MATCH criteria and SET Actions are the building blocks of policy maps. Maps use prioritized entries, known as rules, to sort traffic.The appliance pairs MATCH criteria with SET Actions to filter outbound packets into flows and then process them appropriately.
n MATCH criteria define flows in policy maps, Access Control Lists (ACL), and user-defined applications. Wherever they are, MATCH criteria all have the same possible components.
n SET Actions determine how the flow is processed. The possible actions are specific to the type of policy. For ACLs, the possible actions are Permit and Deny.The Appliance Manager has separate policies for routing, optimization, and QoS (Quality of Service) functions. You can create multiple versions (maps) for each policy, but only the active map is applied.By default, each of the three policies has one active map, map1. However, there is no relationship between map names across different policies.
• When a flow is not directed to a tunnel, then
• the Optimization Policy is not applied, and
• the QoS Policy processes pass-through shaped and unshaped traffic for DSCP markings, and only pass-through shaped traffic for traffic class assignment.Within a policy, the appliance searches the Priorities in ascending order. When it finds a match for the outbound packet, it executes the associated SET action(s). If no entries match, it applies the policy’s default entry.Each map has one default entry. It’s always the last entry, with a Priority of 65535.
•
•
•
• Default is Traffic Class 1. Traffic classes are defined in the Shaper. trust-lan
(plus other DSCP markings) trust-lan
(plus other DSCP markings) Protocol Acceleration1 Default = BalancedDefault = ONDefault = ONDefault = ONDefaults = CIFS, SSL
• The Route map automatically optimizes all IP flows — TCP and non-TCP.
• The QoS map places all traffic in Traffic Class #1 and trusts the existing DSCP markings.
• The Optimization map applies all optimizations to tunnelized flows — Network Memory, IP header compression, payload compression, TCP acceleration, and protocol-specific accelerations (CIFS and SSL).
Please send comments or suggestions regarding user documentation to techpubs@silver-peak.com. |