background image

A traffic policy is created and the traffic policy view is displayed.

After a traffic policy is applied, you cannot use the 

traffic policy

 command to modify the

matching order of traffic classifiers in the traffic policy. To modify the matching order, unbind
the traffic policy from the system, an interface, or a VLAN where it is applied, and re-create a
traffic policy and specify the matching order.

Step 3

Run:

classifier

 

classifier-name

 

behavior

 

behavior-name

A traffic classifier is bound to a traffic behavior in the traffic policy.

----End

2.3.5 Applying the Traffic Policy

The configured traffic policy takes effect only after being applied to the system or a slot, an
interface, or a VLAN.

Procedure

l

Applying a traffic policy to the system or a slot
1.

Run:

system-view

The system view is displayed.

2.

Run:

traffic-policy

 

policy-name

 

global

 { 

inbound

 | 

outbound

 } [ 

slot

 

slot-id

 ]

A traffic policy is applied to the system or a slot in the inbound or outbound direction.

Only one traffic policy can be applied to the system in the inbound or outbound
direction.

Only one traffic policy can be applied to a slot in the inbound or outbound direction.
A traffic policy cannot be applied to the system and a slot simultaneously. The system
performs traffic policing as follows:

If a stack system is established, a traffic policy that is applied to the system takes
effect on all the interfaces and VLANs of all the member switches in the stack.
The system then performs traffic policing for all the incoming and outgoing packets
that match traffic classification rules on all the member switches. A traffic policy
that is applied to a specified slot takes effect on all the interfaces and VLANs of
the member switch with the specified stack ID. The system then performs traffic
policing for all the incoming and outgoing packets that match traffic classification
rules on this member switch.

If a stack system is not established, a traffic policy that is applied to the system
takes effect on all the interfaces and VLANs of the local switch. The system then
performs traffic policing for all the incoming and outgoing packets that match
traffic classification rules on the local switch. Traffic policies applied to the slot
and system have the same functions.

l

Applying a traffic policy to an interface
1.

Run:

system-view

S3700HI Ethernet Switches
Configuration Guide - QoS

2 Traffic Policing and Traffic Shaping Configuration

Issue 01 (2012-03-15)

Huawei Proprietary and Confidential

Copyright © Huawei Technologies Co., Ltd.

61

Summary of Contents for S3700HI

Page 1: ...S3700HI Ethernet Switches V200R001C00 Configuration Guide QoS Issue 01 Date 2012 03 15 HUAWEI TECHNOLOGIES CO LTD ...

Page 2: ...be within the purchase scope or the usage scope Unless otherwise specified in the contract all statements information and recommendations in this document are provided AS IS without warranties guarantees or representations of any kind either express or implied The information in this document is subject to change without notice Every effort has been made in the preparation of this document to ensu...

Page 3: ...icates a hazard with a high level of risk which if not avoided will result in death or serious injury WARNING Indicates a hazard with a medium or low level of risk which if not avoided could result in minor or moderate injury CAUTION Indicates a potentially hazardous situation which if not avoided could result in equipment damage data loss performance degradation or unexpected results TIP Indicate...

Page 4: ... are grouped in braces and separated by vertical bars A minimum of one item or a maximum of all items can be selected x y Optional items are grouped in brackets and separated by vertical bars Several items or no item can be selected 1 n The parameter before the sign can be repeated 1 to n times A line starting with the sign is comments Change History Updates between document issues are cumulative ...

Page 5: ...1 4 6 Checking the Configuration 26 1 5 Configuring a Traffic Policy by Using Simplified QoS Commands 27 1 5 1 Establishing the Configuration Task 27 1 5 2 Configuring Traffic Policing for the Traffic That Matches an ACL Rule 28 1 5 3 Filtering the Traffic That Matches an ACL Rule 31 1 5 4 Re marking the Traffic That Matches an ACL Rule 32 1 5 5 Collecting Statistics on the Traffic That Matches an...

Page 6: ...Length of the Interface Queue 65 2 4 4 Configuring Traffic Shaping in an Interface Queue 65 2 4 5 Checking the Configuration 66 2 5 Maintaining Traffic Policing and Traffic Shaping 66 2 5 1 Displaying the Traffic Statistics 67 2 5 2 Checking the Usage of the Queue 67 2 5 3 Clearing the Traffic Statistics 67 2 6 Configuration Examples 68 2 6 1 Example for Configuring Traffic Policing Based on an In...

Page 7: ...g the Scheduling Mode for an Interface Queue 94 3 3 5 Checking the Configuration 95 3 4 Maintaining Congestion Avoidance and Congestion Management 95 3 4 1 Displaying the Queue based Statistics 95 3 4 2 Clearing the Queue based Statistics 96 3 5 Configuration Examples 96 3 5 1 Example for Configuring Congestion Avoidance and Congestion Management on the S3700HI 96 S3700HI Ethernet Switches Configu...

Page 8: ...ntiated services 1 4 Creating a Traffic Policy Based on Complex Traffic Classification After the traffic policy based on complex traffic classification is configured the S3700 classifies packets according to the priority of packets and quintuple information Then the S3700 takes different traffic actions for packets matching classification conditions such as permit deny re marking and redirection 1...

Page 9: ... downstream device provides QoS services based on packet priorities Simple traffic classification is based on the following l DSCP priority of IP packets l 802 1p priority of packets in a VLAN Complex Traffic Classification Complex traffic classification is performed based on Layer 2 or Layer 3 information in packets or by using access control lists ACLs You can bind a traffic classifier to a traf...

Page 10: ...ping congestion avoidance and queue scheduling In addition the S3700 can re mark priorities of outgoing packets so that the downstream device can provide differentiated QoS based on packet priorities Table 1 1 shows the mappings between internal priorities and queues Table 1 1 Mappings between internal priorities and queues Internal Priority Queue Index BE 0 AF1 1 AF2 2 AF3 3 AF4 4 EF 5 CS6 6 CS7 ...

Page 11: ...nly incoming packets l Traffic policing This traffic control action limits the volume of traffic and the resources used by the traffic to monitor the traffic rate By using traffic policing the S3700 can discard and re mark the colors and CoS of packets whose rate exceeds the rate limit Here traffic policing based on traffic classification is implemented For details about traffic policing see 2 Tra...

Page 12: ... After the DiffServ domain is bound to an inbound interface the QoS mechanism performs congestion management and congestion avoidance according to packet PHBs and colors on an inbound interface When packets are sent to a downstream device you can classify them based on packet PHBs and colors In a DiffServ domain define the mapping from packet PHBs and colors to priorities to classify packets After...

Page 13: ...ities and marks internal priorities for the packets based on DSCP priorities of packets To set the same trust priority on multiple interfaces perform the configuration on the port group NOTE Internal priorities are represented by CoS and colors defined in the DiffServ model Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The interf...

Page 14: ...ault the 802 1p priority of an interface is 0 End 1 3 4 Creating a DiffServ Domain and Configuring Priority Mapping When the S3700 functions as a border node between a DiffServ domain and other networks configure mappings between internal priorities PHBs and colors and external priorities such as 802 1p priorities DSCP priorities and EXP priorities Context A DiffServ domain is composed of a group ...

Page 15: ...e phb service class color l To map PHBs and colors to DSCP priorities of IP packets run the following command on the outbound interface ip dscp outbound service class color map dscp value For details about the mapping see the following commands l 8021p inbound defines the mapping from the default 802 1p priorities to PHBs and colors l 8021p outbound defines the mapping from PHBs and colors to 802 ...

Page 16: ... The interface is bound to a DiffServ domain If the trust upstream none command is run on an interface the S3700 does not perform priority mapping for incoming and outgoing packets on the interface To delete the DiffServ domain that is bound to an interface you must first run the undo trust upstream command to delete the bound DiffServ domain Then run the trust upstream command to reconfigure the ...

Page 17: ...he applicable environment complete the pre configuration tasks and obtain the required data This helps you complete the configuration task quickly and accurately Applicable Environment At the ingress of a network the S3700 functions as a border node To limit the incoming traffic on a network the S3700 can provide differentiated services for various services according to the DSCP field protocol typ...

Page 18: ...ssifier classifier name operator and or A traffic classifier based on Layer 2 information is created and the traffic classifier view is displayed The and parameter indicates that the relationship between rules in a traffic classifier is AND That is the packets match a traffic classifier only when the packets match all non ACL rules and an ACL rule in the traffic classifier The or parameter indicat...

Page 19: ...p ip mpls rarp protocol value l To define matching rules based on all the packets run if match any End Creating a Traffic Classifier Based on Layer 3 Information After traffic classification based on Layer 3 information is configured the S3700 classifies packets according to Layer 3 information in packets Procedure Step 1 Run system view The system view is displayed Step 2 Run traffic classifier c...

Page 20: ...ic ACLs Layer 2 ACLs user defined ACLs and advanced ACLs l Basic ACLs are used to classify data packets based on the source IP address fragmentation flag and time segment of packets l Advanced ACLs are used to classify and define data packets based on the source IP address destination IP address source port number destination port number fragmentation flag time segment and protocol type of packets...

Page 21: ...parameter indicates that the relationship between rules in a traffic classifier is AND That is packets match a traffic classifier only when the packets match all non ACL rules and an ACL rule in the traffic classifier The or parameter indicates that the relationship between rules in a traffic classifier is OR That is packets match a traffic classifier when the packets match a rule in the traffic c...

Page 22: ...stination destination address destination wildcard any destination port eq gt lt range port dscp dscp fragment logging precedence precedence source source address source wildcard any source port eq gt lt range port time range time name tos tos ttl expired When the parameter protocol is specified as another protocol rather than TCP UDP or ICMP the command format is as follows rule rule id deny perm...

Page 23: ...ngth destination ipv6 address postfix postfix length any dscp dscp fragment logging precedence precedence source source ipv6 address prefix length source ipv6 address prefix length source ipv6 address postfix postfix length any time range time name tos tos 5 Run quit Return to the system view 6 Run traffic classifier classifier name operator and or A traffic classifier is created and the traffic c...

Page 24: ...ship between rules in a traffic classifier is AND That is packets match a traffic classifier only when the packets match all non ACL rules and an ACL rule in the traffic classifier The or parameter indicates that the relationship between rules in a traffic classifier is OR That is packets match a traffic classifier when the packets match a rule in the traffic classifier By default the relationship...

Page 25: ...only the if match acl user defined acl number command in a traffic classifier where the relationship between rules is OR or configure other matching rules When the if match acl user defined acl number command is used and other matching rules are configured the if match acl user defined acl number command can only be used with the if match vlan id or if match l2 protocol command Otherwise the traff...

Page 26: ...ckets and DSCP value of IP packets Procedure Step 1 Run system view The system view is displayed Step 2 Run traffic behavior behavior name A traffic behavior is created and the traffic behavior view is displayed Step 3 Run the following commands as required l Run remark 8021p 8021p value inner 8021p The 802 1p priority of the packets matching the traffic classification is re marked NOTE If inner 8...

Page 27: ...e packets matching the traffic classification is re marked NOTE The DSCP value and IP precedence of packets cannot be re marked at the same time End Configuring the Redirection Action The redirection action redirects packets matching the traffic classification rule to the CPU the specified interface the specified next hop address Procedure Step 1 Run system view The system view is displayed Step 2...

Page 28: ...de That is the S3700 selects a next hop by using the Hash algorithm based on the source IP addresses of the packets regardless of the traffic volume If the source IP addresses of the packets are the same the S3700 forwards the packets to the same next hop regardless of the traffic volume When redirecting packets to multiple next hops the S3700 can quickly switch the link to an available outbound i...

Page 29: ...s car command to configure a CAR profile End Configuring Flow Mirroring The flow mirroring action mirrors all the packets matching traffic classification rules to the observing interface Procedure Step 1 Run system view The system view is displayed Step 2 Run traffic behavior behavior name A traffic behavior is created and the traffic behavior view is displayed Step 3 Run mirroring to observe port...

Page 30: ...hen a network is running stably and the MAC address of packets is fixed a device does not need to learn MAC addresses of other packets You can apply a traffic policy and disable MAC address learning in all the traffic classifiers bound to the traffic policy This saves MAC addresses are saved and improves device performance Unauthorized users may change MAC addresses frequently to attack a network ...

Page 31: ...order and configuration order l If the automatic order is used traffic classifiers are matched based on their priorities The priority order is Layer 2 and Layer 3 information Layer 3 information Layer 2 information The traffic classifier with the highest priority is matched first l If the configuration order is used traffic classifiers are matched in the sequence in which they were bound to the tr...

Page 32: ...traffic classification rules on all the member switches A traffic policy that is applied to a specified slot takes effect on all the interfaces and VLANs of the member switch with the specified stack ID The system then performs traffic policing for all the incoming and outgoing packets that match traffic classification rules on this member switch If a stack system is not established a traffic poli...

Page 33: ...the inbound or outbound direction End 1 4 6 Checking the Configuration After a traffic policy based on complex traffic classification is configured you can view the configuration of the traffic classifier traffic behavior and traffic policy Prerequisites The configurations of the traffic policy based on complex traffic classification are complete Procedure l Run the display acl acl number all comm...

Page 34: ...c entering the network you can use simplified QoS commands to configure a traffic policy on the S3700 Then the S3700 can provide differentiated services for different service flows based on the parameters of the packets such as the DSCP value protocol type IP address port number type of the fragmented packets and time range By using simplified QoS commands you can configure traffic monitoring traf...

Page 35: ...rk dscp dscp value yellow drop pass remark 8021p 8021p value remark dscp dscp value red drop pass remark 8021p 8021p value remark dscp dscp value Traffic policing is performed for incoming packets based on the ACL rule Or run traffic limit vlan vlan id outbound acl ipv6 bas acl adv acl name acl name l2 acl rule rule id cir cir value pir pir value cbs cbs value pbs pbs value green drop pass remark ...

Page 36: ... to 4999 and the Layer 3 ACL number ranges from 2000 to 2999 or 3000 to 3999 To configure both Layer 2 ACLs and Layer 3 ACLs on an inbound interface of a switch use the following command traffic limit vlan vlan id inbound acl l2 acl name acl name rule rule id acl bas acl adv acl name acl name rule rule id cir cir value pir pir value cbs cbs value pbs pbs value green drop pass remark 8021p 8021p va...

Page 37: ...ction is configured in the ACL rule the traffic limit command does not take effect l If the permit action is configured in the ACL rule the traffic limit command takes effect A Layer 2 ACL and a Layer 3 ACL can be set in the traffic limit command simultaneously The Layer 3 ACL and its rules can be configured only after the Layer 2 ACL and its rules are configured The Layer 2 ACL number ranges from...

Page 38: ...raffic filter command simultaneously The Layer 3 ACL and its rules can be configured only after the Layer 2 ACL and its rules are configured The Layer 2 ACL number ranges from 4000 to 4999 and the Layer 3 ACL number ranges from 2000 to 2999 or 3000 to 3999 To configure both Layer 2 ACLs and Layer 3 ACLs on a switch interface use the following command traffic filter vlan vlan id inbound acl l2 acl ...

Page 39: ... marking action the S3700 re marks priorities of packets matching traffic classification rules such as 802 1p priorities of VLAN packets DSCP priorities of IP packets and EXP priorities of MPLS packets Procedure l Configuring re marking globally 1 Run system view The system view is displayed 2 Run traffic remark vlan vlan id inbound acl ipv6 bas acl adv acl name acl name l2 acl user acl rule rule ...

Page 40: ...an vlan id inbound acl l2 acl name acl name rule rule id acl bas acl adv acl name acl name rule rule id 8021p 8021p value destination mac mac address dscp dscp name dscp value local precedence local precedence value ip precedence ip precedence value vlan id vlan id If you use the traffic remark vlan vlan id inbound acl acl number vlan vlan id command to re mark VLAN IDs on incoming packets the VLA...

Page 41: ...istics on packets matching traffic classification rules Procedure l Configuring traffic statistics globally 1 Run system view The system view is displayed 2 Run traffic statistic vlan vlan id inbound acl ipv6 bas acl adv acl name acl name l2 acl user acl rule rule id by bytes The statistics on the incoming packets matching an ACL rule are collected on an interface NOTE If the value of vlan vlan id...

Page 42: ...s from 2000 to 2999 or 3000 to 3999 To configure both Layer 2 ACLs and Layer 3 ACLs on an interface of a switch use the following command traffic statistic inbound acl l2 acl name acl name rule rule id acl bas acl adv acl name acl name rule rule id by bytes End 1 5 6 Mirroring Traffic That Matches an ACL Rule Context By configuring traffic mirroring you can mirror packets that match an ACL rule to...

Page 43: ... the Eth Trunk interface view is displayed 3 Run traffic mirror inbound acl ipv6 bas acl adv acl name acl name l2 acl user acl rule rule id to observe port o index The incoming packets matching an ACL rule are mirrored on an interface NOTE A Layer 2 ACL and a Layer 3 ACL can be set in the traffic mirror command simultaneously The Layer 3 ACL and its rules can be configured only after the Layer 2 A...

Page 44: ...3 ACLs on an interface of a switch use the following command traffic redirect vlan vlan id inbound acl l2 acl name acl name rule rule id acl bas acl adv acl name acl name rule rule id cpu interface interface type interface number ip nexthop ip nexthop ipv6 nexthop ipv6 nexthop l Configuring traffic redirection on an interface 1 Run system view The system view is displayed 2 Run interface interface...

Page 45: ...se class classifier name command to check the flow based traffic statistics End 1 6 2 Clearing the Flow based Traffic Statistics You can use the reset command to clear the flow based traffic statistics Context CAUTION The flow based traffic statistics cannot be restored after being cleared Exercise caution when you run the command Procedure l Run the reset traffic policy statistics global slot slo...

Page 46: ...s mapped to 2 By doing this Switch provides differentiated services Figure 1 1 Networking diagram of priority mapping based on simple traffic classification Core Network GE0 0 1 GE0 0 3 Switch Router GE0 0 2 VLAN 100 VLAN 200 Branch 1 of the enterprise branch 2 of the enterprise VLAN 300 Configuration Roadmap The configuration roadmap is as follows 1 Create VLANs and configure interfaces so that B...

Page 47: ...ch GigabitEthernet0 0 3 quit Create VLANIF 300 and assign interface IP address uo192 168 1 1 24 to VLANIF 300 Switch interface vlanif 300 Switch Vlanif300 ip address 192 168 1 1 24 NOTE Assign IP address 192 168 1 2 24 to the interface connecting the router and the Switch Step 2 Create and configure DiffServ domains Create DiffServ domains ds1 and ds2 and map 802 1p priorities of packets from Bran...

Page 48: ...rks different 802 1p priorities of packets with different VLAN IDs to provide differentiated services Networking Requirements The Switch is connected to the router through GE0 0 3 Branch 1 and Branch 2 of the enterprise can access the network through the Switch and router See Figure 1 2 Data services of Branch 1 and Branch 2 of the enterprise come from VLANs 100 and 200 When the data service packe...

Page 49: ...c classifiers in the traffic policy and apply the traffic policy to the interface at the inbound direction Data Preparation To complete the configuration you need the following data l Re marked priorities of packets with different VLAN IDs in the inner VLAN tags l Type direction and number of the interface that a traffic policy needs to be applied to Procedure Step 1 Create VLANs and configure int...

Page 50: ...ier c1 quit Switch traffic classifier c2 operator and Switch classifier c2 if match cvlan id 200 Switch classifier c2 quit Step 3 Create traffic behaviors Create traffic behaviors b1 to b2 on the Switch to re mark priorities of user packets Switch traffic behavior b1 Switch behavior b1 remark 8021p 4 Switch behavior b1 quit Switch traffic behavior b2 Switch behavior b2 remark 8021p 2 Switch behavi...

Page 51: ...erator and if match cvlan id 100 traffic behavior b2 remark 8021p 2 traffic behavior b1 remark 8021p 4 traffic policy p1 classifier c1 behavior b1 classifier c2 behavior b2 interface Vlanif300 ip address 192 168 1 1 255 255 255 0 interface GigabitEthernet0 0 1 qinq vlan translation enable port hybrid pvid vlan 100 port hybrid untagged vlan 100 300 port vlan stacking vlan 100 stack vlan 300 traffic...

Page 52: ...20 20 1 24 20 20 30 2 24 20 20 30 1 24 L2 Switch Switch Router Core network Configuration Roadmap The configuration roadmap is as follows 1 Create VLANs and configure interfaces so that the Switch can ping the ISP device 2 Create ACL rules to match the packets with priorities as 4 5 6 and 7 and priorities as 0 1 2 and 3 3 Create traffic classifiers to match the preceding ACL rules 4 Create traffic...

Page 53: ...h Vlanif30 quit NOTE Assign network segment addresses 20 20 20 1 24 and 20 20 30 1 24 to the interfaces connecting the router and Switch The details are not mentioned here Step 2 Create ACL rules Create advanced ACL rules 3001 and 3002 on the Switch to permit the packets with priorities as 4 5 6 and 7 and priorities as 0 1 2 and 3 to pass through Switch acl 3001 Switch acl adv 3001 rule permit ip ...

Page 54: ...ernet0 0 1 quit Step 6 Verify the configuration Check the configuration of ACL rules Switch display acl 3001 Advanced ACL 3001 4 rules Acl s step is 5 rule 5 permit ip precedence routine rule 10 permit ip precedence priority rule 15 permit ip precedence immediate rule 20 permit ip precedence flash Switch display acl 3002 Advanced ACL 3002 4 rules Acl s step is 5 rule 5 permit ip precedence flash o...

Page 55: ...ier c1 operator and if match acl 3001 traffic classifier c2 operator and if match acl 3002 traffic behavior b1 redirect ip nexthop 20 20 20 1 traffic behavior b2 redirect ip nexthop 20 20 30 1 traffic policy p1 classifier c1 behavior b1 classifier c2 behavior b2 interface Vlanif20 ip address 20 20 20 2 255 255 255 0 interface Vlanif30 ip address 20 20 30 2 255 255 255 0 interface GigabitEthernet0 ...

Page 56: ... 20 20 20 2 24 Configuration Roadmap The configuration roadmap is as follows 1 Configure interfaces so that the Switch is connected to PC1 and the router 2 Create an ACL to match the packets with the source MAC address as 0000 0000 0003 3 Create a traffic classifier to match the ACL 4 Create a traffic behavior to take the statistics on the matching packets 5 Create a traffic policy bind the traffi...

Page 57: ...0000 0000 0003 Switch acl 4000 Switch acl L2 4000 rule permit source mac 0000 0000 0003 ffff ffff ffff Switch acl L2 4000 quit Step 3 Create a traffic classifier Create traffic classifier c1 on the Switch with ACL 4000 as the matching rule Switch traffic classifier c1 Switch classifier c1 if match acl 4000 Switch classifier c1 quit Step 4 Create a traffic behavior Create traffic behavior b1 on the...

Page 58: ...icy p1 Classifier c1 Operator AND Behavior b1 Statistic enable End Configuration Files l Configuration file of the Switch sysname Switch vlan batch 20 acl number 4000 rule 5 permit source mac 0000 0000 0003 traffic classifier c1 operator and if match acl 4000 traffic behavior b1 statistic enable traffic policy p1 classifier c1 behavior b1 interface Vlanif20 ip address 20 20 20 1 255 255 255 0 inte...

Page 59: ...affic on the interface 2 3 Configuring Traffic Policing Based on a Traffic Classifier After traffic policing based on a traffic classifier is configured the S3700 policies the traffic matching traffic classification rules 2 4 Configuring Traffic Shaping After traffic shaping is configured the S3700 shapes packets matching traffic classification rules so that packets are sent out at an even rate 2 ...

Page 60: ... stores a certain number of tokens The S3700 puts tokens at the configured rate one token bucket can forward one bit of data in a token bucket When the token bucket is full the excess tokens overflow and the number of tokens no longer increases When measuring the traffic in a token bucket the S3700 forwards packets based on the number of tokens in the token bucket If there are sufficient tokens in...

Page 61: ...l Interface based traffic policing Interface based traffic policing controls all incoming traffic on an interface regardless of packet types It discards the excess traffic limits traffic within a proper range and protects network resources and carriers interests l Traffic policing based on a traffic classifier Traffic policing based on a traffic classifier limits the rate of the traffic matching a...

Page 62: ... that need to be sent from this interface Continue to send Token bucket Put tokens into the bucket at the set rate Classification Drop Queue The delay may be increased just because the traffic shaping technology puts the packets into a buffer or a queue The traffic policing technology however does not cause a delay Traffic Shaping Features Supported by the S3700 The S3700 supports the following tr...

Page 63: ...ased traffic policing is applied to the interface the rate of all the user service traffic entering the interface is limited Pre configuration Tasks Before configuring a limit rate on the interface complete the following tasks l Setting physical parameters of interfaces l Setting link layer attributes of interfaces to ensure normal operation of these interfaces l Assigning IP addresses to the inte...

Page 64: ... configured on the interface End 2 2 3 Displaying the Maximum Length of a Queue Traffic policing on the management interface limits the traffic received from the management interface to improve system performance Procedure Step 1 Run system view The system view is displayed Step 2 Run interface meth 0 0 1 The MEth interface view is displayed Step 3 Run qos lr pps packets The rate limit is set NOTE...

Page 65: ...ment If the service traffic sent by users is not limited a network is congested because a large number of users send bursts of data in the same period To make full use of limited network resources and provide better services for more users limit user service traffic Traffic policing based on a traffic classifier can be used to control the service traffic of a certain type Pre configuration Tasks B...

Page 66: ...tching the traffic classifier bound to the aggregate CAR action in the same traffic policy and applies the CAR to the flows This is also called hierarchical traffic policing Hierarchical traffic policing implements traffic statistics multiplexing and service control For example hierarchical traffic policing limits the services of level 1 and level 2 users It also limits the traffic of level 1 user...

Page 67: ...created and the traffic behavior view is displayed 4 Run car car name share An aggregate CAR action is configured NOTE Aggregate CAR is valid for only incoming packets After aggregate CAR is configured the rules in a traffic classifier bound to a traffic behavior share a CAR index The system aggregates the traffic and implements the CAR for the traffic If the traffic classifier contains both Layer...

Page 68: ...cy cannot be applied to the system and a slot simultaneously The system performs traffic policing as follows If a stack system is established a traffic policy that is applied to the system takes effect on all the interfaces and VLANs of all the member switches in the stack The system then performs traffic policing for all the incoming and outgoing packets that match traffic classification rules on...

Page 69: ...und direction Only one traffic policy can be applied to a VLAN in the inbound or outbound direction After a traffic policy is applied the system performs traffic policing for the packets that belong to a VLAN and match a traffic classifier in the inbound or outbound direction End 2 3 6 Checking the Configuration After traffic policing based on a traffic classifier is configured you can view the tr...

Page 70: ...m network In this manner the rate of packets sent to the downstream network meets the requirements of the bandwidth of the downstream network This can prevent congestion and packet loss on the network to a certain degree The S3700 supports traffic shaping on an interface and in an interface queue You can configure traffic shaping as required If traffic shaping of these two types is configured ensu...

Page 71: ...erface Group in the S3700HI Ethernet Switches Configuration Guide Ethernet Step 3 Run qos lr inbound outbound cir cir value cbs cbs value The rate for traffic shaping on an interface is set By default the CIR for traffic shaping on an interface is the maximum bandwidth of the interface For example the CIR for traffic shaping on an Ethernet interface is 100000 kbit s the CIR for traffic shaping on ...

Page 72: ...ic shaping for packets of a certain type of services on an interface Before configuring traffic shaping in an interface queue map priorities of packets to PHBs based on simple traffic classification or re mark the internal priorities based on complex traffic classification Different services can enter different interface queues To set the same queue shaping rate on multiple interfaces perform the ...

Page 73: ...interface queue Context Before viewing the traffic shaping parameters of an interface queue run the qos queue statistics enable command to enable the traffic statistics function for the interface queue Procedure l Run the display qos lr inbound outbound interface interface type interface number command to check the rate limit on the specified interface l Run the display qos queue statistics interf...

Page 74: ... You can use display commands to view the Usage of the Queue Context To obtain the usage of queues you can run the following command in any view Procedure l Run the display qos queue length interface interface type interface number command to view the usage of priority queues on the interface End 2 5 3 Clearing the Traffic Statistics You can use the reset commands to clear the traffic statistics C...

Page 75: ... 2 3 the Switch is connected to GE 0 0 1 through the router branch 1 and branch 2 of the enterprise are connected to the Switch through Eth 0 0 1 and Eth 0 0 2 and access the network through the Switch and router Branch 1 and branch 2 of the enterprise require 8 Mbit s and 5 Mbit s bandwidth Figure 2 3 Networking diagram of traffic policing Core network Eth0 0 1 GE0 0 1 LSW1 Switch Router LSW2 Eth...

Page 76: ...ch interface ethernet0 0 2 Switch Ethernet0 0 2 port link type trunk Switch Ethernet0 0 2 port trunk allow pass vlan 200 Switch Ethernet0 0 2 quit Switch interface gigabitethernet0 0 1 Switch GigabitEthernet0 0 1 port link type trunk Switch GigabitEthernet0 0 1 port trunk allow pass vlan 100 200 300 Switch GigabitEthernet0 0 1 quit Create VLANIF 300 and set its network segment address to 192 168 1...

Page 77: ... policing based on a traffic classifier and setting different CAR parameters Networking Requirements The Switch is connected to the router by using GE 0 0 2 enterprise users can access the network by using the Switch and the router In Table 2 1 l Voice services belong to VLAN 120 l Video services belong to VLAN 110 l Data services belong to VLAN 100 On the Switch traffic policing needs to be perfo...

Page 78: ...mit the traffic received from the enterprise and re mark DSCP priorities of packets 4 Create a traffic policy on the Switch bind traffic behaviors to traffic classifiers in the traffic policy and apply the traffic policy to the interface between the enterprise and the Switch Data Preparation To complete the configuration you need the following data l Names of traffic classifiers matching service f...

Page 79: ...00 Switch classifier c3 quit Step 3 Create traffic behaviors Create traffic behaviors b1 to b3 on the Switch to limit different service flows and re mark priorities Switch traffic behavior b1 Switch behavior b1 car cir 2000 pir 10000 green pass Switch behavior b1 remark dscp 46 Switch behavior b1 statistic enable Switch behavior b1 quit Switch traffic behavior b2 Switch behavior b2 car cir 4000 pi...

Page 80: ...tch display traffic policy user defined p1 User Defined Traffic Policy Information Policy p1 Classifier c1 Operator AND Behavior b1 Committed Access Rate CIR 2000 Kbps CBS 250000 Byte PIR 10000 Kbps PBS 1250000 Byte Green Action pass Yellow Action pass Red Action discard Marking Remark DSCP ef statistic enable Classifier c2 Operator AND Behavior b2 Committed Access Rate CIR 4000 Kbps CBS 500000 By...

Page 81: ...d 100 traffic behavior b1 car cir 2000 pir 10000 cbs 250000 pbs 1250000 green pass yellow pass red discard remark dscp ef statistic enable traffic behavior b2 car cir 4000 pir 10000 cbs 500000 pbs 1250000 green pass yellow pass red discard remark dscp af33 statistic enable traffic behavior b3 car cir 4000 pir 10000 cbs 500000 pbs 1250000 green pass yellow pass red discard remark dscp af13 statisti...

Page 82: ...ter to each city is 2 Mbit s l The Switch processes voice video and data services based on priorities It sends traffic with higher priorities first and allocates certain bandwidth to traffic with lower priorities l With bandwidth guarantee bandwidth is allocated randomly Table 2 2 Downstream traffic control on the Switch City EF Traffic AF31 Traffic AF11 Traffic BE Traffic City A 700 kbit s 400 kb...

Page 83: ...traffic l CIR values l Traffic policy name and type and number of the interface to which the traffic policy is applied Procedure Step 1 Configure CAR profiles Create and configure a CAR profile to limit the traffic sent to city A within 2 Mbit s Quidway system view Quidway sysname Switch Switch qos car city_a cir 2000 Create and configure a CAR profile to limit the traffic sent to city B within 2 ...

Page 84: ...sifier city_b_ef quit Switch traffic classifier city_b_af31 operator and Switch classifier city_b_af31 if match dscp af31 Switch classifier city_b_af31 if match acl 3001 Switch classifier city_b_af31 quit Switch traffic classifier city_b_af11 operator and Switch classifier city_b_af11 if match dscp af11 Switch classifier city_b_af11 if match acl 3001 Switch classifier city_b_af11 quit Switch traff...

Page 85: ...ior city_b_be statistic enable Switch behavior city_b_be quit Switch traffic behavior city_b_default Switch behavior city_b_default car cir 64 pir 2000 Switch behavior city_b_default car city_b share Switch behavior city_b_default statistic enable Switch behavior city_b_default quit Step 5 Configure a traffic policy Create and configure a traffic policy city_control bind configured traffic classif...

Page 86: ...3000 rule 5 permit tcp destination 10 1 0 0 0 0 255 255 acl number 3001 rule 5 permit tcp destination 10 2 0 0 0 0 255 255 traffic classifier city_a_af11 operator and if match acl 3000 if match dscp af11 traffic classifier city_a_af31 operator and if match dscp af31 if match acl 3000 traffic classifier city_a_be operator and if match dscp default if match acl 3000 traffic classifier city_a_default...

Page 87: ...ity_b share statistic enable traffic behavior city_b_ef car cir 800 pir 2000 cbs 100000 pbs 250000 green pass yellow pass red discard car city_b share statistic enable traffic policy city_control classifier city_a_ef behavior city_a_ef classifier city_a_af31 behavior city_a_af31 classifier city_a_af11 behavior city_a_af11 classifier city_a_be behavior city_a_be classifier city_a_default behavior c...

Page 88: ...3000 kbit s respectively Figure 2 6 Networking diagram for configuring traffic shaping GE0 0 1 GE0 0 2 Phone TV PC LSW Switch Router Core Network 802 1p 6 802 1p 2 802 1p 5 Residence Configuration Roadmap The configuration roadmap is as follows 1 Create VLANs and configure each interface so that the residential user can access the network through the Switch 2 Configure interfaces to trust 802 1p p...

Page 89: ...fic shaping on an interface of the Switch and set the CIR to 20000 kbit s Switch interface gigabitethernet 0 0 1 Switch GigabitEthernet0 0 1 qos lr outbound cir 20000 Step 4 Configure traffic shaping in an interface queue Configure traffic shaping in the interface queues on the Switch and then set the CIR and PIR of the voice service to 3000 kbit s and 5000kbit s the CIR and PIR of the video servi...

Page 90: ...d cir 20000 cbs 2500000 qos queue 2 shaping cir 2000 pir 3000 qos queue 5 shaping cir 5000 pir 8000 qos queue 6 shaping cir 3000 pir 5000 interface GigabitEthernet0 0 2 port link type trunk port trunk allow pass vlan 10 trust 8021p return S3700HI Ethernet Switches Configuration Guide QoS 2 Traffic Policing and Traffic Shaping Configuration Issue 01 2012 03 15 Huawei Proprietary and Confidential Co...

Page 91: ...esses packets of different colors based on the WRED configuration 3 3 Configuring Congestion Management After congestion management is configured if congestion occurs on a network the S3700 determines the sequence of forwarding packets according to the defined scheduling policy 3 4 Maintaining Congestion Avoidance and Congestion Management This section describes how to maintain traffic avoidance a...

Page 92: ...k traffic to change from heavy to light and affects the link usage RED The RED mechanism randomly discards packets so that the S3700 reduces the transmission speeds of multiple TCP connections at different periods of time This prevents global TCP synchronization RED sets the upper threshold and lower threshold for the length of each queue and processes packets as follows l When the queue length is...

Page 93: ...ut into a low priority queue This ensures that core services are sent first The disadvantage of PQ scheduling is that the packets of lower priorities are not processed if there are a large number of packets of higher priorities when congestion occurs WRR Scheduling WRR refers to Weighted Round Robin WRR schedules packets of queues in a polling manner ensuring that packets in each queue are sent at...

Page 94: ...n the bandwidth for a long time l If only WRR or DRR scheduling is used delay sensitive services such as voice service cannot be scheduled first l PQ WRR or PQ DRR scheduling can use the advantages of both PQ and WRR or DRR scheduling and offset their disadvantages Through PQ WRR or PQ DRR scheduling important protocol packets and delay sensitive service packets are put in a PQ queue and specified...

Page 95: ...ptional Setting the Length of the Interface Queue You can set the maximum number of packets that can be buffered in the specified interface queue by setting the length of the interface queue Context You must run the shutdown interface view command to shut down the interface before running the qos queue max length command Otherwise traffic is interrupted and an alarm is generated Procedure Step 1 R...

Page 96: ...Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The interface view is displayed Or run the port group port group name command to enter the port group view NOTE l The interface type can be Ethernet GE or Eth Trunk l Create a port group before performing this task For details on how to create a port group see Configuring the Interface Group in...

Page 97: ... WRED drop profile is applied to the system and an interface simultaneously the WRED drop profile applied to the interface takes effect After a WRED drop profile is applied to the system it takes effect on all the interfaces l If WRED drop profiles are applied to an interface and an interface queue on the S3700 the S3700 matches packets with WRED drop profiles in the interface queue and the interf...

Page 98: ...s applied to a port group l Applying a WRED drop profile to an interface queue 1 Run system view The system view is displayed 2 Run interface interface type interface number The interface view is displayed 3 Run qos queue queue index wred drop profile name The WRED drop profile is applied to an interface queue drop profile name specifies the name of a WRED drop profile and must be the same as the ...

Page 99: ...following situations l The same delay and jitter are set for various types of packets and packets of core services such as video and voice services need to be processed first l Packets of non core services of the same priority such as email are processed in a fair manner and services of different priorities are processed according to the weights Pre configuration Tasks Before configuring congestio...

Page 100: ...Run system view The system view is displayed l Run interface interface type interface number The interface view is displayed l Run qos queue queue index length length value The length of the interface priority queue is set End 3 3 3 Optional Setting the Minimum Size of the Static Buffer in an Interface Queue You can set the minimum size of the static buffer in an interface queue to ensure that the...

Page 101: ...orkload Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The interface view is displayed Or run the port group port group name command to enter the port group view NOTE Create a port group before performing this task For details about creating a port group see Optional Configuring a Port Group in the S3700HI Ethernet Switches Config...

Page 102: ...rs of the queues on a specified interface Prerequisites The congestion management configurations are complete Procedure l Run the display qos local precedence queue map command to check the mappings between local precedences and queues l Run the display qos configuration interface interface type interface number command to check all the QoS configurations on the interface End 3 4 Maintaining Conge...

Page 103: ...erface you can use the following command in the user view to clear the previous statistics CAUTION The queue based statistics cannot be restored after you clear them So confirm the action before you use the command Procedure l Run the reset qos queue statistics interface interface type interface number command to clear the queue based traffic statistics on the interface End 3 5 Configuration Examp...

Page 104: ...nterfaces To reduce the effect caused by congestion and ensure that high priority and short delay services are processed first the requirements are as follows Table 3 1 Congestion avoidance parameters Types of Services Color Lower Threshold Upper Threshold Drop Percent Voice Green 80 100 10 Video Yellow 60 80 20 Data Red 40 60 40 Table 3 2 Congestion management parameters Type of Services CoS WRR ...

Page 105: ... to an incoming interface on the Switch 3 Create a WRED drop profile on the Switch and apply the WRED drop profile on an outgoing interface 4 Set scheduling parameters of queues of different CoS on outgoing interfaces of the Switch Data Preparation To complete the configuration you need the following data l VLAN IDs of data packets video packets and voice packets namely 2 5 and 6 l PHBs mapped to ...

Page 106: ... 3 trust upstream ds1 Switch GigabitEthernet0 0 3 trust 8021p inner Switch GigabitEthernet0 0 3 quit Step 3 Configure congestion avoidance Create drop profile wred1 on the Switch and set parameters of packets of three colors Switch drop profile wred1 Switch drop wred1 color green low limit 80 high limit 100 discard percentage 10 Switch drop wred1 color yellow low limit 60 high limit 80 discard per...

Page 107: ...inbound 6 phb ef green 8021p inbound 7 phb cs7 green 8021p outbound be green map 0 Check the configuration of drop profile wred1 Switch display drop profile name wred1 Drop profile 3 wred1 Color Low limit High limit Discard percentage Green 80 100 10 Yellow 60 80 20 Red 40 60 40 Non tcp 100 100 100 End Configuration Files l Configuration file of the Switch sysname Switch vlan batch 2 5 6 diffserv ...

Page 108: ...e 5 drr weight 0 qos wred wred1 qos queue 1 wred wred1 qos queue 3 wred wred1 qos queue 5 wred wred1 interface GigabitEthernet0 0 3 port link type trunk port trunk allow pass vlan 2 5 6 trust upstream ds1 trust 8021p inner return S3700HI Ethernet Switches Configuration Guide QoS 3 Congestion Avoidance and Congestion Management Configuration Issue 01 2012 03 15 Huawei Proprietary and Confidential C...

Reviews: