Example for Configuring Hierarchical Traffic Policing (Applicable to S5720-EI, S5720-HI, S5730-HI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-HI, S6730-H, S6730S-H, S6730-S, and S6730S-S)
Networking Requirements
As shown in Figure 5-11, the Switch connects to the router through GE0/0/2, and the enterprise connects to a WAN through the Switch and router.
On the network, network-side interfaces are often congested because the WAN network bandwidth is less than enterprise's LAN bandwidth. Congestion may cause loss of service data. To prevent this problem, configure traffic policing on the inbound interface of upstream traffic. In this example, the total bandwidth on the interface needs to be limited to 12000 kbit/s, and the rates of voice, video, and data service flows need to be limited within proper ranges.
Voice, video, and data services are transmitted in VLAN 120, VLAN 110, and VLAN 100 respectively, and have QoS requirements in descending order of priority. The Switch needs to re-mark DSCP priorities in different service packets so that the router can guarantee QoS based on priorities of packets.
Table 5-10 describes QoS requirements of different services.
Configuration Roadmap
- Create VLANs and configure interfaces to enable the enterprise to connect to the network through the Switch.
- Configure a CAR profile to limit the total bandwidth of voice, data, and video services.
- Configure traffic classifiers on the Switch to classify voice, video, and data packets based on VLAN IDs.
- Configure traffic behaviors on the Switch to limit the rate of packets and re-mark DSCP priorities of packets.
- Configure a traffic policy on the Switch, bind traffic behaviors and traffic classifiers to the traffic policy, and apply the traffic policy to the interface on the Switch connected to the SwitchA.
Procedure
- Configure VLANs and interfaces.
# Create VLAN 100, VLAN 110, and VLAN 120 on the Switch.
<HUAWEI> system-view [HUAWEI] sysname Switch [Switch] vlan batch 100 110 120
# Configure GE 0/0/1 and GE 0/0/2 as trunk interfaces, and add GE0/0/1 and GE 0/0/2 to VLAN 100, VLAN 110, and VLAN 120.
[Switch] interface gigabitethernet 0/0/1 [Switch-GigabitEthernet0/0/1] port link-type trunk [Switch-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 110 120 [Switch-GigabitEthernet0/0/1] quit [Switch] interface gigabitethernet 0/0/2 [Switch-GigabitEthernet0/0/2] port link-type trunk [Switch-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 110 120 [Switch-GigabitEthernet0/0/2] quit
- Configure a CAR profile.
[Switch] qos car car1 cir 12000 - Create traffic classifiers.
# Configure traffic classifiers c1, c2, and c3 on the Switch to match different service flows based on VLAN IDs.
[Switch] traffic classifier c1 operator and [Switch-classifier-c1] if-match vlan-id 120 [Switch-classifier-c1] quit [Switch] traffic classifier c2 operator and [Switch-classifier-c2] if-match vlan-id 110 [Switch-classifier-c2] quit [Switch] traffic classifier c3 operator and [Switch-classifier-c3] if-match vlan-id 100 [Switch-classifier-c3] quit
- Create traffic behaviors.
# Create traffic behaviors b1, b2, and b3 on the Switch to limit rates of different service flows and re-mark DSCP priorities.
[Switch] traffic behavior b1 [Switch-behavior-b1] car cir 2000 pir 10000 green pass [Switch-behavior-b1] car car1 share [Switch-behavior-b1] remark dscp 46 [Switch-behavior-b1] statistic enable [Switch-behavior-b1] quit [Switch] traffic behavior b2 [Switch-behavior-b2] car cir 4000 pir 10000 green pass [Switch-behavior-b2] car car1 share [Switch-behavior-b2] remark dscp 30 [Switch-behavior-b2] statistic enable [Switch-behavior-b2] quit [Switch] traffic behavior b3 [Switch-behavior-b3] car cir 4000 pir 10000 green pass [Switch-behavior-b3] car car1 share [Switch-behavior-b3] remark dscp 14 [Switch-behavior-b3] statistic enable [Switch-behavior-b3] quit
- Create a traffic policy and apply it to the interface connected to the SwitchA.
# Create a traffic policy p1 on the Switch, associate traffic classifiers with traffic behaviors in the traffic policy, and apply the traffic policy to the inbound direction on GE 0/0/1 to limit the received packets and re-mark priorities of the packets.
[Switch] traffic policy p1 [Switch-trafficpolicy-p1] classifier c1 behavior b1 [Switch-trafficpolicy-p1] classifier c2 behavior b2 [Switch-trafficpolicy-p1] classifier c3 behavior b3 [Switch-trafficpolicy-p1] quit [Switch] interface gigabitethernet 0/0/1 [Switch-GigabitEthernet0/0/1] traffic-policy p1 inbound [Switch-GigabitEthernet0/0/1] quit
- Verify the configuration.
# View the traffic classifier configuration.
[Switch] display traffic classifier user-defined User Defined Classifier Information: Classifier: c2 Operator: AND Rule(s) : if-match vlan-id 110 Classifier: c3 Operator: AND Rule(s) : if-match vlan-id 100 Classifier: c1 Operator: AND Rule(s) : if-match vlan-id 120 Total classifier number is 3# View the configuration of the traffic policy p1.
[Switch] display traffic policy user-defined p1 User Defined Traffic Policy Information: Policy: p1 Classifier: c1 Operator: AND Behavior: b1 Committed Access Rate: CIR 2000 (Kbps), CBS 250000 (Byte) PIR 10000 (Kbps), PBS 1250000 (Byte) Green Action : pass Yellow Action : pass Red Action : discard Share car: Car car1 share Remark: Remark DSCP ef Statistic: enable Classifier: c2 Operator: AND Behavior: b2 Committed Access Rate: CIR 4000 (Kbps), CBS 500000 (Byte) PIR 10000 (Kbps), PBS 1250000 (Byte) Green Action : pass Yellow Action : pass Red Action : discard Share car: Car car1 share Remark: Remark DSCP af33 Statistic: enable Classifier: c3 Operator: AND Behavior: b3 Committed Access Rate: CIR 4000 (Kbps), CBS 500000 (Byte) PIR 10000 (Kbps), PBS 1250000 (Byte) Green Action : pass Yellow Action : pass Red Action : discard Share car: Car car1 share Remark: Remark DSCP af13 Statistic: enable# View the configuration of the traffic policy applied to GE0/0/1.
[Switch] display traffic policy statistics interface gigabitethernet 0/0/1 inbound Interface: GigabitEthernet0/0/1 Traffic policy inbound: p1 Rule number: 3 Current status: success Statistics interval: 300 --------------------------------------------------------------------- Board : 0 --------------------------------------------------------------------- Matched | Packets: 0 | Bytes: 0 | Rate(pps): 0 | Rate(bps): 0 --------------------------------------------------------------------- Passed | Packets: 0 | Bytes: 0 | Rate(pps): 0 | Rate(bps): 0 --------------------------------------------------------------------- Dropped | Packets: 0 | Bytes: 0 | Rate(pps): 0 | Rate(bps): 0 --------------------------------------------------------------------- Filter | Packets: 0 | Bytes: 0 --------------------------------------------------------------------- Car | Packets: 0 | Bytes: 0 ---------------------------------------------------------------------
Configuration Files
Switch configuration file
# sysname Switch # vlan batch 100 110 120 # qos car car1 cir 12000 cbs 2256000 # traffic classifier c1 operator and if-match vlan-id 120 traffic classifier c2 operator and if-match vlan-id 110 traffic classifier c3 operator and if-match vlan-id 100 # traffic behavior b1 car cir 2000 pir 10000 cbs 250000 pbs 1250000 green pass yellow pass red discard car car1 share remark dscp ef statistic enable traffic behavior b2 car cir 4000 pir 10000 cbs 500000 pbs 1250000 green pass yellow pass red discard car car1 share remark dscp af33 statistic enable traffic behavior b3 car cir 4000 pir 10000 cbs 500000 pbs 1250000 green pass yellow pass red discard car car1 share remark dscp af13 statistic enable # traffic policy p1 match-order config classifier c1 behavior b1 classifier c2 behavior b2 classifier c3 behavior b3 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 100 110 120 traffic-policy p1 inbound # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 100 110 120 # return