ACL Flow Table is organized as mutually exclusive logical sub tables. Flow entries in the IPv6
logical tables match only IPv6 packets by VLAN ID. The non-IPv6 logical table matches any packet except
for IPv6 packets by VLAN ID. By OpenFlow single-entry match semantics, since the Policy ACL Flow Table
is considered a single table, a packet can match, at most, one rule in the entire table.
Note: The Ethertype prerequisite must be explicitly provided and cannot be masked.
The default on table miss is to do nothing. The packet will be forwarded using the output or group in the
action set, if any. If the action set does not have a group or output action the packet is dropped. The
Policy ACL Flow Table supports the flow entry types listed in Table 37.
Table 37: Policy ACL Flow Table Entry Types
Type
Table
Prerequisite
Description
IPv4 VLAN
Table 38
Ethertype != 0x86dd
IN_PORT is a physical port.
Matches packers by VLAN ID except for IPv6.
VLAN ID is optional but must be nonzero if
supplied.
IPv6 VLAN
Table 39
Ethertype = 0x86dd
Matches only IPv6 packets by VLAN ID. VLAN ID
is optional but must be nonzero if supplied.
4.3.2.7.1 Match Criteria, Instructions, Actions/Action List/Action Set, Counters, Flow Expiry
The available match fields for Policy ACL Flow Table flow entry types are as described in the following tables.
Table 38: Policy ACL Flow Table IPv4 Match Fields
Field
Bits
Maskable
Optional
Description or Prerequisite
IN_PORT
32
No
Yes
Physical or logical ingress port.
ETH_SRC
48
Yes
Yes
Ethernet source MAC
ETH_DST
48
Yes
Yes
Ethernet destination MAC
ETH_TYPE
16
No
Yes
Any value except 0x86dd. Explicit prerequisite
must be 0x800 if IP fields are to be matched.
VLAN_VID
16
Yes
Yes
VLAN id. Cannot be masked for a VLAN bridging
rule that redirects to a different L2 output group.
Only applicable to VLAN flow entry types.
VLAN_PCP
3
No
Yes
802.1p priority field from VLAN tag. Always has a
value, will be zero if packet did not have a VLAN
tag.
VLAN_DEI
1
No
Yes
802.1p drop eligibility indicator field from VLAN
tag. Always has a value, will be zero if packet did
not have a VLAN tag.
VRF
16
No
Yes
VRF.
IPV4_SRC
32
Yes
Yes
Matches SIP if Ethertype = 0x0800
ARP_SPA
32
Yes
Yes
Matches ARP source protocol address if Ethertype
= 0x0806
IPV4_DST
32
Yes
Yes
Matches DIP if Ethertype = 0x0800
IP_PROTO
8
No
Yes
IP protocol field from IP header if Ethertype =
0x0800
IP_DSCP
6
No
Yes
Bits 0 through 5 of the IP ToS Field as defined in
RFC 2474 if Ethertype = 0x0800