No relevant resource is found in the selected language.
MENU
Support Documentation
S600-E V200R010C00 Configuration Guide - QoS

This document describes the configurations of QoS functions, including MQC, priority mapping, traffic policing, traffic shaping, interface-based rate limiting, congestion avoidance, congestion management, packet filtering, redirection, traffic statistics, and ACL-based simplified traffic policy.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring Packet Filtering

Example for Configuring Packet Filtering

Networking Requirements

In Figure 6-2, enterprise users connect to external network devices through GE0/0/2 on SwitchA.

Packets of different services are identified by 802.1p priorities on the LSW. When packets reach the external network through GE0/0/2, the data service packets must be filtered and voice and video services must be ensured.

Figure 6-2  Networking of packet filtering

Configuration Roadmap

You can define the deny action in a traffic policy to filter packets. The configuration roadmap is as follows:
  1. Configure interfaces to allow enterprise users to access the external network through SwitchA.
  2. Configure traffic classifiers to classify packets based on 802.1p priorities.
  3. Configure traffic behaviors so that the device permits or rejects packets matching rules.
  4. Configure a traffic policy, bind the traffic policy to the traffic classifiers and traffic behaviors, and apply the traffic policy to GE0/0/1 in the inbound direction to filter packets.

Procedure

  1. Create VLANs and configure interfaces.

    # Create VLAN 10 on the Switch.

    <HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] vlan 10
[SwitchA-vlan10] quit

    # Configure GE0/0/1 and GE0/0/2 on SwitchA as trunk interfaces and add them to VLAN 10.

    [SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] port link-type trunk
[SwitchA-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[SwitchA-GigabitEthernet0/0/1] quit
[SwitchA] interface gigabitethernet 0/0/2
[SwitchA-GigabitEthernet0/0/2] port link-type trunk
[SwitchA-GigabitEthernet0/0/2] port trunk allow-pass vlan 10
[SwitchA-GigabitEthernet0/0/2] quit

    Configure the interface of the LSW connected to SwitchA as a trunk interface and add it to VLAN 10.

    # Create VLANIF 10 and configure IP address 192.168.2.1/24 for it.

    [SwitchA] interface vlanif 10
[SwitchA-Vlanif10] ip address 192.168.2.1 24
[SwitchA-Vlanif10] quit

    Configure IP address 192.168.2.2/24 for the router interface connected to the Switch.

  2. Configure traffic classifiers.

    # Create and configure traffic classifiers c1, c2, and c3 on SwitchA to classify packets based on 802.1p priorities.

    [SwitchA] traffic classifier c1
[SwitchA-classifier-c1] if-match 8021p 2
[SwitchA-classifier-c1] quit
[SwitchA] traffic classifier c2
[SwitchA-classifier-c2] if-match 8021p 5
[SwitchA-classifier-c2] quit
[SwitchA] traffic classifier c3
[SwitchA-classifier-c3] if-match 8021p 6
[SwitchA-classifier-c3] quit

  3. Configure traffic behaviors.

    # Configure a traffic behavior named b1 on SwitchA and define the deny action.

    [SwitchA] traffic behavior b1
[SwitchA-behavior-b1] deny
[SwitchA-behavior-b1] quit

    # Configure traffic behaviors b2 and b3 on SwitchA and define the permit action.

    [SwitchA] traffic behavior b2
[SwitchA-behavior-b2] permit
[SwitchA-behavior-b2] quit
[SwitchA] traffic behavior b3
[SwitchA-behavior-b3] permit
[SwitchA-behavior-b3] quit

  4. Configure a traffic policy and apply the traffic policy to an interface.

    # Create a traffic policy named p1 on SwitchA, bind the traffic behaviors and traffic classifiers to the traffic policy, and apply the traffic policy to GE0/0/1 in the inbound direction to filter packets.

    [SwitchA] traffic policy p1
[SwitchA-trafficpolicy-p1] classifier c1 behavior b1
[SwitchA-trafficpolicy-p1] classifier c2 behavior b2
[SwitchA-trafficpolicy-p1] classifier c3 behavior b3
[SwitchA-trafficpolicy-p1] quit
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] traffic-policy p1 inbound
[SwitchA-GigabitEthernet0/0/1] quit

  5. Verify the configuration.

    # Check the traffic classifier configuration.

    [SwitchA] display traffic classifier user-defined
  User Defined Classifier Information:                                          
   Classifier: c2                                                               
    Operator: AND                                                               
    Rule(s) : if-match 8021p 5                                                  

   Classifier: c3                                                               
    Operator: AND                                                               
    Rule(s) : if-match 8021p 6                                                  

   Classifier: c1                                                               
    Operator: AND                                                               
    Rule(s) : if-match 8021p 2    
   
Total classifier number is 3

    # Check the traffic policy record.

    [SwitchA] display traffic-policy applied-record p1
-------------------------------------------------                               
  Policy Name:   p1                                                             
  Policy Index:  0                                                              
     Classifier:c1     Behavior:b1      
     Classifier:c2     Behavior:b2                                                  
     Classifier:c3     Behavior:b3                                              
-------------------------------------------------                              
 *interface GigabitEthernet0/0/1                                                       
    traffic-policy p1 inbound                                                   
      slot 0    :  success                                                      
-------------------------------------------------                               
  Policy total applied times: 1.

Configuration Files

  • SwitchA configuration file

    #
sysname SwitchA
#
vlan batch 10
#
traffic classifier c1 operator and
 if-match 8021p 2
traffic classifier c2 operator and
 if-match 8021p 5
traffic classifier c3 operator and
 if-match 8021p 6
#
traffic behavior b1
 deny                                 
traffic behavior b2
 permit
traffic behavior b3
 permit
#
traffic policy p1               
 classifier c1 behavior b1                                                      
 classifier c2 behavior b2                                                      
 classifier c3 behavior b3
#
interface Vlanif10                                                              
 ip address 192.168.2.1 255.255.255.0                                           
#                                                                               
interface GigabitEthernet0/0/1
 port link-type trunk                                                           
 port trunk allow-pass vlan 10                                                  
 traffic-policy p1 inbound                                                      
#                                                                               
interface GigabitEthernet0/0/2
 port link-type trunk                                                           
 port trunk allow-pass vlan 10                                                  
#
return
Translation
简体中文
Download
Updated: 2020-12-26

Document ID: EDOC1000141882

Views: 67544

Downloads: 26

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next
Enterprise APP

Copyright © 2021 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :