DPI supports traffic classification by direction through the specification of external autonomous systems (ASN). Labeling by direction takes precedence over labeling by protocol. It is recommended to perform labeling by autonomous system number only for external ASNs (for example, Facebook or Google); this labeling rule will work immediately for all channels and subscribers without the possibility of exceptions.

Policing subscriber ASNs is also possible, but it may disrupt the policing rules set through channel and subscriber settings. It is not recommended to use subscriber ASN policing in conjunction with other types of policing!

For settings, specify:

1. AS number
2. Rule name
3. Public description
4. Priority (select from the list)
5. Tags (select from the list)

Tags values:

• drop — packets should not be forwarded (they should be dropped).
• pass — traffic from this AS is forwarded through DPI transit without analysis and processing.
• local — traffic from this AS is considered local traffic for the operator.
• peer — the operator is peering with this AS; used only for the Caching option.
• term — termination is allowed for this AS.
• mark1 — for AS with this label, SNI will take priority if protocols are specified for both SNI and IP.
• mark2 — QUIC traffic without SNI from this AS will be marked as QUIC_UNKNOWN_MARKED.
• mark3 — reserved.