S2720, S5700, S6700 V200R019C10 配置指南-QoS
本文档介绍了如何配置QoS功能,主要包括MQC配置、优先级映射配置、流量监管配置、流量整形配置、接口限速配置、拥塞避免配置、拥塞管理配置、报文过滤配置、重定向配置、流量统计配置、基于ACL的简化流策略配置、HQoS配置和SAC配置。
配置针对不同网段用户限速示例
配置思路
采用如下的思路配置针对不同网段用户限速:
- 创建VLAN,并配置各接口,使用户能够通过Switch访问网络。
- 在Switch上配置ACL分别匹配不同的网段。
- 在Switch上配置流分类匹配ACL规则。
- 在Switch上配置流行为,对来自不同楼层的用户报文进行限速。
- 在Switch上配置限速策略,绑定已配置的流行为和流分类,并应用到Switch与路由器连接的接口上。
操作步骤
- 创建VLAN并配置各接口
# 在Switch上创建VLAN 100、200。
<HUAWEI> system-view [HUAWEI] sysname Switch [Switch] vlan batch 100 200
# 将接口GE0/0/1、GE0/0/2的接入类型分别配置为Trunk,并分别将接口GE0/0/1和GE0/0/2加入VLAN 100、VLAN 200。将接口GE0/0/3的接入类型配置为Trunk,并加入VLAN100和VLAN200。
[Switch] interface gigabitethernet 0/0/1 [Switch-GigabitEthernet0/0/1] port link-type trunk [Switch-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 [Switch-GigabitEthernet0/0/1] quit [Switch] interface gigabitethernet 0/0/2 [Switch-GigabitEthernet0/0/2] port link-type trunk [Switch-GigabitEthernet0/0/2] port trunk allow-pass vlan 200 [Switch-GigabitEthernet0/0/2] quit [Switch] interface gigabitethernet 0/0/3 [Switch-GigabitEthernet0/0/3] port link-type trunk [Switch-GigabitEthernet0/0/3] port trunk allow-pass vlan 100 200 [Switch-GigabitEthernet0/0/3] quit
- 配置ACL
# 配置ACL规则匹配不同的网段。
[Switch] acl 2000 [Switch-acl-basic-2000] rule permit source 192.168.1.0 0.0.0.255 [Switch-acl-basic-2000] quit [Switch] acl 2001 [Switch-acl-basic-2001] rule permit source 192.168.2.0 0.0.0.255 [Switch-acl-basic-2001] quit
- 配置流分类
# 在Switch上创建流分类c1、c2,对来自不同楼层的用户进行分类。
[Switch] traffic classifier c1 operator and [Switch-classifier-c1] if-match acl 2000 [Switch-classifier-c1] quit [Switch] traffic classifier c2 operator and [Switch-classifier-c2] if-match acl 2001 [Switch-classifier-c2] quit
- 配置流量监管行为
# 在Switch上创建流行为b1、b2,对不同业务流进行流量监管。
[Switch] traffic behavior b1 [Switch-behavior-b1] car cir 4000 pir 10000 green pass [Switch-behavior-b1] quit [Switch] traffic behavior b2 [Switch-behavior-b2] car cir 6000 pir 10000 green pass [Switch-behavior-b2] quit
- 配置流量监管策略并应用到接口上
# 在Switch上创建流策略p1,将流分类和对应的流行为进行绑定,并将流策略应用到接口GE0/0/3出方向上,对报文进行流量监管。
[Switch] traffic policy p1 [Switch-trafficpolicy-p1] classifier c1 behavior b1 [Switch-trafficpolicy-p1] classifier c2 behavior b2 [Switch-trafficpolicy-p1] quit [Switch] interface gigabitethernet 0/0/3 [Switch-GigabitEthernet0/0/3] traffic-policy p1 outbound [Switch-GigabitEthernet0/0/3] quit
- 验证配置结果
# 查看流分类的配置信息。
[Switch] display traffic classifier user-defined User Defined Classifier Information: Classifier: c2 Operator: AND Rule(s) : if-match acl 2001 Classifier: c1 Operator: AND Rule(s) : if-match acl 2000 Total classifier number is 2# 查看流策略的配置信息。
[Switch] display traffic policy user-defined p1 User Defined Traffic Policy Information: Policy: p1 Classifier: c1 Operator: AND Behavior: b1 Committed Access Rate: CIR 4000 (Kbps), CBS 500000 (Byte) PIR 10000 (Kbps), PBS 1250000 (Byte) Green Action : pass Yellow Action : pass Red Action : discard Classifier: c2 Operator: AND Behavior: b2 Committed Access Rate: CIR 6000 (Kbps), CBS 750000 (Byte) PIR 10000 (Kbps), PBS 1250000 (Byte) Green Action : pass Yellow Action : pass Red Action : discard
配置文件
Switch的配置文件
# sysname Switch # vlan batch 100 200 # acl number 2000 rule 5 permit source 192.168.1.0 0.0.0.255 acl number 2001 rule 5 permit source 192.168.2.0 0.0.0.255 # traffic classifier c1 operator and if-match acl 2000 traffic classifier c2 operator and if-match acl 2001 # traffic behavior b1 car cir 4000 pir 10000 cbs 500000 pbs 1250000 green pass yellow pass red discard traffic behavior b2 car cir 6000 pir 10000 cbs 750000 pbs 1250000 green pass yellow pass red discard # traffic policy p1 match-order config classifier c1 behavior b1 classifier c2 behavior b2 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 100 # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 200 # interface GigabitEthernet0/0/3 port link-type trunk port trunk allow-pass vlan 100 200 traffic-policy p1 outbound # return