Converged Enhanced Ethernet Administrator's Guide v6.4.0 (53-1001761-01, June 2010)
Converged Enhanced Ethernet Administrator’s Guide 7
53-1001761-01
Layer 2 Ethernet overview
1
DRAFT: BROCADE CONFIDENTIAL
- Multicast output queuing—A typical multicast output queuing example is where several
ports carry multicast inbound traffic. Each port has a different priority setting. Traffic from
all ports is switched to the same outbound port. If the inbound ports have varying traffic
rates, some outbound priority groups will be congested while others remain uncongested.
The traffic rate of the traffic streams that are uncongested remains high. The outbound
ports should carry some multicast frames from all the inbound ports.
• Scheduling—A typical example of scheduling policy (using SP0 and SP1 modes) is where ports
0 through 7 carry inbound traffic, each port has a unique priority level, port 0 has priority 0,
port 1 has priority 1, and so on. All traffic is switched to the same outbound port. In SP0 mode,
all ports have DWRR scheduling; therefore, the frames-per-second (FPS) on all ports should
correspond to the DWRR settings. In SP1 mode, priority 7 traffic uses SP; therefore, priority 7
can achieve a higher FPS. Frames from input ports with the same priority level should be
scheduled in a round robin manner to the output port.
When setting the scheduling policy, each priority group that is using DWRR scheduling can be
set to use a percentage of the total bandwidth by setting the PG_Percentage parameter.
For detailed information on configuring QoS, see “Configuring QoS using the CEE CLI” on page 91.
Access control
Access Control Lists (ACLs) are used for Layer 2 switching security. Standard ACLs inspect the
source address for the inbound ports. Extended ACLs provide filtering by source and destination
addresses and protocol. ACLs can be applied to the CEE ports or to VLANs.
ACLs function as follows:
• A standard Ethernet ACL configured on a physical port is used to permit or deny frames based
on the source MAC address. The default is to permit all frames.
• An extended Ethernet ACL configured on a physical port is used to permit or deny frames
based on the source MAC address, destination MAC address, and EtherType. The default is to
permit all frames.
• A standard Ethernet ACL configured on a LAG virtual port is used to permit or deny frames
based on the source MAC address. The default is to permit all frames. LAG ACLs apply to all
ports in the LAG.
• An extended Ethernet ACL configured on a LAG virtual port is used to permit or deny frames
based on the source MAC address, destination MAC address, and EtherType. The default is to
permit all frames. LAG ACLs apply to all ports in the LAG.
• A standard Ethernet ACL configured on a VLAN is used to permit or deny frames based on the
source MAC address. The default is to permit all frames. VLAN ACLs apply to the Switch Vertical
Interface (SVI) for the VLAN.
• An extended Ethernet ACL configured on a VLAN is used to permit or deny frames based on the
source MAC address, destination MAC address, and EtherType. The default is to permit all
frames. VLAN ACLs apply to the Switch Vertical Interface (SVI) for the VLAN.
For detailed information on configuring ACLs, see “Configuring ACLs using the CEE CLI” on page 85.