Bandwidth provisioning, Access control lists (acl), Bandwidth provisioning 41 – Intel BLADE SERVER IXM5414E Manuale d'uso

Switch Management and Operating Concepts

41

Bandwidth provisioning

Bandwidth provisioning allows you to deliver varying levels of allocated bandwidth to users sharing
the same physical interface. By mapping a subscriber’s traffic profile to a predefined policy and then
actively provisioning the maximum bandwidth consumed by that subscriber, you can provide
enhanced service offerings to your users. Bandwidth provisioning reduces the risk of network
congestion and prevents a small number of applications or users from consuming all the available
bandwidth.

Bandwidth provisioning provides Maximum Burst Rate (MBR) management for an interface and a
flexible framework for defining and extending traffic classes. It allows you to allocate bandwidth by
mapping a subscriber’s traffic profile (e.g. source/destination IP address, traffic type) to a prescribed
policy. Bandwidth provisioning actively provisions maximum bandwidth. For example, bandwidth
provisioning can enable monitoring and management of bandwidth for VLAN traffic based on
VLAN class IDs over an interface.

To run bandwidth provisioning you need to define Bandwidth Allocation Profiles (BAPs) and
Traffic Classes (TCs), and then associate the two:

Bandwidth Allocation Profile

A transmission link definition which specifies a Bandwidth Bucket Identifier, as
well as maximum bandwidth allowances.

Traffic Class

The definition of the traffic to which a set of rules will apply. A class is defined by
specifying a VLAN Identifier and an interface number, along with the class priority.

A default BAP, which you cannot modify, is assigned to all new TCs. Any given BAP may be
assigned to multiple TCs. Once you have defined the BAPs and TCs, and attached BAPs to the TCs,
VLAN traffic on the specified interfaces will not exceed the maximum configured bandwidth.

Access Control Lists (ACL)

You use Access Control Lists (ACLs) to control the traffic entering or exiting a network, for
example where two networks are connected, or an internal network is connected through a firewall
router to the Internet. This allows you to ensure that only authorized users have access to specific
resources while blocking off any unwarranted attempts to reach them.

You can use ACLs to:

•

Provide traffic flow control

•

Determine which types of traffic will be forwarded or blocked

•

Provide network security

An ACL consists of one or more rules or filtering criteria. A packet is accepted or rejected based on
whether or not it matches the criteria. After you create the set of rules for an ACL, you attach the
ACL to an interface. Filtering is done on inbound traffic.

An ACL rule may apply to any one or more of the following fields:

•

Source IP address

•

Source Port (Layer 4)

•

Destination IP

•

Destination Port (Layer 4)

•

IP Protocol Number