Adding Rules to a Policy List

[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]

NMC-RX 7.3.x User Guide, Vol. 2 > Configuring Policy Management > Adding Rules to a Policy List
Adding Rules to a Policy List

A policy list can comprise nine different types of rules: color, filter, forward, log, mark, next hop, next interface, rate-limit profile, and traffic class. Once you select a rule type, specific attributes for that rule type appear.

Understanding Policy List Limits

Consider the following limitations when creating policy lists. The NMC-RX application allows you to configure:

One rule of each nonrouting type (color, log, mark, rate-limit profile, and traffic class) per classifier control list.

One rule of a routing type (next interface, next hop, and filter) per classifier control list; however, you can configure up to 20 forward rules per classifier control list.

One classifier control list per rule.

Creating a Rule

Each rule has six common rule parameters. One of the common parameters is an association with a classifier control list, which specifies the criteria used to determine whether a rule is applied.

Most rules contain one or more type-specific parameters, some of which are associations with other objects, such as an IP interface, rate-limit profile, or traffic class.

NOTE: You can create a rule from either the Create Policy List dialog box or from the Policy List configuration area.

To add a rule:

From the Create Policy List dialog box, click the Add button.

The Add Policy Rule dialog box appears.
In the Rule Type drop-down list, select one of the nine rule types.

Depending on the rule type you select, parameters appear below the Classifier Control List entry

NOTE: Available rule types depend on the classifier control list selected.
 Table 13:  Rule Types 

 Type
 Description

 Color

 Specifies which color to explicitly assign to a packet


 Filter

 Drops all packets conforming to the classifier control list that you specify


 Forward

 Forwards all packets conforming to a specified classifier control list


 Log

 Logs all packets conforming to the specified classifier control list


 Mark

 Sets the ToS byte in the IP header to a specified value


 Next Hop Rule

 Defines the IP address of the next hop for a policy list


 Next Interface

 Defines an output interface for a policy list


 Rate Limit Profile

 Specifies a rate-limit profile in a policy list


 Traffic Class

 Specifies a traffic class in a policy list. When applied to a packet, the packet is placed into the specified traffic class when passing through the router.



 
 
Set the common parameters (Table 14).
 Table 14:  Policy Rule Common Parameters for the Nine Rule Types 

 Parameters
 Description

 Rule Name

 Logical identification of rule; 1-32 characters


 Precedence

 Priority of rule; can be set only at time rule is created; range 1-32768; default 100; cannot edit when you associate multiple rules with the same classifier control list


 Rule ID

 Identifier given to the rule by the device; cannot edit


 Active

 When checked, indicates that the rule is active; when not checked, indicates that the rule is not active


 Description

 Logical description of rule; 1-255 characters


 Classifier Control List

 Classifier control list associated with the selected rule; 1-40 characters; default *
 See Step 5 on 32.



 



 NOTE: The same precedence value is used for every rule on a policy list that is associated with a classifier control list.



 
Set the rule-specific parameter(s).
Information for each rule type is presented in the following sections. When you finish setting the parameters for the rule types, go to Step 5.

NOTE: There are no additional rule-specific parameters for Filter and Log rules.

Color Rule

From the Color drop-down list, select a color (Table 15).
 Table 15:  Type-Specific Parameters for Color Rule

 Parameter
 Description

 Color


   Red—Exceeds peak access rate
   Yellow—Exceeds the committed access rate
   Green—Within the committed access rate




 
Forward Rule

Follow these steps:

Click to the right of the IP Interface text box.

The Select IP Interface dialog box appears.
Click a virtual router name from the Select Virtual Router list.

All IP interfaces on the selected virtual router appear in the IP Interface area.
Click an IP interface from the Select Available IP Interface list.

Click OK.

The IP description name appears in the text box to the right of the IP Interface label, and the virtual router description name appears in the text box to the right of the Virtual Router label.

NOTE: The IP interface is optional for nonshared interfaces.
Set the forward parameters (Table 16).
 Table 16:  Type-Specific Parameters for Forward Rule 

 Parameters
 Description

 Next Hop

 Valid IP address for the next hop. The next hop is optional for nonshared interfaces.


 Order

 Precedence of this rule in relation to other forward rules; range 1-32767; default 100


 Ignore Default Route

 When checked, indicates that packets are forwarded to the next hop. If the next hop is not set, you cannot check the Ignore Default Route box, and packets are forwarded to the default route.



 
Click OK.
The newly created rule name(s) appear(s) in the Rules Information area of the Create Policy List dialog box.

You can add up to 20 forward rules for each classifier control list.

Mark Rule

Set the mark parameters (Table 17).
 Table 17:  Type-Specific Parameters for Mark Rule 

 Parameters
 Description

 Type

 Specifies how the ToS information is set. 
 Options: ToS Value, Precedence, DS Field, and Byte Value/Mask. See Value below.


 Value

 Based on the type selected. The mask range field is editable only for the Byte Value/Mask type.
 Value set based on type selected. 

   ToS Value—Range 0-255; default 255; mask 255
   Precedence—Range 0-7; default 7; mask 224
   DS Field—Range/length 0-63; default 63; mask 252
   Byte Value/Mask—Range 0-255; default 255; mask range 1- 255; mask default 255



 Mask

 Mask to be applied to value. See Value above. Can edit only for Byte Value/Mask type.



 
Next Hop Rule

Enter a valid IP address for the next hop.

Next Interface Rule

Follow these steps:

Click to the right of the IP Interface text box.

The Select IP Interface dialog box appears.
Click a virtual router name from the Select Virtual Router list.

All IP interfaces on the selected virtual router appear in the IP Interface area.
Click an IP interface from the Select Available IP Interface list.

Click OK.

The IP description name appears in the text box to the right of the IP Interface label.

In the Add Policy Rule dialog box, set the Next Hop parameter by entering a valid IP address for the next hop.

NOTE: The next hop is optional for nonshared interfaces.

Rate-Limit Profile Rule

Follow these steps:

Click to the right of the Rate Limit Profile text box.

The Associate Rate Limit Profile dialog box appears.
Click a rate-limit profile name in the list.

(Optional) View the rate-limit profile attributes by clicking the View... button.

The View Rate Limit Profile dialog box appears.
These attributes cannot be edited.

Close the dialog box by clicking .

Click OK.

The rate-limit profile name appears in the text box to the right of the Rate Limit Profile label.

Traffic Class Rule

Follow these steps:

Click to the right of the Traffic Class text box.

The Associate Traffic Class dialog box appears.
 NOTE: A maximum of eight traffic classes is allowed on an E-series router.



 
Click a traffic class name in the list.

(Optional) View the traffic class attributes by clicking the View... button.

The View Traffic Class dialog box appears.
These attributes cannot be edited.

Close the dialog box by clicking .

(Continued from 27.) In the Add Policy Rule dialog box, click to the right of the Classifier Control List box.

The Associate Classifier Control List dialog box appears. Available classifier control lists depend on the rule type selected.
Click a classifier control list name.

The default * specifies that the router selects all packets from the interface associated with the policy list for this classifier group.

Click OK.

The classifier control list name appears in the text box to the right of Classifier Control List in the Add Policy Rule dialog box.Click OK in the Add Policy Rule dialog box.

The newly created rule name(s) appear(s) in the Rules Information area of the Create Policy List dialog box.

Type	Description
Color	Specifies which color to explicitly assign to a packet
Filter	Drops all packets conforming to the classifier control list that you specify
Forward	Forwards all packets conforming to a specified classifier control list
Log	Logs all packets conforming to the specified classifier control list
Mark	Sets the ToS byte in the IP header to a specified value
Next Hop Rule	Defines the IP address of the next hop for a policy list
Next Interface	Defines an output interface for a policy list
Rate Limit Profile	Specifies a rate-limit profile in a policy list
Traffic Class	Specifies a traffic class in a policy list. When applied to a packet, the packet is placed into the specified traffic class when passing through the router.

Parameters	Description
Rule Name	Logical identification of rule; 1-32 characters
Precedence	Priority of rule; can be set only at time rule is created; range 1-32768; default 100; cannot edit when you associate multiple rules with the same classifier control list
Rule ID	Identifier given to the rule by the device; cannot edit
Active	When checked, indicates that the rule is active; when not checked, indicates that the rule is not active
Description	Logical description of rule; 1-255 characters
Classifier Control List	Classifier control list associated with the selected rule; 1-40 characters; default * See Step 5 on 32.

Parameter	Description
Color	Red—Exceeds peak access rate Yellow—Exceeds the committed access rate Green—Within the committed access rate

Parameters	Description
Next Hop	Valid IP address for the next hop. The next hop is optional for nonshared interfaces.
Order	Precedence of this rule in relation to other forward rules; range 1-32767; default 100
Ignore Default Route	When checked, indicates that packets are forwarded to the next hop. If the next hop is not set, you cannot check the Ignore Default Route box, and packets are forwarded to the default route.

Parameters	Description
Type	Specifies how the ToS information is set. Options: ToS Value, Precedence, DS Field, and Byte Value/Mask. See Value below.
Value	Based on the type selected. The mask range field is editable only for the Byte Value/Mask type. Value set based on type selected. ToS Value—Range 0-255; default 255; mask 255 Precedence—Range 0-7; default 7; mask 224 DS Field—Range/length 0-63; default 63; mask 252 Byte Value/Mask—Range 0-255; default 255; mask range 1- 255; mask default 255
Mask	Mask to be applied to value. See Value above. Can edit only for Byte Value/Mask type.

[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]