No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
CloudEngine 12800 and 12800E V200R005C10 Configuration Guide - QoS

This document describes the configurations of QoS functions, including MQC, priority mapping, traffic policing, traffic shaping, interface-based rate limiting, congestion avoidance, congestion management, packet filtering, redirection, traffic statistics, and ACL-based simplified traffic policy.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring ACL6-based Packet Filtering

Configuring ACL6-based Packet Filtering

Pre-configuration Tasks

Before configuring ACL6-based filtering, complete the following tasks:

  • Configure link layer attributes of interfaces to ensure that the interfaces work properly.

  • Configure an ACL6.

Context

ACL6-based packet filtering enables the device to control network traffic by permitting or rejecting packets matching ACL6 rules.

If the traffic-filter (system view), traffic-filter (VLAN view), and traffic-filter (interface view) commands are configured simultaneously, the ACL6-based simplified traffic policies applied to the interface, VLAN, and system take effect in descending order of priority.

  • The CE12800E does not support the priority { low | high } parameter.
  • If an ACL-based/ACL6-based simplified traffic policy needs to be applied to multiple VLANs and interfaces or multiple rules for matching packets from different source IP addresses need to be bound to the same ACL-based/ACL6-based simplified traffic policy, you are advised to add these VLANs, source IP addresses, and interfaces to the same QoS group and apply the ACL-based/ACL6-based simplified traffic policy to the QoS group.

Procedure

  • Configure packet filtering in the system.

    When outbound ACL6-based packet filtering is configured in the system view on the CE12800, first run the traffic-policy ipv6-enhance-mode command in the system view.

    1. Run system-view

      The system view is displayed.

    2. Run traffic-filter ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } global [ slot slot-id ] { inbound [ priority { low | high } ] | outbound }

      ACL6-based packet filtering is configured in the system or a specified slot.

    3. Run commit

      The configuration is committed.

  • Configure packet filtering in a VLAN.
    1. Run system-view

      The system view is displayed.

    2. Run vlan vlan-id

      The VLAN view is displayed.

    3. Run traffic-filter ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { inbound [ priority { low | high } ] | outbound }

      ACL6-based packet filtering is configured in the VLAN.

    4. Run commit

      The configuration is committed.

  • Configure packet filtering on an interface.
    1. Run system-view

      The system view is displayed.

    2. Run interface interface-type interface-number

      The interface view is displayed.

    3. Run traffic-filter ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { inbound [ priority { low | high } ] | outbound }

      ACL6-based packet filtering is configured on the interface.

      The ACL6-based simplified traffic policy can be configured on only the physical interface and Eth-Trunk in the outbound direction of the CE12800.

    4. Run commit

      The configuration is committed.

  • Configure packet filtering in a QoS group.
    1. Run system-view

      The system view is displayed.

    2. Run qos group group-name

      The QoS group view is displayed.

    3. Run the following commands as required.

      • Run the group-member interface { interface-type interface-number1 [ to interface-type interface-number2 ] } &<1-8> command to add interfaces to the QoS group.

      • Run the group-member vlan { vlan-id1 [ to vlan-id2 ] } &<1-8> command to add VLANs to the QoS group.

      • (For the CE12800E) Run the group-member ip source ip-address { mask | mask-length } command to add source IP addresses to the QoS group.

    4. Run traffic-filter ipv6 acl { { basic-acl | acl-name } | { advanced-acl | acl-name } } { inbound [ priority { low | high } ] | outbound }

      ACL6-based packet filtering is configured in the QoS group.

      Outbound ACL6-based packet filtering can be configured for only a QoS group containing Ethernet or Eth-Trunk member interfaces.

    5. Run commit

      The configuration is committed.

Verifying the Configuration

Run the display traffic-policy applied-record traffic-filter [ global [ slot slot-id ] | interface interface-type interface-number | vlan vlan-id | qos group group-id ] [ inbound | outbound ] command to check the application record of a specified traffic policy.

Follow-up Procedure

For the CE12800, if a low-priority traffic policy takes effect before you apply a high-priority traffic policy, ACL6 rules may be slow to take effect. Consequently, service processing will be delayed. You can run the traffic-policy fast-mode command in the system view to enable fast delivery of ACL6s. This ensures that ACL6 rules take effect rapidly and services can be processed in real time.

Translation
简体中文
Download
Updated: 2021-08-12

Document ID: EDOC1100075349

Views: 91664

Downloads: 84

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :