No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

QoS Policing on S12700 Series Switches

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
QoS Policing on S12700 Series Switches

QoS Policing on S12700 Series Switches

Introduction

This document explains traffic policing, traffic shaping, and interface-based rate limiting, and describes related parameters and their configurations on S12700 series switches.

Prerequisites

  • This document uses Huawei S12700 series switches as an example to introduce the basic principles of traffic policing, traffic shaping, and interface-based rate limiting. There may be differences in the implementation of different switch models and versions. For details, see the product documentation of the matching series and version.

  • Please refer to the product documentation of a specific version.

    Table 1-1 Acronyms and abbreviations

    Acronym or Abbreviation

    Full Name

    QoS

    Quality of Service

    MQC

    Modular QoS Command-Line Interface

    CIR

    Committed Information Rate

    PIR

    Peak Information Rate

    CBS

    Committed Burst Size

    PBS

    Peak Burst Size

Concepts

Traffic policing, traffic shaping, and interface-based rate limiting are mechanisms for monitoring and controlling traffic rates and resource usage.

While both traffic policing and traffic shaping can implement rate limiting, they have some differences:

  • Traffic policing: Traffic policing directly discards the excess traffic. It is often used in the inbound direction, just like a highway. The highway will not become the road at tortoise speed when the number of vehicles is limited at the ingress.
  • Traffic shaping: Traffic shaping limits the rate of outgoing packets of one or more queues and caches the packets. When the queue is idle, packets are sent out. Packets are discarded only when the buffer is full. In this way, traffic is sent out evenly. Traffic shaping solves the problem of congestion on the downstream device; therefore, traffic shaping is often applied to the outbound direction.

Interface-based rate limiting controls the total rate of all packets sent or received on an interface. When the packet type does not need to be further classified but the total rate of packets traversing an interface needs to be controlled, interface-based rate limiting is a feasible configuration. Inbound interface-based rate limiting is equivalent to traffic policing without differentiating packet types. Outbound interface-based rate limiting is equivalent to traffic shaping for all queues.

Rate Limiting Parameters

The switch uses the token bucket to determine whether traffic exceeds the rate limit. A token bucket is a container that stores a certain number of tokens. The system places tokens into a token bucket at the configured rate. If the token bucket is full, excess tokens overflow and no token is added. The system determines whether there are enough tokens in the bucket for packet forwarding. If so, the traffic rate conforms to the rate limit. Otherwise, the traffic rate exceeds or violates the rate limit.

There are three mechanisms: single-rate-single-bucket, single-rate-two-bucket, and two-rate-two-bucket.

Single-rate-single-bucket: Tokens are put into bucket C at the CIR. When packets are received, tokens are taken out of bucket C. If there are sufficient tokens, packets are forwarded. If tokens are insufficient, packets are directly discarded. This mechanism is often applied to low-priority services such as extranet HTTP traffic. Excess traffic is directly discarded.

Single-rate-two-bucket: Tokens are put into buckets C and E at the CIR. Tokens are first put into bucket C. When bucket C is full, tokens are put into bucket E. When packets are received, tokens in bucket C are used. If tokens in bucket C are insufficient, tokens in bucket C are returned. Then tokens in bucket E are used. If the packet length is larger than the number of tokens in bucket C but is less than or equal to the number of tokens in bucket E, the packets are marked in yellow and forwarded in BE mode or when the network is idle. Compared with single-rate-single-bucket, single-rate-two-bucket allows burst traffic. Single-rate-two-bucket is mainly used for important and non-urgent services, for example, enterprise email data. This mechanism prevents email sending failures.

Two-rate-two-bucket: Tokens are put into bucket C at the CIR and are put into bucket P at the PIR. When packets are received, tokens in the two buckets are taken. If tokens in bucket C are sufficient, packets are marked in green and directly forwarded. If tokens in bucket P are insufficient, packets are marked in red and directly discarded. If the packet length is larger than the number of tokens in bucket C but is smaller than the number of tokens in bucket P, the packets are marked in yellow. The difference between two-rate-two-bucket and single-rate-two-bucket is that the rates of placing tokens in buckets C and P are different. Generally, the PIR is larger than the CIR. That is, tokens are placed in bucket P faster, so bucket P can support burst traffic for a long time.

When burst traffic is not considered, single-rate-single-bucket is used. When burst traffic is considered, single-rate-two-bucket is used. When burst traffic for a long time is considered, two-rate-two-bucket is used. For the token bucket algorithm, a larger CIR indicates a larger rate at which tokens are generated so that more tokens can be obtained and much heavy traffic enters the network. Therefore, the CIR is the key for controlling incoming network traffic. The CBS is also important. A larger CBS indicates that more tokens can be accumulated in bucket C and the size of packets that are allowed to pass is larger.

Switches perform per-packet forwarding, so the CBS cannot be smaller than the maximum length of packets that are allowed to pass.

Assume that the traffic rate limit is 10 Mbit/s and a small CBS (for example, 1000 bytes) is used in single-rate-single-bucket mode. If the length of each packet within a certain period of time is larger than 1000 bytes, all the packets are discarded. During this period of time, no packet is forwarded and the forwarding rate is 0. Consequently, network resources are wasted and service exceptions occur.

Should the CBS be large as much as possible? No. If the CBS is large as much as possible, rate limiting becomes invalid. For example, the traffic rate limit is 10 Mbit/s and the CBS is 7200 Mbytes. At a certain time, the token bucket is full. If the packet length in the subsequent one hour is different and the total packet length is 7200 Mbytes, these packets can obtain tokens and be forwarded. The packet rate is 16 Mbit/s (7200 Mbytes x 8/3600) but not 10 Mbit/s. Therefore, rate limiting is ineffective.

Similarly, the PIR and PBS should be configured properly for the two-rate-two-bucket mode.

Configuring MQC-based Traffic Policing

To configure MQC-based traffic policing, perform the following steps:

  1. Configure a traffic classifier. Define matching rules in the traffic classifier to classify traffic.
  2. Configure a traffic behavior. Configure CAR in the traffic behavior view.
  3. Configure a traffic policy. Bind the traffic classifier to the traffic behavior.
  4. Apply the traffic policy. Apply the traffic policy to an interface, a VLAN, or the system.

In the following example, traffic entering GE1/0/1 is rate-limited. Configure traffic policing in traffic behavior b1 as follows: Set the CIR to 200000 kbit/s and the PIR to 2500000 kbit/s, permit green packets to be sent, permit yellow packets to pass through, and discard red packets.

<HUAWEI> system-view 
[HUAWEI] traffic classifier c1 operator and   //Create traffic classifier c1 and enter the traffic classifier view.
[HUAWEI-classifier-c1] if-match any           //Implement traffic policing for all packets.
[HUAWEI-classifier-c1] quit
[HUAWEI] traffic behavior b1                 //Create traffic behavior b1 and enter the traffic behavior view.
[HUAWEI-behavior-b1] car cir 200000 pir 2500000 green pass yellow pass red discard  //Configure traffic policing in the traffic behavior.
[HUAWEI-behavior-b1] statistic enable     //Enable the traffic statistics collection function so that you can subsequently check traffic statistics.
[HUAWEI-behavior-b1] quit 
[HUAWEI] traffic policy p1                   //Create traffic policy p1 and enter the traffic policy view.
[HUAWEI-trafficpolicy-p1] classifier c1 behavior b1  //Bind traffic classifier c1 to traffic behavior b1.
[HUAWEI-trafficpolicy-p1] quit 
[HUAWEI] interface gigabitethernet 1/0/1       
[HUAWEI-GigabitEthernet1/0/1] traffic-policy p1 inbound  //Apply traffic policy p1 to the inbound direction of GE1/0/1 to rate-limit traffic entering the interface.

After MQC-based traffic policing is configured, run the display traffic policy statistics command to check traffic statistics.

[HUAWEI] display traffic policy statistics all

 Interface: GigabitEthernet1/0/1                                                                                                    
 Traffic policy inbound: p1                                                                                                         
 Rule number: 1                                                                                                                     
 Current status: success                                                                                                            
 Statistics interval: 300                                                                                                           
---------------------------------------------------------------------                                                               
 Board : 0                                                                                                                          
---------------------------------------------------------------------                                                               
 Matched          |      Packets:                             0                                                                     
                  |      Bytes:                               -                                                                     
                  |      Rate(pps):                           0                                                                     
                  |      Rate(bps):                           -                                                                     
---------------------------------------------------------------------                                                               
   Passed         |      Packets:                             0                                                                     
                  |      Bytes:                               -                                                                     
                  |      Rate(pps):                           0                                                                     
                  |      Rate(bps):                           -                                                                     
---------------------------------------------------------------------                                                               
   Dropped        |      Packets:                             0                                                                     
                  |      Bytes:                               -                                                                     
                  |      Rate(pps):                           0                                                                     
                  |      Rate(bps):                           -                                                                     
---------------------------------------------------------------------                                                               
     Filter       |      Packets:                             0                                                                     
                  |      Bytes:                               -                                                                     
---------------------------------------------------------------------                                                               
     Car          |      Packets:                             0                                                                     
                  |      Bytes:                               -                                                                     
---------------------------------------------------------------------

Configuring Traffic Shaping for a Queue

Before configuring traffic shaping for queues on an interface, configure priority mapping to map packet priorities to per hop behaviors (PHBs) so that packets of different services enter different queues.

In the following example, the Switch connects to a router through GE2/0/1, and voice, video, and data services with 802.1p priorities being 6, 5, and 2, respectively, are transmitted from the network side. The rate of traffic from the LAN is higher than the interface rate on the router; therefore, jitter may occur on GE2/0/1. The following requirements must be met to prevent jitter and ensure bandwidth of services:

  • The CIR and PIR for the voice service are 3000 kbit/s and 5000 kbit/s, respectively.

  • The CIR and PIR for the video service are 5000 kbit/s and 8000 kbit/s, respectively.

  • The CIR and PIR for the data service are 2000 kbit/s and 3000 kbit/s, respectively.

Figure 1-1 Networking of traffic shaping
  1. Configure priority mapping.

    # Create DiffServ domain ds1 and map 802.1p priorities 6, 5, and 2 to PHBs CS7, EF, and AF2, respectively.

    [HUAWEI] diffserv domain ds1                     //Create DiffServ domain ds1.
    [HUAWEI-dsdomain-ds1] 8021p-inbound 6 phb cs7    //Map 802.1p priority 6 to PHB CS7.
    [HUAWEI-dsdomain-ds1] 8021p-inbound 5 phb ef     //Map 802.1p priority 5 to PHB EF.
    [HUAWEI-dsdomain-ds1] 8021p-inbound 2 phb af2    //Map 802.1p priority 2 to PHB AF2.
    [HUAWEI-dsdomain-ds1] quit 
    [HUAWEI] interface gigabitethernet 1/0/1  
    [HUAWEI-GigabitEthernet1/0/1] trust upstream ds1 //Apply the DiffServ domain to the inbound interface.
    [HUAWEI-GigabitEthernet1/0/1] quit
  2. Configure queue-based traffic shaping.

    # Configure traffic shaping for queues on the Switch to limit the CIR and PIR of the voice service to 3000 kbit/s and 5000 kbit/s, the CIR and PIR of the video service to 5000 kbit/s and 8000 kbit/s, and the CIR and PIR of the data service to 2000 kbit/s and 3000 kbit/s.

    [HUAWEI] interface gigabitethernet 2/0/1       //Configure traffic shaping on the outbound interface.
    [HUAWEI-GigabitEthernet2/0/1] qos queue 7 shaping cir 3000 pir 5000  //PHB CS7 corresponds to queue 7.
    [HUAWEI-GigabitEthernet2/0/1] qos queue 5 shaping cir 5000 pir 8000  //PHB EF corresponds to queue 5.
    [HUAWEI-GigabitEthernet2/0/1] qos queue 2 shaping cir 2000 pir 3000  //PHB AF2 corresponds to queue 2.
    [HUAWEI-GigabitEthernet2/0/1] quit 

    After queue-based traffic shaping is configured, run the display qos queue statistics command to check traffic statistics. Queue 2 on GE2/0/1 is used as an example.

    [HUAWEI] display qos queue statistics interface gigabitethernet 2/0/1 queue 2
    ------------------------------------------------------------     
      Queue ID          : 2                                   
      CIR(kbps)         : 2,000                                
      PIR(kbps)         : 3,000                                           
      Used Length(byte) : 0                                        
      Passed Packets    : 0                                       
      Passed Rate(pps)  : 0                                     
      Passed Bytes      : 0                                      
      Passed Rate(bps)  : 0                                     
      Dropped Packets   : 0                                      
      Dropped Rate(pps) : 0                                      
      Dropped Bytes     : 0         
      Dropped Rate(bps) : 0  
    ------------------------------------------------------------

Configuring Rate Limiting on an Interface

To configure inbound interface-based rate limiting, perform the following steps:

  1. Run the qos car car-name cir cir-value [ cbs cbs-value [ pbs pbs-value ] | pir pir-value [ cbs cbs-value pbs pbs-value ] ] command to configure a CAR profile and set parameters in the QoS CAR profile.
  2. Run the interface interface-type interface-number command to enter the interface view.
  3. Run the qos car inbound car-name command to apply the CAR profile to the interface.
  4. (Optional) Check statistics about incoming packets on the interface.
    • display qos car statistics interface interface-type interface-number inbound: Display statistics about forwarded and discarded packets in the inbound direction of an interface where a QoS CAR profile is applied.
    • display qos car statistics all [ nonzero ]: Display statistics about incoming packets forwarded and discarded by each interface where a QoS CAR profile is applied.

To configure outbound interface-based rate limiting, perform the following steps:

  1. Run the interface interface-type interface-number command to enter the interface view.
  2. Run the qos lr cir cir-value [ cbs cbs-value ] [ outbound ] command to configure outbound interface-based rate limiting.
Translation
Download
Updated: 2019-07-23

Document ID: EDOC1100090437

Views: 312

Downloads: 5

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next