This section specifies the syntax and semantics for the protocol tests.
Supported Options Per Feature Set
Supported | Feature Sets | ||||
---|---|---|---|---|---|
N-ANL4 | N-ANL5 N-ANL6 N-ANL7 N-ANL8 | N-ANL9 | N-ANL10 | ||
X | X | X | |||
Options | VXLAN | X | X | ||
EoMPLS | X |
The syntax for the protocol tests is shown below.
<ProtocolTest> ::= <EncapsulationTest> | <BroadcastTest> | <Layer2ProtocolTest> | <Layer3ProtocolTest> | <Layer4ProtocolTest> | <TunnelTypeTest> | <MacTypeTest> |<FragmentTest> | <IpProtocolTypeTest> | <InnerEncapsulationTest> | <InnerLayer2ProtocolTest> | <InnerLayer3ProtocolTest> | <InnerLayer4Test> | <InnerFragmentTest> | <InnerIpProtocolTypeTest> <EncapsulationTest> ::= 'Encapsulation' <EqualNotEqualTest> <EncapsulationListSpec> <EncapsulationListSpec> ::= <EncapsulationValue> [ ',' <EncapsulationListSpec> ] <EncapsulationValue> ::= 'ISL' | 'CFP' | 'VLAN' | 'MPLS' | 'VNTAG' <BroadcastTest> ::= 'BroadcastFrame' '==' <TrueFalseValue> <Layer2ProtocolTest> ::= 'Layer2Protocol' <EqualNotEqualTest> <Layer2ListSpec> <Layer2ListSpec> ::= <Layer2ProtocolValue> [ ',' <Layer2ListSpec> ] <Layer2ProtocolValue> ::= 'EtherII' | 'LLC' | 'SNAP' | 'Raw' | 'PPPoEDiscovery' | 'PPPoESession' | 'Other' <Layer3ProtocolTest> ::= 'Layer3Protocol' <EqualNotEqualTest> <Layer3ListSpec> <Layer3ListSpec> ::= <Layer3ProtocolValue> [ ',' <Layer3ListSpec> ] <Layer3ProtocolValue> ::= 'IP' | 'IPV4' | 'IPV6' | 'Other' <Layer4ProtocolTest> ::= 'Layer4Protocol' <EqualNotEqualTest> <Layer4ListSpec> <Layer4ListSpec> ::= <Layer4ProtocolValue> [ ',' <Layer4ListSpec> ] <Layer4ProtocolValue> ::= 'UDP' | 'TCP' | 'ICMP' | 'SCTP' | 'Other' <TunnelTypeTest> ::= 'TunnelType' <EqualNotEqualTest> <TunnelTypeSpec> <TunnelTypeSpec> ::= <TunnelTypeValue> [ ',' <TunnelTypeSpec> ] <TunnelTypeValue> ::= 'GREv0' | 'GREv1' | 'GTPv0-U' | 'GTPv1-U' | 'GTPv1-C' | 'GTPv2-C' | 'GTPv1v2-C' | 'GTPv1-U-GPDU' | 'GTPv1-U-Signal' | 'IPinIP' | 'EtherIP' | 'VXLAN' | 'NVGRE' | 'EoMPLS' | 'Other' <MacTypeTest> ::= 'MacType' <EqualNotEqualTest> <MacTypeListSpec> <MacTypeListSpec> ::= <MacTypeValue> [ ',' <MacTypeListSpec> ] <MacTypeValue> ::= 'Pause' | 'Control' | 'Broadcast' | 'Multicast'| 'Unicast' <FragmentTest> ::= 'Fragment' <EqualNotEqualTest> <FragmentListSpec> <FragmentListSpec> ::= <FragmentValue> [ ',' <FragmentListSpec> ] <FragmentValue> ::= 'Not' | 'First' | 'Middle' | 'Last' <IpProtocolTypeTest> ::= 'IpProtocol' '==' <IpProtocolNumber> <IpProtocolNumber> ::= '0' | '1' | ...| '254' <InnerEncapsulationTest> ::= 'InnerEncapsulation' <EqualNotEqualTest> <InnerEncapsulationListSpec> <InnerEncapsulationListSpec> ::= <InnerEncapsulationValue> [ ',' InnerEncapsulationListSpec> ] <InnerEncapsulationValue> ::= 'VLAN' | 'MPLS' <InnerLayer2ProtocolTest> ::= 'InnerLayer2Protocol' <EqualNotEqualTest> <InnerLayer2ListSpec> <InnerLayer2ListSpec> ::= <InnerLayer2ProtocolValue> [ ',' <InnerLayer2ListSpec>> ] <InnerLayer2ProtocolValue> ::= 'EtherII' | 'Other' <InnerLayer3ProtocolTest> ::= 'InnerLayer3Protocol' <EqualNotEqualTest> <InnerLayer3ListSpec> <InnerLayer3ListSpec ::= <InnerLayer3ProtocolValue> [ ',' <InnerLayer3ListSpec> ] <InnerLayer3ProtocolValue> ::= 'IP'| 'IPV4'| 'IPV6'| 'Other' <InnerLayer4Test> ::= 'InnerLayer4Protocol' <EqualNotEqualTest> <InnerLayer4ListSpec> <InnerLayer4ListSpec> ::= <InnerLayer4ProtocolValue> [ ',' <InnerLayer4ListSpec> ] <InnerLayer4ProtocolValue> ::= 'UDP' | 'TCP' | 'ICMP' | SCTP | 'Other' <InnerFragmentTest> ::= 'InnerFragment' <EqualNotEqualTest> <InnerFragmentListSpec> <InnerFragmentListSpec> ::= <InnerFragmentValue> [ ',' <InnerFragmentListSpec> ] <InnerFragmentValue> ::= 'Not' | 'First' | 'Middle' | 'Last' <InnerIpProtocolTypeTest> ::= 'InnerIpProtocol' '==' <InnerIpProtocolNumber> <InnerIpProtocolNumber> ::= '0' | '1' | ...| '254'
Using a protocol test it is possible to set up a filter, filtering frames with some specific protocol-related options. The options can be:
- Specific protocols: Ether II, LLC, SNAP, Raw, IP, IPv4, IPv6, UDP, TCP or ICMP
- Broadcast or nonbroadcast
- Encapsulation: ISL, CFP, VLAN, or MPLS
- Tunnel types related to tunneling
Protocol Test Example
This section describes an example of a filter for protocol testing. The example illustrates how to set up a filter that captures each frame that meets all of these conditions:
- The frame is not VLAN-encapsulated
- The frame is not MPLS-encapsulated
- The frame is not an UDP frame
The filter NTPL example is shown below.
Assign[StreamId = 1] = ((Encapsulation != VLAN, MPLS) AND (Layer4Protocol != UDP))
MPLS Protocol Overview
The MPLS protocol consist of the following fields:
0 - 19 : Label 20 - 22 : TC = Traffic Class 23 : S = Bottom of Stack 24 - 31 : TTL = Time To Live
The MPLS stack can hold multiple MPLS entries, the bottom header has the S bit set.
| Layer 2 header | MPLS top | ... | MPLS mid | ... | MPLS bottom | Layer 3 header |
When a node recieve a packet with a MPLS label, it utilize the top label to:
a) Forward the packet to the next hop.
b) The operation to be performed on the label stack before forwarding:
- Replace the top label stack entry with another.
- Pop an entry off the label stack.
- Replace the top label stack entry.
- Push one or more additional entries on the label stack.
MPLS Examples
This section show a few examples of MPLS filtering.
FilterMacros.txt define NTPL macros for the 3 highest MPLS headers:
MPLS0_Value : the label value for the top MPLS label. MPLS1_Value : the label value for the second MPLS label. MPLS2_Value : the label value for the third MPLS label.
MPLS0_Stack : the bottom stack flag for the top MPLS label. MPLS1_Stack : the bottom stack flag for the second MPLS label. MPLS2_Stack : the bottom stack flag for the third MPLS label.
Filter on MPLS and label value of 1234:
Assign[StreamID=0]=Encapsulation == MPLS AND MPLS0_Value == 1234
Filter on MPLS bottom layer encapsulation with label value 5678.
Assign[StreamID=1]=Encapsulation == MPLS AND MPLS0_Stack == 1 AND MPLS0_Value == 5678
Filter on MPLS encapsulation where the second label value is 4321 and the third layer is the bottom.
Assign[StreamID=2]=Encapsulation == MPLS AND MPLS1_Value == 4321 AND MPLS2_Stack == 1