HP MSR4080 Configuration Manual
  1. Manuals
  2. Brands
  3. HP Manuals
  4. Network Router
  5. MSR4080
  6. Configuration manual
HP MSR4080 Configuration Manual

HP MSR4080 Configuration Manual

Acl and qos
Hide thumbs Also See for MSR4080:
Table of Contents

Advertisement

Quick Links

HP MSR Router Series
ACL and QoS
Configuration Guide(V7)
Part number: 5998-6351
Software version: CMW710-R0106
Document version: 6PW101-20140807

Advertisement

Table of Contents
loading

Related Manuals for HP MSR4080

Summary of Contents for HP MSR4080

  • Page 1 HP MSR Router Series ACL and QoS Configuration Guide(V7) Part number: 5998-6351 Software version: CMW710-R0106 Document version: 6PW101-20140807...

  • Page 2: Legal And Notice Information

    The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an...

  • Page 3: Table Of Contents

    Contents Legal and notice information ·········································································································································i   Configuring ACLs ························································································································································· 5   Overview ············································································································································································ 5   ACL categories ························································································································································· 5   Numbering and naming ACLs ································································································································ 5   Match order ······························································································································································ 5   Rule numbering ························································································································································· 6   Fragments filtering with ACLs ·································································································································· 7  ...
  • Page 4 Applying the QoS policy to the control plane···································································································· 24   Applying the QoS policy to the management interface control plane ···························································· 25   Configuring the QoS policy-based traffic rate statistics collection period for an interface ···································· 25   Displaying and maintaining QoS policies ·················································································································· 26  ...
  • Page 5 Defining a QoS policy ·········································································································································· 56   Applying the QoS policy ······································································································································ 56   Configuring the maximum available interface bandwidth ··············································································· 57   Setting the maximum reserved bandwidth as a percentage of available bandwidth ··································· 58   Displaying and maintaining CBQ ······················································································································· 58  ...
  • Page 6   Displaying and maintaining time ranges··················································································································· 100   Time range configuration example ···························································································································· 100   Support and other resources ·································································································································· 102   Contacting HP ······························································································································································ 102   Subscription service ············································································································································ 102   Related information ······················································································································································ 102   Documents ···························································································································································· 102  ...

  • Page 7: Configuring Acls

    In this chapter, "MSR1000" refers to MSR1002-4. "MSR2000" refers to MSR2003, MSR2004-24, MSR2004-48. "MSR3000" collectively refers to MSR3012, MSR3024, MSR3044, MSR3064. "MSR4000" collectively refers to MSR4060 and MSR4080. Overview An access control list (ACL) is a set of rules (or permit or deny statements) for identifying traffic based on criteria such as source IP address, destination IP address, and port number.

  • Page 8: Rule Numbering

    The following ACL match orders are available: • config—Sorts ACL rules in ascending order of rule ID. A rule with a lower ID is matched before a rule with a higher ID. If you use this method, check the rules and their order carefully. auto—Sorts ACL rules in depth-first order.

  • Page 9: Fragments Filtering With Acls

    Traditional packet filtering matches only first fragments of packets, and allows all subsequent non-first fragments to pass through. Attackers can fabricate non-first fragments to attack networks. To avoid the risks, the HP ACL implementation does the follows: Filters all fragments by default, including non-first fragments.

  • Page 10: Configuring An Ipv4 Basic Acl

    Configuring an IPv4 basic ACL IPv4 basic ACLs match packets based only on source IP addresses. To configure an IPv4 basic ACL: Step Command Remarks Enter system view. system-view By default, no ACL exists. IPv4 basic ACLs are numbered in acl number acl-number [ name Create an IPv4 basic ACL and the range of 2000 to 2999.

  • Page 11: Configuring An Advanced Acl

    Step Command Remarks rule [ rule-id ] { deny | permit } [ counting | fragment | logging | By default, an IPv6 basic ACL does routing [ type routing-type ] | not contain any rule. source { source-address The logging keyword takes effect Create or edit a rule.

  • Page 12: Configuring An Ipv6 Advanced Acl

    Step Command Remarks rule [ rule-id ] { deny | permit } protocol [ { { ack ack-value | fin fin-value | psh psh-value | rst rst-value | syn syn-value | urg urg-value } * | established } | counting | destination By default, an IPv4 advanced ACL { dest-address dest-wildcard | does not contain any rule.

  • Page 13: Configuring An Ethernet Frame Header Acl

    Step Command Remarks (Optional.) Set the rule step step-value The default setting is 5. numbering step. rule [ rule-id ] { deny | permit } protocol [ { { ack ack-value | fin fin-value | psh psh-value | rst rst-value | syn syn-value | urg urg-value } * | established } | counting | destination { dest-address dest-prefix |...

  • Page 14: Copying An Acl

    Step Command Remarks (Optional.) Configure a By default, an Ethernet frame description for the Ethernet description text header ACL has no ACL frame header ACL. description. (Optional.) Set the rule step step-value The default setting is 5. numbering step. rule [ rule-id ] { deny | permit } [ cos vlan-pri | counting | dest-mac dest-address dest-mask | { lsap By default...

  • Page 15: Applying An Acl To An Interzone Instance For Packet Filtering

    Step Command Remarks By default, an interface does not packet-filter [ ipv6 ] { acl-number | filter packets. Apply an ACL to the interface name acl-name } { inbound | to filter packets. You can apply up to 32 ACLs to the outbound } same direction of an interface.

  • Page 16: Displaying And Maintaining Acls

    Displaying and maintaining ACLs Execute display commands in any view and reset commands in user view. Task Command display acl [ ipv6 ] { acl-number | all | name Display ACL configuration and match statistics. acl-name } display packet-filter { interface [ interface-type Display ACL application information for packet interface-number ] [ inbound | outbound ] | interzone filtering (MSR1000/MSR2000/MSR3000).

  • Page 17: Acl Configuration Example

    ACL configuration example Network requirements A company interconnects its departments through Router A. Configure an ACL to: Permit access from the President's office at any time to the financial database server. • Permit access from the Financial department to the database server only during working hours (from •...

  • Page 18: Verifying The Configuration

    [RouterA-GigabitEthernet2/1/0] quit Verifying the configuration # Ping the database server from a PC in the Financial department during the working hours. (All PCs in this example use Windows XP). C:\> ping 192.168.0.100 Pinging 192.168.0.100 with 32 bytes of data: Reply from 192.168.0.100: bytes=32 time=1ms TTL=255 Reply from 192.168.0.100: bytes=32 time<1ms TTL=255 Reply from 192.168.0.100: bytes=32 time<1ms TTL=255 Reply from 192.168.0.100: bytes=32 time<1ms TTL=255...

  • Page 19: Qos Overview

    QoS overview In data communications, Quality of Service (QoS) provides differentiated service guarantees for diversified traffic in terms of bandwidth, delay, jitter, and drop rate, all of which can affect QoS. QoS manages network resources and prioritizes traffic to balance system resources. The following section describes typical QoS service models and widely used QoS techniques.

  • Page 20: Deploying Qos In A Network

    Traffic classification. • • Traffic policing. Traffic shaping. • Rate limit. • • Congestion management. Congestion avoidance. • The following section briefly introduces these QoS techniques. All QoS techniques in this document are based on the DiffServ model. Deploying QoS in a network Figure 2 Position of the QoS techniques in a network As shown in Figure...

  • Page 21: Qos Processing Flow In A Device

    QoS processing flow in a device Figure 3 briefly describes how the QoS module processes traffic: Traffic classifier identifies and classifies traffic for subsequent QoS actions. The QoS module takes various QoS actions on classified traffic as configured, depending on the traffic processing phase and network status.

  • Page 22: Configuring A Qos Policy

    In this chapter, "MSR1000" refers to MSR1002-4. "MSR2000" refers to MSR2003, MSR2004-24, MSR2004-48. "MSR3000" collectively refers to MSR3012, MSR3024, MSR3044, MSR3064. "MSR4000" collectively refers to MSR4060 and MSR4080. You can configure QoS by using the MQC approach or non-MQC approach. Some features support both approaches, but some support only one.

  • Page 23: Defining A Traffic Class

    Figure 4 QoS policy configuration procedure Defining a traffic class Step Command Remarks Enter system view. system-view Create a traffic class and traffic classifier classifier-name By default, no traffic class is enter traffic class view. [ operator { and | or } ] configured.

  • Page 24: Defining A Qos Policy

    Defining a QoS policy Configuring a parent policy You associate a traffic behavior with a traffic class in a QoS policy to perform the actions defined in the traffic behavior for the traffic class of packets. To associate a traffic class with a traffic behavior in a QoS policy: Step Command Remarks...

  • Page 25: Applying The Qos Policy

    Step Command Remarks Return to system view. quit Create a behavior for the parent policy and enter traffic behavior behavior-name By default, no behavior is created. behavior view. Nest the child QoS traffic-policy policy-name By default, policy nesting is not configured. policy.

  • Page 26: Applying The Qos Policy To The Control Plane

    By default, no QoS policy is Apply the QoS policy to qos apply policy policy-name { inbound | applied to an interface or the interface or PVC. outbound } PVC. Applying the QoS policy to the control plane A device provides the data plane and the control plane: Data plane—The units at the data plane are responsible for receiving, transmitting, and switching •...

  • Page 27: Applying The Qos Policy To The Management Interface Control Plane

    Applying the QoS policy to the management interface control plane The following matrix shows the feature and hardware compatibility: Hardware Feature compatibility MSR1000 MSR2000 MSR3000 MSR4000 If the transmission rate of the packets sent from the management interface to the control plane exceeds the processing capability of the control plane, the control plane will fail to handle the packets correctly or timely.

  • Page 28: Displaying And Maintaining Qos Policies

    Step Command Remarks Enter system view. system-view Enter interface view. interface interface-type interface-number The default setting is 5 minutes. A subinterface uses the statistics Configure the traffic rate collection period configured on statistics collection period qos flow-interval interval the main interface. for the interface.
  • Page 29 Display information about the predefined QoS policy applied to a control plane display qos policy control-plane pre-defined [ slot slot-number ] (MSR4000). Display information about the predefined QoS policy applied to the management display qos policy control-plane management pre-defined interface control plane (MSR4000). Clear the statistics for the QoS policy applied to the control plane reset qos policy control-plane...

  • Page 30: Configuring Priority Mapping

    Configuring priority mapping Overview When a packet arrives, a device assigns a set of QoS priority parameters to the packet based on either a priority field carried in the packet or the port priority of the incoming port. This process is called "priority mapping."...

  • Page 31: Priority Mapping Configuration Tasks

    The default priority maps (as shown in Appendix B Default uncolored priority maps) are available for priority mapping. They are adequate in most cases. If a default priority map cannot meet your requirements, you can modify the priority map as required. Priority mapping configuration tasks You can configure priority mapping by using any of the following methods: Configuring priority trust mode—In this method, you can configure a port to look up a trusted...

  • Page 32: Configuring A Port To Trust Packet Priority For Priority Mapping

    This feature is supported only on routers installed with Layer 2 switching modules. For information about interface modules, see HP MSR Series Routers Interface Module Manual. You can configure the device to trust a particular priority field carried in packets for priority mapping on ports or globally.

  • Page 33: Port Priority Configuration Example

    Task Command Display priority map configuration. display qos map-table [ dot1p-lp | dscp-lp ] Display the trusted packet priority type display qos trust interface [ interface-type interface-number ] on a port. Port priority configuration example Network requirements As shown in Figure 5, the IP precedence of traffic from Router A to Router C is 3, and the IP precedence of traffic from Router B to Router C is 1.

  • Page 34: Priority Mapping Table And Priority Marking Configuration Example

    Priority mapping table and priority marking configuration example Network requirements As shown in Figure The marketing department connects to GigabitEthernet 2/1/0 of the router, which sets the 802.1p • priority of traffic from the marketing department to 3. The R&D department connects to GigabitEthernet 2/1/1 of the router, which sets the 802.1p •...

  • Page 35: Configuration Procedure

    Figure 6 Network diagram Internet Host Host Server Server Management Dept R&D Dept Router Data server Host Server Mail server Public servers Marketing Dept Configuration procedure Configure trusting port priority: # Set the port priority of GigabitEthernet 2/1/0 to 3. <Router>...
  • Page 36 [Router-maptbl-dot1p-lp] import 5 export 4 [Router-maptbl-dot1p-lp] quit Map the local precedence values 6 and 2 to local precedence values 2 and 3 and keep local precedence value 4 unchanged. This guarantees the management department, marketing department, and R&D department decreased priorities to access the Internet. [Router] traffic classifier rd [Router-classifier-rd] if-match local-precedence 6 [Router-classifier-rd] quit...

  • Page 37: Configuring Traffic Policing, Gts, And Rate Limit

    In this chapter, "MSR1000" refers to MSR1002-4. "MSR2000" refers to MSR2003, MSR2004-24, MSR2004-48. "MSR3000" collectively refers to MSR3012, MSR3024, MSR3044, MSR3064. "MSR4000" collectively refers to MSR4060 and MSR4080. Overview Traffic policing helps assign network resources (including bandwidth) and increase network performance.

  • Page 38: Traffic Policing

    EBS—Size of bucket E, which specifies the transient burst of traffic that bucket E can forward. • CBS is implemented with bucket C, and EBS with bucket E. In each evaluation, packets are measured against the following bucket scenarios: If bucket C has enough tokens, packets are colored green. •...

  • Page 39: Gts

    GTS supports shaping the outbound traffic. GTS limits the outbound traffic rate by buffering exceeding traffic. You can use GTS to adapt the traffic output rate on a device to the input traffic rate of its connected device to avoid packet loss. The differences between traffic policing and GTS are as follows: Packets to be dropped with traffic policing are retained in a buffer or queue with GTS, as shown •...

  • Page 40: Configuring Traffic Policing

    Rate limit also uses token buckets for traffic control. When rate limit is configured on an interface, a token bucket handles all packets to be sent through the interface for rate limiting. If enough tokens are in the token bucket, packets can be forwarded. Otherwise, packets are put into QoS queues for congestion management.

  • Page 41: Configuring Traffic Policing By Using The Non-Mqc Approach

    Step Command Remarks Create a traffic By default, no traffic behavior is behavior and enter traffic behavior behavior-name configured. traffic behavior view. car cir committed-information-rate [ cbs committed-burst-size [ ebs Configure a traffic By default, no traffic policing action is excess-burst-size ] ] [ pir policing action.

  • Page 42: Configuring Gts

    Step Command Remarks qos car { inbound | outbound } carl Configure a carl-index cir committed-information-rate [ cbs By default, no CAR policy is CAR-list-based CAR committed-burst-size [ ebs excess-burst-size ] ] configured. policy on the interface. [ pir peak-information-rate ] [ green action | red action | yellow action ] * Configuring ACL-based traffic policing Step...

  • Page 43: Configuring Gts By Using The Non-Mqc Approach

    Step Command Remarks By default, no match criterion is configured. Configure match For configurable match if-match [ not ] match-criteria criteria. criteria, see the if-match command in ACL and QoS Command Reference. Return to system view. quit Create a behavior and By default, no behavior is traffic behavior behavior-name enter behavior view.

  • Page 44: Configuring The Rate Limit

    qos gts acl [ ipv6 ] acl-number cir committed-information-rate [ cbs Configure ACL-based By default, GTS is not configured committed-burst-size [ ebs GTS on the interface. on an interface. excess-burst-size ] ] [ queue-length queue-length ] Configuring GTS for all traffic Step Command Remarks...

  • Page 45: Traffic Policing And Gts Configuration Example

    Task Command Display GTS configuration and statistics on display qos gts interface [ interface-type interface-number ] an interface. Display rate limit configuration and statistics display qos lr interface [ interface-type interface-number ] on an interface. Traffic policing and GTS configuration example Network requirements As shown in Figure 1...

  • Page 46: Ip Rate Limit Configuration Example

    # Configure GTS on GigabitEthernet 2/1/2, shaping the packets when the sending rate exceeds 500 kbps to decrease the packet loss rate of GigabitEthernet 2/1/0 of Router B. <RouterA> system-view [RouterA] interface gigabitethernet 2/1/2 [RouterA-GigabitEthernet2/1/2] qos gts any cir 500 [RouterA-GigabitEthernet2/1/2] quit # Configure ACLs to permit the packets from the server and Host A.

  • Page 47: Configuration Procedure

    Figure 12 Network diagram Configuration procedure # Configure per-IP-address rate limiting on GigabitEthernet 2/1/1 to limit the rate of each host on the network segment 2.1.1.1 through 2.1.1.100, and allow all IP addresses in the network segment to share the remaining bandwidth.

  • Page 48: Configuring Congestion Management

    In this chapter, "MSR1000" refers to MSR1002-4. "MSR2000" refers to MSR2003, MSR2004-24, MSR2004-48. "MSR3000" collectively refers to MSR3012, MSR3024, MSR3044, MSR3064. "MSR4000" collectively refers to MSR4060 and MSR4080. Overview Congestion occurs on a link or node when traffic size exceeds the processing capability of the link or node.

  • Page 49: Fifo

    FIFO Figure 14 FIFO queuing As shown in Figure 14, the first in first out (FIFO) uses a single queue and does not classify traffic or schedule queues. FIFO delivers packets depending on their arrival order: the packet that arrives earlier is scheduled first.

  • Page 50: Cbq

    Short packets and long packets are equally scheduled. If long packets and short packets exist in • queues, statistically the short packets are scheduled preferentially to reduce the jitter between packets. WFQ considers weights when determining the queue scheduling order. Statistically, WFQ gives high-priority traffic more scheduling opportunities than low-priority traffic.

  • Page 51: Congestion Management Technique Comparison

    Emergency queue—Enqueues emergent packets. The emergency queue is a FIFO queue without • bandwidth restriction. Low Latency Queuing (LLQ)—An EF queue. Because packets are fairly treated in CBQ, • delay-sensitive flows like video and voice packets might not be transmitted timely. To solve this problem, LLQ combines PQ and CBQ to preferentially transmit delay-sensitive flows like voice packets.

  • Page 52: Configuring The Fifo Queue Size

    Type Number of queues Advantages Disadvantages • Easy to configure. • Bandwidth guarantee for packets from cooperative (interactive) sources (such as TCP packets). • Reduces jitter. • Reduces the delay for The processing speed is slower than interactive applications with Configurable FIFO.

  • Page 53: Displaying And Maintaining Fifo

    Step Command Remarks Enter system view. system-view • Enter interface vie interface interface-ty interface-number Enter interface or PVC • Enter PVC view: view. interface atm interface-number pvc vpi/vci The default FIFO queue size is 75. Configure the FIFO queue qos fifo queue-length If the burst traffic is too heavy, increase size.

  • Page 54: Displaying And Maintaining Wfq

    Step Command Remarks qos wfq [ dscp | precedence ] [ queue-length By default, WFQ is not Configure WFQ. max-q ueue-length | queue-number configured. total-q ueue-number ] * Displ aying and maintaining WFQ Execute display commands in any view. Task Command Display the WFQ configuration and statistics display qos queue wfq interface [ interfac...

  • Page 55: Defining A Class

    Associates the predefined class default-class with the predefined traffic behavior be. • Defining a class t S ep Command Remarks Enter system view. system-view traffic classifie Create a class and classifier-name [ operator By default, no class is created. enter class view. { and | or } ] By default, no match criterion is configu red.
  • Page 56 You cannot configure the queue ef command together with the any of the commands queue af and • queue-length for a traffic behavior. The default class c annot be associated with a traffic behavior including EF. • To configure que ue ef for multiple classes of a policy, you must configure them in one of the •...
  • Page 57 Enabling WR When you enable WRED, follow these guidelines: • Before enablin g WRED, configure the queue af or queue wfq command. wred command and the queue-len command are mutually xclusive. • en WRED is disabled, other WR ED co nfigurations ar e deleted.

  • Page 58: Defining A Qos Policy

    Step Command Remarks By default, low-limit is 10, Configure the lower limit, high-limit is 30, and discard-prob wred dscp dscp-value low-limit upper limit, and drop is 10. low-limit high-limit high-limit probability denominato r for a [ discard-probability discard-prob ] Repeat this co mmand to configure DSCP value in WRED.

  • Page 59: Configuring The Maximum Available Interface Bandwidth

    , HDLC link bundle interface. • Configura tion g uidelines • HP recommends th at you c onfigure the maximum available interface bandwidth to be smaller than the actual available band width of the physical interface or logic l link.

  • Page 60: Setting The Maximum Reserved Bandwidth As A Percentage Of Available Bandwidth

    Settin g the maximum reserved bandwidth as a percentage of available bandwidth he maximum reserved bandwidth is set on a per-interface basis and decides the maximum bandwidth ssigna ble for the QoS queues on an interfac e. It is typically set n o greater t han 80% of available bandwidth, considering...

  • Page 61: Cbq Configuration Example

    BQ configuration example Network re quirements As shown in Figure 1 7, configure a QoS policy to meet the following requirements: Traffic from Router C is classified into three cla sses based on DSCP values. Perform AF for traffic with •...

  • Page 62: Configuring Packet Information Pre-Extraction

    [RouterA-behavior-af21_behav] quit # Define a traffic behavior, and enable EF and set a maximum bandwidth percentage of 30% (both bandwidth and delay are guaranteed f or EF traffic) in the traffic behavior. [RouterA] traffic behavior ef_behav [RouterA-behavior-ef_behav] queue ef bandwidth pct 30 [RouterA-behavior-ef_behav] quit # Define a QoS policy and associat e the configured traffic behaviors with classes in the QoS policy.
  • Page 63 <Sysname> system-view [Sysname] interface tunnel 0 [Sysname-Tunnel0] qos pre-classify...

  • Page 64: Configuring Congestion Avoidance

    Configuring congestion avoidance Overview Avoiding congestion before it occurs is a proactive approach to improving network perform ance. As a flow control mechanism, congestion avoidance: • Actively monitors network resources (such as queues and memory buffers). Drops packets when congestion is expected to occur or deteriorate. •...

  • Page 65: Relationship Between Wred And Queuing Mechanisms

    With WFQ queuing used, you can set the exponent for average queue size calculation, upper threshold, lower threshold, and drop probability for packets with different precedence values respectively to provide differentiated drop policies. With FIFO queuing used, you can set the exponent for average queue size calculation, upper threshold, lower threshold, and drop probab ility for each queue to provide differentiated drop policies for different classes of packets.

  • Page 66: Configuring Wred On An Interface

    drop probability. When the average queue size exceeds the upper threshold, subsequent packets are dropped. Drop precedence—A parameter used for packet drop. The value 0 corresponds to green packets, • the value 1 corre sponds to yellow packets, and the value 2 corresponds to red packets. Red packets are dropped preferen tially.

  • Page 67: Displaying And Maintaining Wred

    Set the exponent for average queue size calculatio n to 6. • Configuration procedure # Enter system view. <Sysname> system-view # Enter interface view. [Sysname] interface gigabitethernet 2/1/0 # Enable IP precedence-based WRED. [Sysname-GigabitEthernet2/1/0] qos wred ip-precedence enable # Set the following parameters for packets with IP precedence value 3: lower threshold 20, upper threshold 40, and drop prob ability denominator 15.

  • Page 68: Configuring Traffic Filtering

    Configuring traffic filtering You can filter in or filter out traffic of a class by associating the class with a traffic filtering action. For example, you can filter packets sourced from a specific IP address according to network status. Configuration procedure To configure traffic filtering: Step Command...

  • Page 69: Configuration Example

    Configuration example Network requirements As shown in Figure 19, configure traffic filtering on GigabitEthernet 2/1/0 to deny the incoming packets with a source port number other than 21. Figure 19 Network diagram Configuration procedure # Create advanced ACL 3000, and configure a rule to match packets whose source port number is not <Router>...

  • Page 70: Configuring Priority Marking

    Configuring priority marking Priority marking sets the priority fi elds or flag bits o f packets to modify the priori ty of packets. For examp you can use priority marking to set IP precedence or DSCP for a traffic class o f IP packets to co ntrol the forwarding of these packets...

  • Page 71: Configuration Example

    Step Command Remarks Create a QoS policy and By default, no QoS policy qos policy policy-name enter QoS policy view. is configured. Associate the traffic class By default, a traffic class classifier classifier-name behavior with the traffic behavi or in is not associated with a behavior-name the QoS policy.

  • Page 72: Configuration Procedure

    Confi guration procedure # Create advanced ACL 3000, and configure a rule to match packets with destination IP address 192.168.0.1. <Router> sy stem-view [Router] acl number 3000 [Router-acl-adv-3000] rule permit ip destination 192.168.0.1 0 [Router-acl-adv-3000] quit # Create advanced ACL 3001, and configure a rule to match packets with destina tion IP address 192.168.0.2.
  • Page 73 [Router] traffic behavior behavior_fserver [Router-behavior-behavior_fserver] remark local-preced ence 2 [Router-behavior-behavior_fserver] quit # Create a QoS policy named policy_server, and associate traffic classes with traffic behaviors in the QoS policy. [Router] qos policy policy_server [Router-qospolicy-policy_server] classifier c lassifier_dbserver behavior behavior_dbserver Router-qospolicy-policy_server] classifier classifier_mse rver behavior behavior_mserver Router-qos...

  • Page 74: Configuring Traffic Redirecting

    Configuring traffic redirecting Traffic redirecting redirects packe ts ma tching the specified match criteria to a location f or processing. The router supports redirecting traffic to an interface. The following matrix shows the featu re and hardware compatibility: Hardware Traffic redirectin g feature compatibility MSR1000 MSR2000...

  • Page 75: Configuration Example

    Step Command Remarks By default, no Associate the traffic class classifier classifier-n ame behavior class-behavior with the traffic behavior in behavior-name association is configured the QoS policy. for a QoS policy. Return to system view. quit Choose one of the •...
  • Page 76 [RouterA-classifier-classifier _1] quit # Create a traffic class named classif ier_2, and use ACL 2001 as the match criterion in the traffic class. [RouterA] traffic classifier classifier_2 [RouterA-classifier-classifier_2] if-match acl 2001 [RouterA-classifier-classifier_2] quit # Create a traffic behavior named behavior_1, and configure the action o f redirecting traffic to GigabitEthern et 2/1/1.

  • Page 77: Configuring Qppb

    Configuring QPPB he term "router" in this document refers to bo th routers and Layer 3 switches. Over view he QoS Policy Propagation Through the Border Gateway Protocol (QPPB) feature enables you to las ify IP packets based on BGP community lists, prefix lis ts, and BGP AS paths.

  • Page 78: Qppb Configuration Task List

    QPPB configuration task list Tasks at a glance Configuring the route sender: • (Required.) Configuring basic BGP functions • (Optional.) Creating a routing po licy Configuring the route receiver: • (Required.) Configuring basic BG functions • (Required.) Configuring a routing policy •...

  • Page 79: Enabling Qppb On The Route Receiving Interface

    Enabling QPPB on the route receiving interface Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number By default, QPPB is disabled. bgp-policy { destination | source } Enable QPPB on the interface. The command applies to only { ip-prec-map | ip-qos-map } * incoming traffic.
  • Page 80 Figur e 22 Network diagram Configuration procedure Configure IP addresses for each interface. ( Details not shown.) Configure a BG P connection to Router B, and add the network 1.1.1.0/8 to the BGP routing table on Router A. <RouterA> system-view [RouterA] bgp 1000 [RouterA-bgp] peer 168.1.1.2 as-number 2000...
  • Page 81 [RouterB-classifier-qppb] quit [RouterB] traf fic behavior qppb [RouterB- behavior-qppb] car cir 512 green pass red discard [RouterB-behavio r-qppb] quit [RouterB] qos policy qppb [RouterB-qospolicy-qpp b] classifier qppb behavior qppb [RouterB-qospolicy-qppb] qu # Apply the QoS policy qppb to incoming traffic on interface GigabitEthernet 2/1/1. [RouterB] inter face gigabitethernet 2/1/1 [RouterB-Gi...

  • Page 82: Qppb Configuration Example In An Mpls L3Vpn

    If-match any Behavior: be -none- Classifier: qppb Matched : 0 (Packets) 0 (Bytes) 5-minute statistics: Forwarded: 0/0 (pps/bps) Dropped : 0/0 (pps/bps) Operator: AND Rule(s) : If-match ip-precedence 1 If-match qos-local-id 3 Behavior: qppb Committed Access Rate: CIR 512 (kbps) , CBS 32000 (Bytes), EBS 512 (Bytes) Green action : pass...

  • Page 83: Configure Ospf

    Configuration procedure Configure IP addresses for each interface. (Details not shown.) Configure a BGP connection on Router A. <RouterA> system-view [RouterA] bgp 100 [RouterA-bgp] peer 167.1.1.2 as-number 200 [RouterA-bgp] peer 167.1.1.2 connect-interface gigabitethernet 2/1/1 [RouterA-bgp] address-family ipv4 [RouterA-bgp-ipv4] import-route direc [RouterA-bgp-ipv4] peer 167.1.1.2 enable [RouterA-bgp-ipv4] quit...
  • Page 84 # Bind interface GigabitEthernet 2/1/0 to the VPN instance vpn1. [RouterB] interface gigabitethernet 2/1/0 [RouterB-GigabitEtherne t2/1/0] ip binding vpn-instance vpn1 [RouterB-GigabitEthernet 2/1/0] ip address 167.1.1.2 24 [RouterB-GigabitEthernet2/1/0] quit # Enable MPLS on interface GigabitEthernet 2/1/1. [RouterB] interface gigabitether net 2/1/1 [RouterB-GigabitEthernet2/1/1] mp ls enable [RouterB-GigabitEthernet2/1/1] mpls ldp enable...
  • Page 85 [RouterC-ospf-1-area-0.0.0.0] network 168.1.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] quit [RouterC-ospf-1] quit # Configure a QoS policy. [RouterC] traffic classifier qppb [RouterC-classifier-qppb] if-match qos-local-id 1023 [RouterC-classifier-qppb] quit [RouterC] traffic behavior qppb [RouterC-behavior-qppb] car cir 2000 green pass red discard [RouterC-behavior-qppb] quit [RouterC] qos policy qppb [RouterC-qospolicy-qppb] classifier qppb behavior qppb [RouterC-qospolicy-qppb] quit # Enable MPLS on interface GigabitEthernet 2/1/1.
  • Page 86 Destination/Mask Proto Cost NextHop Interface 0.0.0.0/32 Direct 0 127.0.0.1 InLoop0 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.0/32 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 127.255.255.255/32 Direct 0 127.0.0.1 InLoop0 167.1.1.0/24 Direct 0 167.1.1.1 GE2/1/1 167.1.1.0/32 Direct 0 167.1.1.1 GE2/1/1 167.1.1.1/32 Direct 0 127.0.0.1...
  • Page 87 127.255.255.255/32 Direct 0 127.0.0.1 InLoop0 167.1.1.0/24 Direct 0 167.1.1.2 GE2/1/0 167.1.1.0/32 Direct 0 167.1.1.2 GE2/1/0 167.1.1.2/32 Direct 0 127.0.0.1 InLoop0 167.1.1.255/32 Direct 0 167.1.1.2 GE2/1/0 169.1.1.0/24 2.2.2 GE2/1/1 192.168.1.0/24 167.1.1.1 GE2/1/0 2.168.2.0/24 167.1.1.1 GE2/1/0 192.168.3.0/24 2.2.2.2 GE2/1/1 4.0.0.0/4 Direct 0 0.0.0.0 NULL0 224.0.0.0/24...
  • Page 88 192.168.2.0/24 169.1.1.1 GE2/1/0 192.168.3.0/24 169.1.1.1 GE2/1/0 224.0.0.0/4 Direct 0 0.0.0.0 NULL0 224.0.0.0/24 Direct 0 0.0.0.0 NULL0 255.255.255.255/32 Direct 0 127.0.0.1 InLoop0 # Verify that the re lated routes on Router D take effect. [RouterD] display ip routing-table Destinations : 18 Routes : 18 Destination/Mask Proto...
  • Page 89 Matched : 0 (Packets) 0 (Bytes) 5-minute statistics: Forwarde d: 0/0 (pps/bps) Dropped : 0/0 (pps/bps) Operator: AND Rule(s) : If-match qos -local-id 1023 Behavior: qpp Committed Access Rate: CIR 2000 (kbps), CBS 125000 (Bytes), EBS 512 (Bytes) pass Green action Yellow action : pass Red action : discard...

  • Page 90: Qppb Configuration Example In An Ipv6 Network

    QPPB configuration example in an IPv6 network Network requ irements As sh own in Figure 24, all routers run BGP. Conf igure QPPB so that Router B can perform the following tasks: Receive routes. • Set the QPPB IP precedence value. •...
  • Page 91 # Enable QPPB on interface GigabitEthernet 2/1/0. [RouterB] interface gigabitethernet 2/1/0 [RouterB-GigabitEthernet2/1/0] bgp-policy destination ip-prec-map # Configure a QoS policy. [RouterB] traffic classifier qppb [RouterB-classifier-qppb] if-match ip-precedence 4 [RouterB-classifier-qppb ] quit [RouterB] traffic behavior qppb [RouterB-behavior-qppb] car cir 512 red discard [RouterB-behavior-qppb] quit [RouterB] qos policy qppb [RouterB-qospolicy-qppb] classifier qppb behavior qppb...
  • Page 92 Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 terface : NULL0 Cost # Verify that the re lated routes on Router B take effect. [RouterB] display ipv6 routing-table Destinations : 9 Routes : 9 Destination: ::1/128 Protocol : Direct NextHop : ::1 Preference: 0...
  • Page 93 Direction: Inbou Policy: qppb Classifier: default-class Matched : 0 (Packets) 0 (Byte 5-minute statistics: Forwarded: 0/0 (pps/bps) Dropped : 0/0 (pps/ bps) Operator: AND Rule(s) : If-match a Behavior: b -none- assifier: q Matched : 0 (Packets) 0 (Bytes) -minute st atistics: Forwarded: 0/0 (pps/bps) Dropped...

  • Page 94: Appendixes

    Appendixes Appe ix A A cronym Table 5 Appendix A Acronym Acro ym Full spelling Assured Forwarding Best Effort Bandwidth Queuing Committed Access Rate Committed Burst Size Class Based Queuing CBWFQ Class Based Weighted Fair Queuing Customer Edge Committed Information Rate Custom Queuing DiffServ Differentiated Service...

  • Page 95: Appendix B Default Uncolored Priority Maps

    Acronym Full spelling Quality of Service QPPB QoS Policy Propagation Through the Border Gateway Protocol Random Early Detection RSVP Resource Reservation Protocol Real-Time Transport Protocol Traffic Engineering Type of Service VoIP Voice over IP Virtual Private Network Weighted Fair Queuing WRED Weighted Random Early Detection Appendix B Default uncolored priority maps...

  • Page 96: Appendix C Introduction To Packet Precedences

    Input priority value dscp-lp map 48 to 55 56 to 63 Appendix C Introduction to packet precedences IP precedence and DSCP values Figure 25 ToS and DS fields Bits: Preced Type of IPv4 T DS-Field DSCP ence Service (for IPv4,ToS octet,and fo r IPv6,Traffic Class octet...

  • Page 97: 802.1P Priority

    DSCP value (decimal) DSCP value (binary) Description 001110 af13 010010 af21 010100 af22 010110 af23 011010 af31 011100 af32 011110 af33 100010 af41 100100 af42 1001 af43 001000 0100 0110 1000 1010 1100 1110 000000 be (default) 802.1p priority 802.1p priority lies in the Layer 2 header. It applies to occasions where Layer 3 header analysis is not needed and QoS must be assured at Layer 2.
  • Page 98 Figure 27 802.1Q tag header Table 10 Description on 802.1p priority 802.1p priority (decimal) 802.1p priority (binary) Description best-effort background spare excellent-effort controlled-load video voice network-management...

  • Page 99: Configuring Mpls Qos

    Configuring MPLS QoS Overview MPLS uses 3 bits, called EXP bits, to carry class-of-service inform ation to provide support for DiffServ. MPLS QoS identifies different traffic flows with different EXP bits and implements differentiated services. MPLS QoS can guarantee low dela y and low packet loss ratio for critical service traffic, such as voice nd video traffic.

  • Page 100: Configuring Mpls Priority Marking

    Step Command Remarks interface interface-type Enter interface view. interface-number qos car { inbound | outbound } { any | acl [ ipv6 ] acl-number } cir committed-information-rate [ cbs Configure an MPLS CAR committed-burst-size [ ebs By default, no CAR policy is policy for the interface.
  • Page 101 Step Command Remarks Apply the QoS policy to an For more information, see By default, a QoS policy is not interface. "Configuring a QoS policy." applied to an interface.

  • Page 102: Configuring Time Ranges

    Configuring time ranges You can implement a service based on the time of the day by appl ying a time range to it. A time-based service only takes effect in any time periods specified by the time ra nge. For example, you can implement time-based ACL rules by applying a time range to them.
  • Page 103 Figure 28 Network diagram Server Host A GE2/1/0 GE2/1/1 192.168.1.2/24 Router A 192.168.0.100/24 Host B 192.168.1.3/24 Configuration proce dure Create a per odic time range during 8: 00 and 18:00 on w orking days from June 2013 to the end of the year.

  • Page 104: Support And Other Resources

    Related inform ation Docum ents o find related docum ents, browse to the Manuals page of the HP Business Support Center website: http: //www.hp.c /support/manuals For related docu mentation, navigate to the Net working section, and select a networking category.

  • Page 105: Conventions

    Conventions This sectio describes the conventions used in this documentation set. Command conventions Convention Descri ption Boldface Bold text represents commands and keywords th at you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choic es (keywords or arguments) that are optional.
  • Page 106 Network topol ogy icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, su ch as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.

  • Page 107: Index

    A C D I M N O P Q R T Configuring WFQ,51 Configuring WRED on an interface,64 CL configuration example,15 Contacting HP,102 Appendix A Acronym,92 Conventions,103 Appendix B Default uncolored priority maps,93 Copying an ACL,12 Appendix C Introduction to packet...
  • Page 108 Priority mapping table and priority marking configuration example, Related information, 1 02 QoS service models, Time range configuration example, 1 00 QoS techniques overview, Traffic policing and GTS configuration example, QPPB configuration examples, QPPB configuration task list, QPPB fundamentals,...

This manual is also suitable for:

Msr3064Msr4060Msr4000Msr3044Msr3024Msr3012 ... Show all

Table of Contents