No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Agile POL Solution Configuration Guide 02

This document describes the service configuration guide for Huawei Agile POL solution, including enterprise campus, hotel, and campus scenarios. Service configuration cases include data, IP phone, Wi-Fi, VoD, and video surveillance.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Congestion Control and Security Policies

Configuring Congestion Control and Security Policies

This topic describes how to configure global priority-based scheduling policies for queues to ensure service reliability and configure global security policies to ensure service security.

Context

Congestion control uses queue scheduling technology to map packets sent from the same port into multiple queues and process packets in each queue based on priority.

Security policies ensure normal running of services.

Procedure

  • Configure queue scheduling.

    Based on Principles for QoS Planning, all packets use strict priorities for queue scheduling and are mapped to queues based on priorities.

    huawei(config)#queue-scheduler strict-priority
    huawei(config)#cos-queue-map cos0 0 cos1 1 cos2 2 cos3 3 cos4 4 cos5 5 cos6 6 cos7 7  //System default

  • Configure security policies.

    Solution

    Suggestion and Description

    Configuration Guide

    BPDU Block

    Disable the transparent transmission of bridge protocol data units (BPDUs), prevents users from forging BPDU packets to attack the device maliciously.

    Run the bpdu tunnel command to disable the transparent transmission of bridge protocol data units (BPDUs).

    In the global config mode, by default, the transparent transmission for the Layer 2 BPDUs is disabled.

    Restriction on the number of users

    Configure the maximum number of learnable dynamic MAC addresses of a service port to limit the number of the access users.

    Run the mac-address max-mac-count command to configure the maximum number of learnable dynamic MAC addresses of a service channel.

    •By default, the system does not limit the number of learnable dynamic MAC addresses of a port.

    Port isolation

    Configure Layer 2 isolation in a VLAN on the OLT.

    No configuration is required. By default, Layer 2 isolation is implemented in a VLAN.

    Traffic rate limit

    Configure the rate limit on the OLT to limit the traffic entering the service port.

    Run the traffic table ip command to create a traffic profile to limit the rate of the service port.

Translation
Download
Updated: 2018-10-22

Document ID: EDOC1100016413

Views: 62500

Downloads: 392

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next