No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
MENU
Support Documentation

S12700 V200R013C00 Configuration Guide - QoS

This document describes the configurations of QoS functions, including MQC, priority mapping, traffic policing, traffic shaping, interface-based rate limiting, congestion avoidance, congestion management, packet filtering, redirection, traffic statistics, ACL-based simplified traffic policy, and HQoS.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Priority Re-marking

Configuring Priority Re-marking

Background

Priority re-marking allows the device to re-mark priorities of packets matching traffic classification rules, such as the 802.1p priority of VLAN packets and DSCP priority of IP packets.

Procedure

  1. Configure a traffic classifier.

    1. Run system-view

      The system view is displayed.

    2. Run traffic classifier classifier-name [ operator { and | or } ] [ precedence precedence-value ]

      A traffic classifier is created and the traffic classifier view is displayed, or the view of an existing traffic classifier is displayed.

      The logical operator and between the rules in the traffic classifier means that:

      • If the traffic classifier contains ACL rules, packets match the traffic classifier only if they match one ACL rule and all the non-ACL rules.

      • If the traffic classifier does not contain any ACL rules, packets match the traffic classifier only if they match all the rules in the classifier.

      The logical operator or means that packets match the traffic classifier if they match one of the rules in the classifier.

      By default, the relationship between rules in a traffic classifier is or.

    3. Configure matching rules in the traffic classifier according to the following table.
      NOTE:

      The if-match ip-precedence and if-match tcp commands are valid only for IPv4 packets.

      X series cards do not support traffic classifiers with advanced ACLs containing the ttl-expired field.

      When a traffic classifier contains if-match ipv6 acl { acl-number | acl-name }, X series cards do not support add-tag vlan-id vlan-id, remark 8021p [ 8021p-value | inner-8021p ], remark cvlan-id cvlan-id, remark vlan-id vlan-id, or mac-address learning disable.

      Matching Rule

      Command

      Remarks

      Outer VLAN ID or inner and outer VLAN IDs of QinQ packets

      		 if-match vlan-id start-vlan-id [ to end-vlan-id ] [ cvlan-id cvlan-id ]

      N/A

      Inner and outer VLAN IDs in QinQ packets

      if-match cvlan-id start-vlan-id [ to end-vlan-id ] [ vlan-id vlan-id ]

      -

      802.1p priority in VLAN packets

      		 if-match 8021p 8021p-value &<1-8>

      If you specify multiple values for 8021p-value in one command, a packet matching any of the values matches the traffic classifier, regardless of whether the relationship between rules in the traffic classifier is AND or OR.

      Inner 802.1p priority in QinQ packets

      if-match cvlan-8021p 8021p-value &<1-8>

      -

      Drop packet

      		 if-match discard

      A traffic classifier containing this matching rule can only be bound to traffic behaviors containing the traffic statistics collection and flow mirroring actions.

      Double tags in QinQ packets

      		 if-match double-tag

      -

      EXP priority in MPLS packets

      		 if-match mpls-exp exp-value &<1-8>

      If you specify multiple values for exp-value in one command, a packet matching any of the values matches the traffic classifier, regardless of whether the relationship between rules in the traffic classifier is AND or OR.

      SA cards of the S series and X series cards do not support matching of EXP priorities in MPLS packets.

      Destination MAC address

      		 if-match destination-mac mac-address [ [ mac-address-mask ] mac-address-mask ]

      -

      Source MAC address

      		 if-match source-mac mac-address [ [ mac-address-mask ] mac-address-mask ]

      -

      Protocol type in the Ethernet frame header

      		 if-match l2-protocol { arp | ip | mpls | rarp | protocol-value }

      -

      All packets

      		 if-match any

      -

      DSCP priority in IP packets

      if-match [ ipv6 ] dscp dscp-value &<1-8>

      • If you specify multiple values for dscp-value in one command, a packet matching any of the values matches the traffic classifier, regardless of whether the relationship between rules in the traffic classifier is AND or OR.

      • If the relationship between rules in a traffic classifier is AND, the if-match [ ipv6 ] dscp and if-match ip-precedence commands cannot be used in the traffic classifier simultaneously.

      IP precedence in IP packets

      		 if-match ip-precedence ip-precedence-value &<1-8>

      • If you specify multiple values for ip-precedence-value in one command, a packet matching any of the values matches the traffic classifier, regardless of whether the relationship between rules in the traffic classifier is AND or OR.

      • The if-match [ ipv6 ] dscp and if-match ip-precedence commands cannot be configured in a traffic classifier in which the relationship between rules is AND.

      Layer 3 protocol type

      		 if-match protocol { ip | ipv6 }

      -

      Next Header field in the IPv6 packet header

      		 if-match ipv6 next-header header-number first-next-header

      The ET1D2X12SSA0 card does not support the routes whose prefix length ranges from 64 to 128.

      SYN flag in TCP packets

      if-match tcp syn-flag { syn-flag-value | ack | fin | psh | rst | syn | urg }

      -

      Inbound interface

      		 if-match inbound-interface interface-type interface-number

      A traffic policy containing this matching rule cannot be applied to the outbound direction or in the interface view.

      Outbound interface

      		 if-match outbound-interface interface-type interface-number

      A traffic policy containing this matching rule cannot be applied to the inbound direction on X series cards.

      A traffic policy containing this matching rule cannot be applied in the interface view.

      ACL rule

      		 if-match acl { acl-number | acl-name }
      • When an ACL is used to define a traffic classification rule, it is recommended that the ACL be configured first.
      • If an ACL in a traffic classifier defines multiple rules and a packet matches any of the rules, the packet matches the ACL, regardless of whether the relationship between rules in the traffic classifier is AND or OR.

      ACL6 rule

      		 if-match ipv6 acl { acl-number | acl-name }

      Before specifying an ACL6 in a matching rule, configure the ACL6.

      Flow ID

      		 if-match flow-id flow-id

      A traffic classifier containing if-match flow-id and a traffic behavior containing remark flow-id must be bound to different traffic policies.

      A traffic policy containing if-match flow-id can be only applied to an interface, a VLAN, a card, or the system in the inbound direction.

      X series cards and SA series cards do not support matching of flow IDs.

      Inner information of VXLAN packets

      		 if-match vxlan [ transit ] vni vni-id

      A traffic policy containing this traffic classifier cannot be applied in the outbound direction.

      If a traffic classifier contains this matching rule, it supports only traffic behaviors of traffic policing, packet filtering, and traffic statistics.

      Inner information of VXLAN packets

      		 if-match vxlan [ transit ] vni vni-id

      A traffic policy containing this traffic classifier cannot be applied in the outbound direction.

      If a traffic classifier contains this matching rule, it supports only traffic behaviors of traffic policing, packet filtering, and traffic statistics.

      Inner information of VXLAN packets

      		 if-match vxlan [ transit ] vni vni-id

      A traffic policy containing this traffic classifier cannot be applied in the outbound direction.

      If a traffic classifier contains this matching rule, it supports only traffic behaviors of traffic policing, packet filtering, and traffic statistics.

    4. Run quit

      Exit from the traffic classifier view.

  2. Configure a traffic behavior.
    1. Run traffic behavior behavior-name

      A traffic behavior is created and the traffic behavior view is displayed.

    2. Run the following commands as required.
      • Run the remark 8021p [ 8021p-value | inner-8021p ] command to configure the device to re-mark 802.1p priorities of packets matching traffic classification rules.
        NOTE:

        SA series cards do not support the action of inheriting the 802.1p priority in the inner tag.

      • Run the remark dscp { dscp-name | dscp-value } command to configure the device to re-mark DSCP priorities of packets matching traffic classification rules.

      • Run the remark local-precedence { local-precedence-name | local-precedence-value } [ green | yellow | red ] command to configure the device to re-mark local priorities of packets matching traffic classification rules.

    3. (Optional) Run the statistic enable command to enable the traffic statistics function.
    4. Run the quit command to exit from the traffic behavior view.
    5. Run the quit command to exit from the system view.
  3. Configure a traffic policy.

    1. Run system-view

      The system view is displayed.

    2. Run traffic policy policy-name [ match-order { auto | config } ]

      A traffic policy is created and the traffic policy view is displayed, or the view of an existing traffic policy is displayed.

      If you do not specify the matching order of traffic classifiers when creating a traffic policy, the default matching order is config.

      After a traffic policy is applied, you cannot use the traffic policy command to modify the matching order of traffic classifiers in the traffic policy. To modify the matching order, delete the traffic policy, create a traffic policy, and then specify the matching order.

      When creating a traffic policy, you can specify the matching order of matching rules in the traffic policy. The matching order can be either the automatic order (auto) or configuration order (config):
      • If the automatic order is used, traffic classifiers are matched based on the priorities of their types. Traffic classifiers based on Layer 2 and IPv4 Layer 3 information, advanced ACL6 information, basic ACL6 information, Layer 2 information, IPv4 Layer 3 information, and user-defined ACL information are matched in descending order of priority. If data traffic matches multiple traffic classifiers and the bound traffic behaviors conflict with each other, the traffic behavior corresponding to the highest priority rule takes effect.
      • If the configuration order is used, traffic classifiers are matched based on their priorities. The traffic classifier with the highest priority is matched first. A smaller priority value indicates a higher priority of a traffic classifier. If precedence-value is not specified when a traffic classifier is created, the system allocates a priority to the traffic classifier. The allocated priority value is [(max-precedence + 5)/5] x 5, where max-precedence specifies the maximum priority of a traffic classifier. For details about the priority of a traffic classifier, refer to the traffic classifier command.

    3. Run classifier classifier-name behavior behavior-name

      A traffic behavior is bound to a traffic classifier in the traffic policy.

    4. Run quit

      Exit from the traffic policy view.

    5. Run quit

      Exit from the system view.

  4. Apply the traffic policy.
    • Applying a traffic policy to an interface

      1. Run system-view

        The system view is displayed.

      2. Run interface interface-type interface-number[.subinterface-number ]

        The interface view or sub-interface view is displayed.

        NOTE:

        • Only the E series, X series, and SC series cards on the S12700 support Ethernet sub-interface configuration. For details about the cards, see Cards in the Hardware Description.

        • Only hybrid and trunk interfaces on the preceding series of cards support Ethernet sub-interface configuration.

        • After you run the undo portswitch command to switch Layer 2 interfaces on the preceding series of cards into Layer 3 interfaces, you can configure Ethernet sub-interfaces on the interfaces.

        • The SA series cards do not support Ethernet sub-interface configuration and cannot forward IP traffic to Ethernet sub-interfaces on other cards.

        • You are advised to add a member interface to an Eth-Trunk and then configure an Eth-Trunk sub-interface. The Eth-Trunk sub-interface can be successfully configured only when the card on which the member interface locates supports Ethernet sub-interface configuration.

        • VLAN termination sub-interfaces cannot be created on a VCMP client.

      3. Run traffic-policy policy-name { inbound | outbound }

        A traffic policy is applied to the interface or sub-interface.

        A traffic policy can only be applied to one direction on an interface but can be applied to different directions on different interfaces. After a traffic policy is applied to an interface, the system performs traffic policing for all the incoming or outgoing packets that match traffic classification rules on the interface.

        NOTE:

        • Sub-interfaces support only inbound.

        • You are not advised to apply a traffic policy containing remark 8021p, remark cvlan-id, or remark vlan-id to the outbound direction of an untagged interface. This configuration may cause incorrect information in the packets.

        • On the ET1D2L02QSC0 card, when an interface among interfaces 1-20 and an interface among interfaces 21-40 are added to the same Eth-Trunk or VLAN, and outgoing traffic of the Eth-Trunk or VLAN is rate-limited by car, the outgoing traffic rate is 2 times the CAR value.

        • Applying traffic policies consumes ACL resources. If ACL resources are insufficient, some traffic policies will fail to be applied. For example, if an if-match rule in a traffic policy occupies one ACL, one ACL is occupied for each interface to which the traffic policy is applied. When a traffic policy is applied to L VLANs on a device with N LPUs, L*N ACLs are occupied. When a traffic policy is applied globally on a device with N LPUs, N ACLs are occupied. For details about ACLs occupied by if-match rules, see Table 3 in "Licensing Requirements and Limitations for MQC."

    • Applying a traffic policy to a VLAN

      1. Run system-view

        The system view is displayed.

      2. Run vlan vlan-id

        The VLAN view is displayed.

      3. Run traffic-policy policy-name { inbound | outbound }

        A traffic policy is applied to the VLAN.

        Only one traffic policy can be applied to the inbound or outbound direction of a VLAN.

        The system performs traffic policing for the packets that belong to the VLAN and match traffic classification rules in the inbound or outbound direction. However, the traffic policy does not take effect for packets in VLAN 0.

    • Applying a traffic policy to a VLANIF interface

      1. Run system-view

        The system view is displayed.

      2. Run interface vlanif vlan-id

        The VLANIF interface view is displayed.

      3. Run traffic-policy policy-name inbound

        A traffic policy is applied to the VLANIF interface.

        Only one traffic policy can be applied to the inbound direction on a VLANIF interface, but a traffic policy can be applied to the inbound direction on different VLANIF interfaces.

        A traffic policy cannot be applied to a VLANIF interface corresponding to the super-VLAN or MUX VLAN.

        On X series cards, a traffic policy applied to a VLANIF interface takes effect only for unicast packets on the VLANIF interface. For other cards, a traffic policy applied to a VLANIF interface takes effect only for unicast packets and Layer 3 multicast packets on the VLANIF interface.

        NOTE:
        A traffic policy cannot be applied to a VLANIF interface when the bound traffic behaviors define the following actions:
        • remark vlan-id
        • remark cvlan-id
        • add-tag vlan-id
        • remark 8021p
        • remark flow-id
        • mac-address learning disable
    • Applying a traffic policy to the system or an LPU

      1. Run system-view

        The system view is displayed.

      2. Run traffic-policy policy-name global { inbound | outbound } [ slot slot-id ]

        A traffic policy is applied to the system or an LPU.

        Only one traffic policy can be applied to one direction in the system or LPU. A traffic policy cannot be applied to the same direction in the system and LPU simultaneously.

Verifying the Configuration

  • Run the display traffic classifier user-defined [ classifier-name ] command to check the traffic classifier configuration.
  • Run the display traffic behavior user-defined [ behavior-name ] command to check the traffic behavior configuration.

  • Run the display traffic policy user-defined [ policy-name [ classifier classifier-name ] ] command to check the configuration of a specified user-defined traffic policy.

  • Run the display traffic-applied [ interface [ interface-type interface-number ] | vlan [ vlan-id ] ] { inbound | outbound } [ verbose ] command to check information about ACL-based simplified and MQC-based traffic policies applied to the system, a VLAN, or an interface.

    NOTE:

    The display traffic-applied command cannot be used to check information about ACL-based simplified and MQC-based traffic policies applied to a sub-interface. However, traffic policies can be applied to a sub-interface.

  • Run the display traffic policy { interface [ interface-type interface-number [.subinterface-number ] ] | vlan [ vlan-id ] | ssid-profile [ ssid-profile-name ] | global } [ inbound | outbound ] command to check the traffic policy configuration.

  • Run the display traffic-policy applied-record [ policy-name ] command to check the application records of a specified traffic policy.

Translation
简体中文
Download
Updated: 2019-04-08

Document ID: EDOC1100065653

Views: 18177

Downloads: 45

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next
Enterprise APP

Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.