Policy Rule
Policy Rules Overview
This chapter shows you how to configure policy rules.
A classifier distinguishes traffic into flows based on the configured criteria (refer to Classifier for more information). A policy rule ensures that a traffic flow gets the requested treatment in the network.
What You Can Do
Use the Policy Rule screen (Policy Rules) to enable the policy and display the active classifiers you configure in the Classifier screen.
Policy Rules
Click SECURITY > ACL > Policy Rule in the navigation panel to display the screen as shown.
SECURITY > ACL > Policy Rule
The following table describes the labels in this screen.
label | Description |
|---|---|
Index | This field displays the policy index number. |
Active | This field displays whether policy is activated or not. |
Name | This field displays the name you have assigned to this policy. |
Classifier(s) | This field displays the names of the classifier to which this policy applies. |
Select an entry’s checkbox to select a specific entry. Otherwise, select the checkbox in the table heading row to select all entries. | |
Add/Edit | Click Add/Edit to add a new entry or edit a selected one. |
Delete | Click Delete to remove the selected entries. |
Add/Edit a Policy Rule
You must first configure a classifier in the SECURITY > ACL > Classifier > Classifier Setup screen.
Click Add/Edit, or select an entry and click Add/Edit in the SECURITY > ACL > Policy Rule screen to display this screen.
SECURITY > ACL > Policy Rule > Add/Edit
The following table describes the labels in this screen.
label | Description |
|---|---|
Source & Destination | |
Active | Enable the switch button to enable the policy. |
Name | Enter a descriptive name for identification purposes. You can enter up to 32 printable ASCII characters except [ ? ], [ | ], [ ' ], [ " ] or [ , ]. |
Classifier(s) | This field displays the active classifiers you configure in the SECURITY > ACL > Classifier > Classifier Setup screen. Select the classifiers to which this policy rule applies. To select more than one classifier, press [SHIFT] and select the choices at the same time. |
General Parameters Set the fields below for this policy. You only have to set the fields that is related to the actions you configure in the Action field. | |
Priority | Specify a priority level. |
TOS | Specify the Type Of Service (TOS) priority level. |
Bandwidth | Specify the bandwidth in kilobit per second (Kbps). Enter a number between 1 and 1000000. |
Action Specify the actions the Switch takes on the associated classified traffic flow.  You can specify only one action (option) for each category (Forwarding, Priority, Queue, Outgoing) in a policy rule.The Switch only applies one policy rule for each traffic flow.Say you have a traffic flow that matches several classifiers, and you specify a different policy rule for each. The Switch only classifies the traffic flow to the classifier with the highest Match Order. The Switch then applies the policy rule with which the classifier is associated. You can set the classifier Match Order rule (manual or auto) in the ACL > Classfier > Classifier Global settings screen (see Classifier Global Setting for more information). Let’s say you set two classifiers (Class 1 and Class 2) and both identify all traffic from MAC address 11:22:33:44:55:66 on port 3. If Policy 1 applies to Class 1 and the action is to drop the packets, Policy 2 applies to Class 2 and the action is to forward the packets to the egress port, the Switch will forward the packets. If Policy 1 applies to Class 1 and the action is to drop the packets, Policy 2 applies to Class 2 and the action is to enable bandwidth limitation, the Switch will discard the packets immediately. If Policy 1 applies to Class 1 and the action is to forward the packets to the egress port, Policy 2 applies to Class 2 and the action is to enable bandwidth limitation, the Switch will forward the packets. | |
Apply | Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. |
Clear | Click Clear to clear the fields to the factory defaults. |
Cancel | Click Cancel to not save the configuration you make and return to the last screen. |
Policy Example
The figure below shows an example SECURITY > ACL > Policy Rule screen where you configure a policy to limit bandwidth and discard out-of-profile traffic on a traffic flow classified using the Example classifier (refer to Classifier Example).
Policy Example