Configuring an SAC Traffic Policy
Configuring an SAC Traffic Classifier
Context
An SAC traffic classifier identifies application layer packets of a certain type by using matching rules, so that the device can provide differentiated services.
Procedure
- Run system-view
The system view is displayed.
- Configure an SAC traffic classifier.
To match a single application protocol such as BT, perform the following operations.
Run traffic classifier classifier-name [ operator { and | or } ]
A traffic classifier is created and the traffic classifier view is displayed.
- Run if-match application application-name [ user-set user-set-name ] [ time-range time-name ]
A matching rule based on the application protocol is defined.
- To match a single application group, perform the following configurations:
Run traffic classifier classifier-name [ operator { and | or } ]
A traffic classifier is created and the traffic classifier view is displayed.
Run if-match category category-name [ user-set user-set-name ] [ time-range time-name ]
A matching rule based on the SAC group is defined.
Configuring an SAC Traffic Behavior
Context
An SAC traffic classifier identifies application layer packets of a certain type by using matching rules. The device can provide differentiated services by configuring a traffic behavior.
Procedure
- Run system-view
The system view is displayed.
- Run traffic behavior behavior-name
A traffic behavior is created and the traffic behavior view is displayed, or the view of the existing traffic behavior is displayed.
- Define actions in the traffic behavior. You
can configure multiple non-conflicting actions in a traffic behavior.
Action
Command
Packet filtering
deny | permit
Configure a QoS group that packets belong to
remark qos-group qos-group-value Priority re-marking by MQC
remark 8021p 8021p-value
remark cvlan-8021p 8021p-value
remark dscp { dscp-name | dscp-value }
remark mpls-exp exp-value (AR1200&AR2200&AR3200&AR3600 series)
remark fr-de fr-de-value
remark local-precedence local-precedence-value
NOTE:If a traffic behavior contains remark 8021p, remark mpls-exp, or remark dscp, but not remark local-precedence, the device marks the local priority of packets with 0.
Traffic policing by MQC
car cir { cir-value | pct cir-percentage } [ pir { pir-value | pct pir-percentage } ] [ cbs cbs-value pbs pbs-value ] [ share ] [ mode { color-blind | color-aware } ] [ green { discard | pass [ remark-8021p 8021p-value | remark-dscp dscp-value | remark-mpls-exp exp-value ] } ] [ yellow { discard | pass [ remark-8021p 8021p-value | remark-dscp dscp-value | remark-mpls-exp exp-value ] } ] [ red { discard | pass [ remark-8021p 8021p-value | remark-dscp dscp-value | remark-mpls-exp exp-value ] } ]
NOTE:The AR100&AR120&AR150&AR160&AR200 series do not support remark-mpls-exp exp-value.
Traffic shaping by MQC
gts cir { cir-value [ cbs cbs-value ] | pct pct-value } [ queue-length queue-length ]
Adaptive traffic shaping by MQC
gts adaptation-profile adaptation-profile-name
Congestion management by MQC
queue af bandwidth { bandwidth | [ remaining ] pct percentage }
queue ef bandwidth { bandwidth [ cbs cbs-value ] | pct percentage [ cbs cbs-value ] }
queue llq bandwidth { bandwidth [ cbs cbs-value ] | pct percentage [ cbs cbs-value ] }
queue wfq [ queue-number total-queue-number ]
queue-length { bytes bytes-value | packets packets-value }*
Congestion avoidance by MQC
drop-profile drop-profile-name
Sampling of NetStream statistics by MQC
ip netstream sampler { fix-packets packet-interval | fix-time time-interval | random-packets packet-interval | random-time time-interval } { multicast | rpf-failure | unicast }*
NOTE:The device does not support sampling of NetStream statistics for IPv6 and MPLS packets, so traffic classification rules cannot contain IPv6 or MPLS.
- Layer 2 VE interfaces do not support this function.
Unicast PBR
redirect ip-nexthop ip-address [ vpn-instance vpn-instance-name ] [ track { nqa admin-name test-name | ip-route ip-address { mask | mask-length } | interface interface-type interface-number } ] [ post-nat ] [ discard ] [ sfc-nsh spi spi-index si si-index ]
NOTE:If DSCP priority matching is configured in a traffic policy, the SAE220 (WSIC) and SAE550 (XSIC) cards do not support redirect ip-nexthop ip-address post-nat.
redirect ipv6-nexthop ipv6-address [ track { nqa nqa-admin nqa-name | ipv6-route ipv6–address mask-length } ] [ discard ]
redirect interface interface-type interface-number [ track { nqa admin-name test-name | ip-route ip-address { mask | mask-length } [ weak ] | ipv6-route ipv6-address mask-length } ] [ discard ]
redirect vpn-instance vpn-instance-name
NOTE:Layer 2 VE interfaces do not support this function.
redirect backup-nexthop ip-address [ vpn-instance vpn-instance-name ]
Sub traffic policy binding
traffic-policy policy-name
Traffic statistics
statistic enable Configure MQC to implement URL filtering
url-filter-profile profile-name
When an interface is added to a network bridge, the traffic behavior that is configured on the interface in the inbound direction can only define the following actions:- Re-marking the 802.1p priority in VLAN packets.
- Configuring MQC to implement traffic policing.
- Traffic statistics.
- Run quit
Exit from the traffic behavior view.
Configuring an SAC Traffic Policy
Procedure
- Run system-view
The system view is displayed.
- Run traffic
policy policy-name
A traffic policy is created and the traffic policy view is displayed, or the existing traffic policy view is displayed.
- Run classifier classifier-name behavior behavior-name
A traffic behavior is bound to the traffic classifier in the traffic policy.
