Differences between the and and or relationships between rules in a traffic classifier on S series switches

6

For S series switches (except the S1700), and and or indicate the relationship between rules in a traffic classifier.
- and indicates that the relationship between rules is AND. After and is specified, the following situations occur:
1. If a traffic classifier contains ACL rules, packets match the traffic classifier only when the packets match one ACL rule and all the non-ACL rules.
2. If a traffic classifier does not contain an ACL rule, packets match the traffic classifier only when the packets match all the non-ACL rules.
- or indicates that the relationship between rules is OR. After or is specified, packets match a traffic classifier as long as the packets match at least one rule.
By default, the relationships between rules in a traffic classifier on an S series modular switch and those on an S series fixed switch are OR and AND, respectively.
Note: MQC cannot be configured on the S2700SI.

Other related questions:
Why does not a traffic classifier support the And relationship between ACL rules
ACL rules may cause conflicts when matching the same elements. For example, if two ACL rules defined in a traffic classifier match VLANs, the And relationship between ACL rules causes matching conflicts and leads to matching failure when VLAN IDs are different.

Differences between traffic suppression and storm control on S series switches
For S series switches, the differences between traffic suppression and storm control are as follows: Traffic suppression aims at controlling traffic rates within an acceptable range to limit incoming and outgoing traffic on interfaces. If the rate of incoming broadcast, multicast, or unknown unicast packets on an interface exceeds the threshold, a switch discards the packets exceeding the threshold and only allows the packets within the threshold to pass through. Take traffic suppression of unknown unicast packets for example. Assume that the traffic suppression threshold of unknown unicast packets is 100 pps. That is, the switch allows only 100 packets to pass through within one second, and discards the excess packets. Within the next second, the switch also allows only 100 packets to pass through. If the rate of outgoing broadcast, multicast, or unknown unicast packets on an interface exceeds the threshold, the switch blocks all packets of this type. That is, the interface does not forward packets of this type. Storm control aims at preventing broadcast storms. A switch with storm control configured only controls incoming traffic on interfaces. If the average rate of unknown unicast packets received by an interface of a switch within the storm control interval is higher than the specified upper threshold, the switch blocks packets on the interface or shuts down the interface according to the configured penalty action. If the interface has been blocked, when the rate of packets received by the interface falls below the lower threshold, the switch unblocks the interface. If the interface has been shut down, you need to run the undo shutdown command to enable the interface. Take storm control on unknown unicast packets for example. Assume that the upper threshold for storm control on unknown unicast packets is 100 pps, the lower threshold is 20 pps, and the storm control detection interval is 5 seconds. If the interface receives more than 500 (100 x 5) packets within 5 seconds, the switch shuts down the interface. The interface can receive packets only after its status recovers to Up. Alternatively, the switch blocks all unknown unicast packets on the interface until the 5 seconds expire. When the number of packets received by the interface falls below 100 (20 x 5), the switch allows the interface to receive unknown unicast packets. For the incoming packets of the same type on an interface, only traffic suppression or storm control can be configured.

Differences between traffic policing and traffic shaping for S series switches
Traffic policing monitors the rate of traffic entering a network, and discards excess traffic to limit the traffic within a specified range and to protect network resources as well as user benefits. Traffic shaping proactively adjusts the rate of outgoing traffic to reduce traffic bursts, so that outgoing traffic can be transmitted at a stable rate, preventing traffic congestion on downstream devices. In most cases, traffic policing is applied to the inbound direction of a device, while traffic shaping is applied to the outbound direction of a device.

Difference between the S series switch and router
The S series switch and router are different in the following aspects: 1. Functions �?data switching or routing Although both Layer 3 switches and routers provide the routing function, they are not the same. For example, many broadband routers provide not only the routing function, but also switch and firewall functions. However, these routers are equated with switches or firewalls. because routing is their main function while others are additional functions. This rule also applies to Layer 3 switches. They are switching products that mainly provide the data switching function, as well as additional routing function. 2. Applicable environment �?LAN or WAN The routing function of a Layer 3 switch is simple for connection of LANs. Therefore, the routes of a Layer 3 switch are simple and less complex than those of a router. The Layer 3 switch provides quick data switching to allow frequent exchange of data traffic in the LAN. The router is designed to connect different types of networks. Although a router can be applied to the connection of LANs, the routing function is mainly provided for connection of different types of networks, such as connection between the LAN and WAN, and between networks with different protocols. The main purpose of a router is to connect multiple networks with complex routes. With powerful routing function, the router is applied to not only LANs with same protocols, but also LAN and WAN with different protocols. To connect different types of networks, the router provides various interface types. However, the Layer 3 switch only provides LAN interfaces of the same type. 3. Performance �?data packet exchange Technically, the major difference between a router and a Layer 3 switch is to forward data packets. The router uses the software engine with a micro-processor to forward data packets, while the Layer 3 switch uses hardware. After a Layer 3 switch forwards the first packet of a data flow, it generates a mapping between MAC addresses and IP addresses. When the same data flow passes, the Layer 3 switch forwards the packets without searching in the routing table. This prevents the delay caused by route selection and improves the efficiency of forwarding data packets. Therefore, in terms of performance, the Layer 3 switch is better than the router and is applied to the LAN with frequent data exchange. With a powerful routing function and low forwarding efficiency of data packets, the router is applied to the connection of different types of networks without frequent data exchange, such as the connection between the LAN and Internet. If the router is used on a LAN, its powerful routing function is wasted and it cannot meet the communication requirements of the LAN and influences subnet communication.

Difference between CSS and stack on S series switches
For S series switches, both stack and cluster indicate that combine multiple switches are virtualized into a logical switch. In V200R001C00 and earlier versions, there is only one name called stack in Chinese. In later versions, fixed switches use stack and modular switches use the cluster. Each cluster allows only two member devices, whereas a stack can contain a maximum of nine member devices.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top