No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - IP Unicast Routing

S7700 and S9700 V200R011C10

This document describes IP Unicast Routing configurations supported by the switch, including the principle and configuration procedures of IP Routing Overview, Static Route, RIP, RIPng, OSPF, OSPFv3, IS-IS(IPv4), IS-IS(IPv6), BGP, Routing Policy ,and PBR, and provides configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring NQA for PBR

Configuring NQA for PBR

Background

Policy-based routing (PBR) allows switches to select paths and forward packets based on defined policies. However, PBR does not have a fault detection mechanism. If the link for the redirection next hop becomes faulty, PBR becomes ineffective only after the ARP entry of the redirection next hop is aged. In this situation, services cannot be immediately switched to another link, which may result in lengthy service interruptions.

To address this problem, configure network quality analysis (NQA) for PBR. This configuration provides a fault detection mechanism for PBR. If the link for the redirection next hop becomes faulty, the next hop will become ineffective immediately without waiting for the aging of its ARP entry because it fails the NQA test. This mechanism helps shorten communication interruption time and improve QoS.

Pre-configuration Tasks

Before configuring NQA for PBR, complete the following tasks:
  • Configure IP addresses and routing protocols for interfaces to ensure connectivity.

  • Configure an ACL if the ACL needs to be used to classify traffic.

Procedure

  1. Configure an ICMP NQA test instance.

    1. Run system-view

      The system view is displayed.

    2. Run nqa test-instance admin-name test-name

      An NQA test instance is created, and the test instance view is displayed.

    3. Run test-type icmp

      The test type is set to ICMP.

      NOTE:

      When NQA is associated with PBR, only an ICMP NQA test instance can be used to check whether a route from the source to the destination is reachable.

    4. Run destination-address ipv4 ip-address

      The destination address is set for the NQA test instance.

    5. (Optional) Run frequency interval

      The interval at which the NQA test instance automatically runs is set.

      By default, no automatic test interval is set. The system performs the test only once.

    6. (Optional) Run probe-count number

      The number of probes to be sent each time is set for the NQA test instance.

      By default, the number of probes to be sent each time is 3.

      By sending probes multiple times for an NQA test instance, you can estimate the network quality more accurately based on the collected statistics.

    7. (Optional) Run interval { milliseconds interval | seconds interval }

      The interval at which probe packets are sent is set for the NQA test instance.

      For the default interval at which probe packets are sent, see the command reference manual.

    8. (Optional) Run timeout time

      The timeout period of a probe is set for the NQA test instance.

      By default, the timeout period of a probe for FTP test instances is 15s and that for other tests instances is 3s.

    9. Set the NQA test instance startup mode as required to start the NQA test instance.

      • Run start now [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]

        The NQA test instance is started immediately.

      • Run start at [ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]

        The NQA test instance is started at the specified time.

      • Run start delay { seconds second | hh:mm:ss } [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]

        The NQA test instance is started after the specified delay.

    10. Run quit

      Return to the system view.

    11. Run quit

      Exit from the system view.

  2. Configure a traffic classifier.

    For details about configuring a traffic classifier, see Configuring a Traffic Classifier in "MQC Configuration" in the S7700 and S9700 V200R011C10 Configuration Guide - QoS.

  3. Configure a traffic behavior.

    1. Run system-view

      The system view is displayed.

    2. Run traffic behavior behavior-name

      A traffic behavior is created, and the traffic behavior view is displayed, or the existing traffic behavior view is displayed.

    3. Run redirect [ vpn-instance vpn-instance-name ] ip-nexthop { ip-address [ track-nqa admin-name test-name ] } &<1-4> [ forced | low-precedence ] *

      The packets matching traffic classification rules are redirected to the specified next hop, and association between PBR and the NQA test instance is configured.

      To configure association between PBR and the NQA test instance, specify the track-nqa admin-name test-name parameter.

      NOTE:

      In the same traffic behavior, the same next-hop IP address can be bound only to the same NQA test instance.

      On the device, a maximum of eight NQA test instances can be bound.

    4. (Optional) Run statistic enable

      The traffic statistics collection function is enabled.

    5. Run quit

      Return to the system view.

    6. Run quit

      Exit from the system view.

  4. Configure a traffic policy.

    For details about configuring a traffic policy, see Configuring a Traffic Policy in "MQC Configuration" in the S7700 and S9700 V200R011C10 Configuration Guide - QoS.

  5. Apply the traffic policy.

    • Apply the traffic policy to an interface.
      1. Run system-view

        The system view is displayed.

      2. Run interface interface-type interface-number

        The interface view is displayed.

      3. Run traffic-policy policy-name inbound

        The traffic policy is applied to the inbound direction of the interface.

    • Apply the traffic policy to a VLAN.
      1. Run system-view

        The system view is displayed.

      2. Run vlan vlan-id

        The VLAN view is displayed.

      3. Run traffic-policy policy-name inbound

        The traffic policy is applied to the VLAN.

        Subsequently, the system performs traffic policing on the incoming packets that are sent from the VLAN and match traffic classification rules.

    • Apply the traffic policy globally or to a board.
      1. Run system-view

        The system view is displayed.

      2. Run traffic-policy policy-name global inbound [ slot slot-id ]

        The traffic policy is applied globally or to the specified board.

Verifying the Configuration

  • Run the display traffic classifier user-defined [ classifier-name ] command to check the traffic classifier configuration.
  • Run the display traffic behavior user-defined [ behavior-name ] command to check the traffic behavior configuration.
  • Run the display traffic policy user-defined [ policy-name [ classifier classifier-name ] ] command to check the user-defined traffic policy configuration.

  • Run the display traffic-applied [ interface [ interface-type interface-number ] | vlan [ vlan-id ] ] { inbound | outbound } [ verbose ] command to check information about ACL-based simplified and MQC-based traffic policies applied to the system, a VLAN, or an interface.

    NOTE:

    Traffic policies can be applied to a sub-interface, but the display traffic-applied command cannot be used to check information about ACL-based simplified and MQC-based traffic policies applied to the sub-interface.

  • Run the display traffic policy { interface [ interface-type interface-number [.subinterface-number ] ] | vlan [ vlan-id ] | ssid-profile [ ssid-profile-name ] | global } [ inbound | outbound ] command to check the traffic policy configuration.

  • Run the display traffic-policy applied-record [ policy-name ] command to check the application record of a specified traffic policy.

Translation
Download
Updated: 2019-09-23

Document ID: EDOC1000178324

Views: 233587

Downloads: 203

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next