• Author : José Rios

 
 

DirectFlow Output Nexthop Action

Description DirectFlow is a feature that allows the user to steer traffic by matching on packet headers and/or metadata using the OpenFlow semantics. This allows the user to create rules using matches and actions that are a superset of the OpenFlow 1.0 specification. Unlike OpenFlow, DirectFlow runs alongside existing layer 2/3 forwarding plane capabilities and does not require a controller or any third party integration, allowing the user to create flows from CLI.   The “output nexthop” is a routing action that allows the user to redirect packets matching a DirectFlow rule to a configured next hop. It can be...
Continue reading →

Macro-Segmentation Service (MSS) for Layer 3 Firewall Enhancements

Verbatim Qualifier Verbatim qualifier – This feature enhances two basic policy actions, redirect and offload, for Macro-Segmentation Service (MSS) for Layer 3 Firewalls with the verbatim qualifier. This new tag qualifier provides more control to the users so that they can choose from different action behaviors depending on their security objectives and the hardware resource constraint of a deployment. For firewall policies tagged with the redirect tag, MSS extracts IP addresses from the policy and forwards all traffic destined to or generated from that set of IP addresses to the firewall. With the additional verbatim tag, the user now can...
Continue reading →

Support for Action Output Interface in DirectFlow

Description DirectFlow is a feature that allows the user to steer traffic by matching on packet headers and/or metadata using the OpenFlow semantics. This allows the user to create rules using matches and actions that are a superset of the OpenFlow 1.0 specification. Unlike OpenFlow, DirectFlow runs alongside existing layer 2/3 forwarding plane capabilities and does not require a controller or any third party integration, allowing the user to create flows from CLI. As of 4.22.0F, there is support to redirect matching traffic to a single Ethernet or LAG interface through the action ‘output interface’. Platform compatibility This TOI covers...
Continue reading →

DirectFlow – Drop action

DirectFlow is a feature that allows the user to steer traffic by matching on packet headers and/or metadata using the OpenFlow semantics. This allows the user to create rules using matches and actions that are a superset of the OpenFlow 1.0 specification. Unlike OpenFlow, DirectFlow runs alongside existing layer 2/3 forwarding plane capabilities and does not require a controller or any third party integration, allowing the user to create flows from CLI. Platform compatibility DirectFlow configuration may vary on different platforms. This TOI describes the configuration for the following platforms: DCS-7020 DCS-7500R DCS-7280R DCS-7500R2 DCS-7280R2 There is another DirectFlow –...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: