Configuring MQC to Implement Congestion Avoidance
A drop profile defines WRED parameters. After a drop profile is bound to a traffic behavior, associate the traffic behavior and traffic classifier with a traffic policy and apply the traffic policy to an interface. By doing this, the device can implement congestion avoidance for traffic matching rules in the traffic classifier.
- The value of an IP precedence ranges from 0 to 7.
- The value of a DSCP priority ranges from 0 to 63.
- Eight DSCP priorities correspond to one IP priority. For example, DSCP priorities 0 to 7 correspond to IP precedence 0, and DSCP priorities 8 to 15 correspond to IP precedence 1.
NOTE: Congestion avoidance can be configured on the WAN-side interfaces and layer 2 VE interfaces.
A drop profile takes effect for only AF and BE queues; therefore, class-based congestion management must have been configured before you configure flow-based congestion avoidance.
Assume that the EXP priority in MPLS packets is a. The AR1200-S series, AR3200-S series, and AR2200-S series search for the DSCP priority that equals the EXP priority multiplied by eight (a x 8) in the drop profile. Then the device discards the MPLS packets based on the drop parameters in the drop profile. For example, the EXP priority in MPLS packets is 2. The device searches for DSCP priority 16 (2 x 8) in the drop profile, and discards the MPLS packets based on the drop parameters in the drop profile.
Procedure
- Configuring a drop profile.
Run system-view
The system view is displayed.
Run drop-profile drop-profile-name
A drop profile is created and the drop profile view is displayed.
(Optional) Run wred { dscp | ip-precedence }
A WRED drop profile based on DSCP or IP priorities is configured.
- Run the following commands as required.
Run dscp { dscp-value1 [ to dscp-value2 ] } &<1-10> low-limit low-limit-percentage high-limit high-limit-percentage discard-percentage discard-percentage
WRED parameters based on DSCP priorities are set.
Run ip-precedence { ip-precedence-value1 [ to ip-precedence-value2 ] } &<1-10> low-limit low-limit-percentage high-limit high-limit-percentage discard-percentage discard-percentage
WRED parameters based on IP priorities are set.
Run quit
Exit from the drop profile view.
Run quit
Exit from the system view.
- Configure a traffic classifier.
Run system-view
The system view is displayed.
Run traffic classifier classifier-name [ operator { and | or } ]
A traffic classifier is created and the traffic classifier view is displayed.
and indicates that rules are ANDed with each other.If a traffic classifier contains ACL rules, packets match the traffic classifier only when they match one ACL rule and all the non-ACL rules.
If a traffic classifier does not contain ACL rules, packets match the traffic classifier only when the packets match all the non-ACL rules.
By default, the relationship between rules in a traffic classifier is OR.
- Run the following commands as required.
Matching Rule
Command
Outer VLAN ID
if-match vlan-id start-vlan-id [ to end-vlan-id ] Inner VLAN IDs in QinQ packets
if-match cvlan-id start-vlan-id [ to end-vlan-id ] 802.1p priority in VLAN packets
if-match 8021p 8021p-value &<1-8> Inner 802.1p priority in QinQ packets
if-match cvlan-8021p 8021p-value &<1-8> EXP priority in MPLS packets (AR1200-S series, AR2200-S series and AR3200-S series)
if-match mpls-exp exp-value &<1-8> Destination MAC address
if-match destination-mac mac-address [ mac-address-mask mac-address-mask ] Source MAC address
if-match source-mac mac-address [ mac-address-mask mac-address-mask ] DLCI value in FR packets
if-match dlci start-dlci-number [ to end-dlci-number ] DE value in FR packets
if-match fr-de Protocol type field encapsulated in the Ethernet frame header
if-match l2-protocol { arp | ip | mpls | rarp | protocol-value } All packets
if-match any DSCP priority in IP packets
if-match [ ipv6 ] dscp dscp-value &<1-8> NOTE:If DSCP priority matching is configured in a traffic policy, the SAE220 (WSIC) and SAE550 (XSIC) cards do not support redirect ip-nexthop ip-address post-nat.
IP precedence in IP packets
if-match ip-precedence ip-precedence-value &<1-8> NOTE:if-match [ ipv6 ] dscp and if-match ip-precedence cannot be configured simultaneously in a traffic classifier where the relationship between rules is AND.
Layer 3 protocol type
if-match protocol { ip | ipv6 } QoS group index of packets
if-match qos-group qos-group-value IPv4 packet length
if-match packet-length min-length [ to max-length ] PVC information in ATM packets
if-match pvc vpi-number/vci-number RTP port number
if-match rtp start-port start-port-number end-port end-port-number SYN Flag in the TCP packet header
if-match tcp syn-flag { ack | fin | psh | rst | syn | urg } *
Inbound interface
if-match inbound-interface interface-type interface-number Outbound interface
if-match outbound-interface Cellular interface-number:channel ACL rule
if-match acl { acl-number | acl-name } NOTE:Before defining a matching rule for traffic classification based on an ACL, create the ACL.
To use an ACL in a traffic classifier to match the source IP address, run the qos pre-nat command on an interface to configure NAT pre-classification. NAT pre-classification enables the NAT-enabled device to carry the private IP address before translation on the outbound interface so that the NAT-enabled device can classify IP packets based on private IP addresses and provide differentiated services.
ACL6 rule
if-match ipv6 acl { acl-number | acl-name } NOTE:Before defining a matching rule for traffic classification based on an ACL, create the ACL.
To use an ACL in a traffic classifier to match the source IP address, run the qos pre-nat command on an interface to configure NAT pre-classification. NAT pre-classification enables the NAT-enabled device to carry the private IP address before translation on the outbound interface so that the NAT-enabled device can classify IP packets based on private IP addresses and provide differentiated services.
Application protocol
if-match application application-name [ user-set user-set-name ] [ time-range time-name ]
NOTE:Before defining a matching rule based on an application protocol, enable Smart Application Control (SA) and load the signature file.
SA group
if-match category category-name [ user-set user-set-name ] [ time-range time-name ]
NOTE:- Before defining a matching rule based on an application protocol, enable Smart Application Control (SA) and load the signature file.
User group
if-match user-set user-set-name [ time-range time-range-name ]
Run quit
Exit from the traffic classifier view.
- Configure a traffic behavior.
Run traffic behavior behavior-name
A traffic behavior is created and the traffic behavior view is displayed.
![]()
NOTE: queue af or queue wfq must have been configured in the traffic behavior.
Run drop-profile drop-profile-name
A drop profile is bound to the traffic behavior.![]()
NOTE: A drop profile must have been created and WRED parameters have been set.
(Optional) Run statistic enable
The traffic statistics function is enabled.
Run quit
Exit from the traffic behavior view.
Run quit
Exit from the system view.
- Configure a traffic policy.
Run system-view
The system view is displayed.
Run traffic policy policy-name
A traffic policy is created and the traffic policy view is displayed, or the view of an existing traffic policy is displayed.
By default, no traffic policy is created in the system.
Run classifier classifier-name behavior behavior-name [ precedence precedence-value ]
A traffic behavior is bound to a traffic classifier in a traffic policy.
By default, no traffic classifier or traffic behavior is bound to a traffic policy.
Run quit
Exit from the traffic policy view.
Run quit
Exit from the system view.
- Apply the traffic policy.
Apply the traffic policy to an interface.
Run system-view
The system view is displayed.
Run interface interface-type interface-number [.subinterface-number ]
The interface view is displayed.
Run traffic-policy policy-name { inbound | outbound }
The traffic policy is applied to the inbound or outbound direction on the interface.
By default, no traffic policy is applied to an interface.
- Apply the traffic policy to an interzone.
Run system-view
The system view is displayed.
Run firewall interzone zone-name1 zone-name2
An interzone is created and the interzone view is displayed.
By default, no interzone is created.
You must specify two existing zones for the interzone.
Run traffic-policy policy-name
The traffic policy is bound to the interzone.
By default, no traffic policy is bound to an interzone.
- Apply the traffic policy to a BD.
![]()
NOTE: Only the AR100-S&AR110-S&AR120-S&AR150-S&AR200-S&AR1200-S series routers support this configuration.
Run system-view
The system view is displayed.
Run bridge-domain bd-id
A BD is created and the BD view is displayed.
By default, no BD is created.
Run traffic-policy policy-name { inbound | outbound }
The traffic policy is applied to the BD.
By default, no traffic policy is applied to a BD.
Previous
