H3C S5120-EI series Configuration Manual
  1. Manuals
  2. Brands
  3. H3C Manuals
  4. Switch
  5. S5120-EI Series
  6. Configuration manual
H3C S5120-EI series Configuration Manual

H3C S5120-EI series Configuration Manual

Hide thumbs Also See for S5120-EI series:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Configuration Manual, Operating Manual
H3C S5120-EI Switch Series
ACL and QoS Configuration Guide
Hangzhou H3C Technologies Co., Ltd.
http://www.h3c.com
Software version: Release 2220
Document version: 6W100-20130810

Advertisement

Table of Contents
loading

Related Manuals for H3C S5120-EI series

Summary of Contents for H3C S5120-EI series

  • Page 1 H3C S5120-EI Switch Series ACL and QoS Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 2220 Document version: 6W100-20130810...
  • Page 2 Copyright © 2013, Hangzhou H3C Technologies Co., Ltd. and its licensors All rights reserved No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Hangzhou H3C Technologies Co., Ltd.
  • Page 3 The H3C S5120-EI documentation set includes 10 configuration guides, which describe the software features for the H3C S5120-EI Switch Series Release 2220, and guide you through the software configuration procedures. These configuration guides also provide configuration examples to help you apply software features to different network scenarios.
  • Page 4 Convention Description Braces enclose a set of required syntax choices separated by vertical bars, from which { x | y | ... } you select one. Square brackets enclose a set of optional syntax choices separated by vertical bars, from [ x | y | ...
  • Page 5 Layer 2 forwarding and other Layer 2 features. Port numbering in examples The port numbers in this document are for illustration only and might be unavailable on your device. About the S5120-EI documentation set The H3C S5120-EI documentation set includes: Category Documents Purposes Marketing brochure Describe product specifications and benefits.

  • Page 6: Obtaining Documentation

    Obtaining documentation You can access the most up-to-date H3C product documentation on the World Wide Web at http://www.h3c.com. Click the links on the top navigation bar to obtain different categories of product documentation: [Technical Support & Documents > Technical Documents] –...

  • Page 7: Table Of Contents

    Contents Configuring ACLs ························································································································································· 1   Overview ············································································································································································ 1   Applications on the switch ······································································································································ 1   ACL categories ························································································································································· 1   Numbering and naming ACLs ································································································································ 1   Match order ······························································································································································ 2   ACL rule comments and rule range remarks ········································································································· 2  ...
  • Page 8 Configuration procedure ······································································································································ 20   Defining a traffic behavior ············································································································································ 21   Defining a policy ···························································································································································· 22   Configuration restrictions and guidelines ··········································································································· 22   Configuration procedure ······································································································································ 22   Applying the QoS policy ··············································································································································· 22   Applying the QoS policy to an interface ············································································································ 23  ...
  • Page 9 Configuration procedure ······································································································································ 47   Configuration example ········································································································································· 48   Configuring WRR queuing ············································································································································ 48   Configuration procedure ······································································································································ 48   Configuration example ········································································································································· 49   Configuring WFQ queuing ··········································································································································· 49   Configuration procedure ······································································································································ 49   Configuration example ········································································································································· 50  ...
  • Page 10 Appendix B Packet precedences ······························································································································ 71   IP precedence and DSCP values ·································································································································· 71   802.1p priority ······························································································································································ 72   Index ··········································································································································································· 74  ...

  • Page 11: Configuring Acls

    Configuring ACLs Unless otherwise stated, ACLs refer to both IPv4 and IPv6 ACLs throughout this document. Overview An access control list (ACL) is a set of rules (or permit or deny statements) for identifying traffic based on criteria such as source IP address, destination IP address, and port number. ACLs are primarily used for packet filtering.

  • Page 12: Match Order

    basic or advanced ACL, its ACL number and name must be unique among all IPv6 ACLs. You can assign an IPv4 ACL and an IPv6 ACL the same number and name. Match order The rules in an ACL are sorted in a specific order. When a packet matches a rule, the device stops the match process and performs the action defined in the rule.

  • Page 13: Acl Rule Numbering

    Traditional packet filtering matches only first fragments of packets, and allows all subsequent non-first fragments to pass through. Attackers can fabricate non-first fragments to attack networks. To avoid the risks, the H3C ACL implementation: Filters all fragments by default, including non-first fragments.

  • Page 14: Configuring A Time Range

    Task Remarks Configuring a basic ACL Required Configure at least one task. Configuring an advanced ACL Applicable to IPv4 and IPv6 except that simple ACLs Configuring an Ethernet frame header ACL are for IPv6. Optional Copying an ACL Applicable to IPv4 and IPv6. Optional Configuring packet filtering with ACLs Applicable to IPv4 and IPv6.

  • Page 15: Configuring An Ipv6 Basic Acl

    Step Command Remarks By default, no ACL exists. acl number acl-number Create an IPv4 IPv4 basic ACLs are numbered in the range of 2000 to [ name acl-name ] basic ACL and 2999. [ match-order { auto | enter its view. You can use the acl name acl-name command to enter config } ] the view of a named IPv4 ACL.

  • Page 16: Configuring An Advanced Acl

    Step Command Remarks rule [ rule-id ] { deny | By default, an IPv6 basic ACL does not contain any permit } [ counting | rule. fragment | logging | If the ACL is for QoS traffic classification or packet routing [ type routing-type ] Create or edit a filtering, do not specify the fragment and routing...

  • Page 17: Configuring An Ipv6 Advanced Acl

    Step Command Remarks rule [ rule-id ] { deny | permit } protocol [ { { ack ack-value | fin fin-value | psh psh-value | rst rst-value | syn syn-value | urg By default, an IPv4 advanced ACL does not urg-value } * | established } | contain any rule.

  • Page 18: Configuring An Ethernet Frame Header Acl

    Step Command Remarks By default, no ACL exists. Create an IPv6 acl ipv6 number acl6-number IPv6 advanced ACLs are numbered in the range of advanced ACL [ name acl6-name ] 3000 to 3999. and enter its [ match-order { auto | config } ] You can use the acl ipv6 name acl6-name command view.

  • Page 19: Copying An Acl

    Step Command Remarks Enter system system-view view. By default, no ACL exists. Create an acl number acl-number Ethernet frame Ethernet frame header ACLs are numbered in the [ name acl-name ] header ACL range of 4000 to 4999. [ match-order { auto | and enter its You can use the acl name acl-name command to enter config } ]...

  • Page 20: Copying An Ipv6 Acl

    Step Command Enter system view. system-view Copy an existing IPv4 ACL to create a acl copy { source-acl-number | name source-acl-name } to new IPv4 ACL. { dest-acl-number | name dest-acl-name } Copying an IPv6 ACL Step Command Enter system view. system-view acl ipv6 copy { source-acl6-number | name Copy an existing IPv6 ACL to generate a...

  • Page 21: Applying An Ipv6 Acl For Packet Filtering

    Step Command Remarks Set the interval for generating acl logging frequence By default, the interval is 0. No IPv4 and outputting IPv4 packet frequence packet filtering logs are generated. filtering logs. Applying an IPv6 ACL for packet filtering Step Command Remarks Enter system view.

  • Page 22: Configuration Example Of Using Acl For Device Management

    Configuration example of using ACL for device management Network requirements As shown in Figure 1, configure ACLs so that: Host A can telnet to the switch only during the working time (8:30 to 18:00 of every working day). • • As a TFTP client, the switch can get files from only the server 1 1.1.1.100.

  • Page 23: Ipv4 Packet Filtering Configuration Example

    Limit the access to the TFTP server: # Create IPv4 basic ACL 2001, and configure a rule for the ACL to permit only the packets sourced from 11.1.1.100. [Switch] acl number 2001 [Switch-acl-basic-2001] rule permit source 11.1.1.100 0 [Switch-acl-basic-2001] quit # Use ACL 2001 to control the switch's access to a specific TFTP server.

  • Page 24: Ipv6 Packet Filtering Configuration Example

    [DeviceA-acl-basic-2009] rule permit source 192.168.1.2 0 time-range study logging [DeviceA-acl-basic-2009] rule deny source any time-range study [DeviceA-acl-basic-2009] quit # Enable the device to generate and output IPv4 packet filtering logs at 10-minute intervals. [DeviceA] acl logging frequence 10 # Configure the device to output informational log messages to the console. [DeviceA] info-center source default channel 0 log level informational # Apply IPv4 ACL 2009 to filter incoming packets on GigabitEthernet 1/0/1.
  • Page 25 [DeviceA] info-center source default channel 0 log level informational # Apply IPv6 ACL 2009 to filter incoming packets on GigabitEthernet 1/0/1. [DeviceA] interface gigabitethernet 1/0/1 [DeviceA-GigabitEthernet1/0/1] packet-filter ipv6 2009 inbound [DeviceA-GigabitEthernet1/0/1] quit...

  • Page 26: Qos Overview

    QoS overview In data communications, Quality of Service (QoS) is a network’s ability to provide differentiated service guarantees for diversified traffic in terms of bandwidth, delay, jitter, and drop rate. Network resources are scarce. The contention for resources requires that QoS prioritize important traffic flows over trivial ones.

  • Page 27: Qos Techniques

    QoS techniques The QoS techniques include traffic classification, traffic policing, traffic shaping, rate limit, congestion management, and congestion avoidance. They address problems that arise at different positions of a network. Figure 4 Placement of the QoS techniques in a network As shown in Figure 4, traffic classification, traffic shaping, traffic policing, congestion management, and...

  • Page 28: Qos Configuration Approaches

    QoS configuration approaches You can configure QoS in these approaches: MQC approach • Non-MQC approach • Some features support both approaches, but some support only one. MQC approach In modular QoS configuration (MQC) approach, you configure QoS service parameters by using QoS policies (see "Configuring a QoS policy").

  • Page 29: Configuring A Qos Policy

    Configuring a QoS policy Overview A QoS policy is a set of class-behavior associations and defines the shaping, policing, or other QoS actions to take on different classes of traffic. A class is a set of match criteria for identifying traffic and it uses the AND or OR operator: •...

  • Page 30: Configuration Restrictions And Guidelines

    Configuration restrictions and guidelines If a class that uses the AND operator has multiple if-match acl, if-match acl ipv6, if-match • customer-vlan-id or if-match service-vlan-id clauses, a packet that matches any of the clauses matches the class. To successfully execute the traffic behavior associated with a traffic class that uses the AND operator, •...

  • Page 31: Defining A Traffic Behavior

    Option Description Matches DSCP values. dscp dscp-list The dscp-list argument is a list of up to eight DSCP values. A DSCP value can be a number from 0 to 63 or any keyword in Table destination-mac mac-address Matches a destination MAC address. Matches the 802.1p priority of the customer network.

  • Page 32: Defining A Policy

    Defining a policy You associate a behavior with a class in a QoS policy to perform the actions defined in the behavior for the class of packets. Configuration restrictions and guidelines If an ACL is referenced by a QoS policy for defining traffic match criteria, packets matching the ACL •...

  • Page 33: Applying The Qos Policy To An Interface

    Applying the QoS policy to an interface A policy can be applied to multiple interfaces, but only one policy can be applied in inbound direction of an interface. To apply the QoS policy to an interface: Step Command Remarks Enter system view. system-view •...

  • Page 34: Applying The Qos Policy To A Vlan

    Applying the QoS policy to a VLAN You can apply a QoS policy to a VLAN to regulate traffic of the VLAN. QoS policies cannot be applied to dynamic VLANs, such as VLANs created by GVRP. To apply the QoS policy to a VLAN: Step Command Remarks...

  • Page 35: Displaying And Maintaining Qos Policies

    In a QoS policy for control planes, if a system index classifier is configured, the associated traffic • behavior can contain only the car action or the combination of car and accounting packet actions. In addition, if the CAR action is configured, only its CIR setting can be applied. •...
  • Page 36 Clear the statistics for the QoS reset qos policy control-plane slot slot-number Available in user policy applied to a control plane. [ inbound ] view...

  • Page 37: Configuring Priority Mapping

    Configuring priority mapping Overview When a packet enters a device, depending on your configuration, the device assigns a set of QoS priority parameters to the packet based on either a certain priority field carried in the packet or the port priority of the incoming port.

  • Page 38: Priority Trust Mode On A Port

    Priority trust mode on a port The priority trust mode on a port decides which priority is used for priority mapping table lookup. Port priority was introduced to use for priority mapping in addition to priority fields carried in packets. The Switch Series provides the following priority trust modes: Using the 802.1p priority carried in packets for priority mapping.

  • Page 39: Priority Mapping Procedure

    Table 5 Priority mapping results of not trusting packet priority (when the default dot1p-lp priority mapping table is used) Local precedence Queue ID Port priority 0 (default) The priority mapping procedure varies with the priority modes. For more information, see the subsequent section.

  • Page 40: Configuration Guidelines

    DSCP values rather than the marked DSCP values. Configuration guidelines You can modify priority mappings by modifying priority mapping tables, priority trust mode on a port, and port priority. H3C recommends planning QoS throughout the network before making your QoS configuration.

  • Page 41: Configuring A Priority Mapping Table

    Configuring a priority mapping table Step Command Remarks Enter system system-view view. Enter priority qos map-table { dot1p-dp | dot1p-lp | dscp-dot1p | mapping table dscp-dp | dscp-dscp } view. Configure the Newly configured priority mapping import import-value-list export export-value mappings overwrite the table.

  • Page 42: Displaying Priority Mappings

    Step Command Remarks • Enter interface view: Use either command. interface interface-type Settings in interface view take effect on interface-number Enter interface view or the current interface. Settings in port port group view. • Enter port group view: group view take effect on all ports in the port-group manual port group.

  • Page 43: Configuration Procedure

    Configuration procedure # Assign port priority to GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2. Make sure that the priority of GigabitEthernet 1/0/1 is higher than that of GigabitEthernet 1/0/2, and no trusted packet priority type is configured on GigabitEthernet 1/0/1 or GigabitEthernet 1/0/2. <DeviceC>...

  • Page 44: Configuration Procedure

    Figure 8 Network diagram Internet Host Host Server Server GE1/0/5 GE1/0/2 GE1/0/3 Management department R&D department GE1/0/4 GE1/0/1 Device Host Server Public servers Marketing department Configuration procedure Configure trusting port priority: # Set the port priority of GigabitEthernet 1/0/1 to 3. <Device>...
  • Page 45 [Device-maptbl-dot1p-lp] import 5 export 4 [Device-maptbl-dot1p-lp] quit Configure priority marking: # Mark the HTTP traffic of the management department, marketing department, and R&D department to the Internet with 802.1p priorities 4, 5, and 3, respectively. Use the priority mapping table you have configured to map the 802.1p priorities to local precedence values 6, 4, and 2, respectively, for differentiated traffic treatment.

  • Page 46: Configuring Traffic Policing, Traffic Shaping, And Rate Limit

    Configuring traffic policing, traffic shaping, and rate limit Overview Traffic policing, traffic shaping, and rate limit are QoS technologies that help assign network resources, such as assign bandwidth. They increase network performance and user satisfaction. For example, you can configure a flow to use only the resources committed to it in a certain time range. This avoids network congestion caused by burst traffic.

  • Page 47: Traffic Policing

    Peak information rate (PIR)—Rate at which tokens are put into bucket E, which specifies the average • packet transmission or forwarding rate allowed by bucket E. Excess burst size (EBS)—Size of bucket E, which specifies the transient burst of traffic that bucket E •...

  • Page 48: Traffic Shaping

    Traffic shaping IMPORTANT: Traffic shaping shapes the outbound traffic. Traffic shaping limits the outbound traffic rate by buffering exceeding traffic. You can use traffic shaping to adapt the traffic output rate on a device to the input traffic rate of its connected device to avoid packet loss.

  • Page 49: Configuring Traffic Policing

    The rate limit of a physical interface specifies the maximum rate for forwarding packets (including critical packets). Rate limit also uses token buckets for traffic control. With rate limit configured on an interface, all packets to be sent through the interface are handled by the token bucket at the set rate limit value. If enough tokens are in the token bucket, packets can be forwarded.

  • Page 50: Configuring Gts

    Step Command Remarks Return to system view. quit Create a behavior and enter traffic behavior behavior-name behavior view. car cir committed-information-rate [ cbs committed-burst-size [ ebs Configure a traffic policing excess-burst-size ] ] [ pir action. peak-information-rate ] [ green action ] [ yellow action ] [ red action ] Return to system view.

  • Page 51: Displaying And Maintaining Traffic Policing, Gts, And Rate Limit

    To configure the rate limit: Step Command Remarks Enter system view. system-view • Enter interface view: interface interface-type Use either command. interface-number Enter interface view Settings in interface view take effect on the or port group view. • Enter port group view: current interface.

  • Page 52: Configuration Procedures

    Figure 13 Network diagram Configuration procedures Configure Device A: # Configure ACL 2001 and ACL 2002 to match traffic from Server and Host A, respectively. <DeviceA> system-view [DeviceA] acl number 2001 [DeviceA-acl-basic-2001] rule permit source 1.1.1.1 0 [DeviceA-acl-basic-2001] quit [DeviceA] acl number 2002 [DeviceA-acl-basic-2002] rule permit source 1.1.1.2 0 [DeviceA-acl-basic-2002] quit # Create a class named server, and use ACL 2001 as the match criterion.
  • Page 53 [DeviceA-qospolicy-car] quit # Apply QoS policy car to the incoming traffic of port GigabitEthernet 1/0/1. [DeviceA] interface GigabitEthernet 1/0/1 [DeviceA-GigabitEthernet1/0/1] qos apply policy car inbound Configure Device B: # Configure advanced ACL 3001 to match HTTP traffic. <DeviceB> system-view [DeviceB] acl number 3001 [DeviceB-acl-adv-3001] rule permit tcp destination-port eq 80 [DeviceB-acl-adv-3001] quit # Create a class named http, and use ACL 3001 as the match criterion.

  • Page 54: Configuring Congestion Management

    Configuring congestion management Overview Network congestion degrades service quality on a traditional network. Congestion is a situation where the forwarding rate decreases due to insufficient resources, resulting in extra delay. Congestion is more likely to occur in complex packet switching circumstances. Figure 14 shows two common cases:...

  • Page 55: Wrr Queuing

    Figure 15 SP queuing Queue 7 High priority Packets to be sent through this port Queue 6 Sent packets Interface …… Queue 1 Sending queue Packet Queue classification scheduling Queue 0 Low priority Figure 15, SP queuing classifies eight queues on a port into eight classes, numbered 7 to 0 in descending priority order.

  • Page 56: Wfq Queuing

    Figure 16 WRR queuing Assume a port provides eight output queues. WRR assigns each queue a weight value (represented by w7, w6, w5, w4, w3, w2, w1, or w0) to decide the proportion of resources assigned to the queue. On a 1000 Mbps port, you can configure the weight values of WRR queuing to 5, 5, 3, 3, 1, 1, 1, and 1 (corresponding to w7, w6, w5, w4, w3, w2, w1, and w0, respectively).

  • Page 57: Sp+Wrr Queuing

    By setting the minimum guaranteed bandwidth, you can make sure that each WFQ queue is • assured of certain bandwidth. The assignable bandwidth is allocated based on the weight of each queue (assignable bandwidth • = total bandwidth – the sum of minimum guaranteed bandwidth of each queue). For example, assume the total bandwidth of a port is 10 Mbps, and the port has eight queues, with weights as 1, 1, 1, 1, 3, 3, 5, and 5 and the minimum guaranteed bandwidth as 128 kbps for each queue.

  • Page 58: Configuration Example

    Step Command Remarks The default queuing algorithm on an Configure SP queuing. qos sp interface is WRR queuing. display qos sp interface Optional. Display SP queuing [ interface-type interface-number ] [ | configuration. { begin | exclude | include } Available in any view regular-expression ] Configuration example...

  • Page 59: Configuration Example

    Configuration example Network requirements • Enable byte-count WRR on port GigabitEthernet 1/0/1. Assign queues 0 through 7 to the WRR group, with their weights being 1, 2, 4, 6, 8, 10, 12, and • 14, respectively. Configuration procedure # Enter system view. <Sysname>...

  • Page 60: Configuration Example

    Step Command Remarks Configure the minimum Optional. qos bandwidth queue queue-id min guaranteed bandwidth bandwidth-value 64 kbps by default for each queue. for a WFQ queue. display qos wfq interface [ interface-type Optional. Display WFQ queuing interface-number ] [ | { begin | exclude | configuration.

  • Page 61: Configuration Example

    Step Command Remarks • Enter interface view: interface interface-type Use either command. interface-number Enter interface view or port Settings in interface view take effect on the group view. • Enter port group current interface. Settings in port group view view: take effect on all ports in the port group.

  • Page 62: Configuring Sp+Wfq Queuing

    Configuring SP+WFQ queuing Configuration procedure To configure SP + WFQ queuing: Step Command Remarks Enter system view. system-view • Enter interface view: Use either command. interface interface-type Settings in interface view take effect on interface-number Enter interface view or port the current interface.

  • Page 63: Displaying And Maintaining Queue-Based Accounting

    [Sysname] interface GigabitEthernet 1/0/1 [Sysname-GigabitEthernet1/0/1] qos wfq weight [Sysname-GigabitEthernet1/0/1] qos wfq 0 group sp [Sysname-GigabitEthernet1/0/1] qos wfq 1 group sp [Sysname-GigabitEthernet1/0/1] qos wfq 2 group sp [Sysname-GigabitEthernet1/0/1] qos wfq 3 group sp [Sysname-GigabitEthernet1/0/1] qos wfq 4 group 1 weight 2 [Sysname-GigabitEthernet1/0/1] qos bandwidth queue 4 min 128 [Sysname-GigabitEthernet1/0/1] qos wfq 5 group 1 weight 4 [Sysname-GigabitEthernet1/0/1] qos bandwidth queue 5 min 128...

  • Page 64: Configuring Traffic Filtering

    Configuring traffic filtering Traffic filtering filters traffic matching certain criteria. For example, you can filter packets sourced from a specific IP address according to network status. Configuration procedure To configure traffic filtering: Step Command Remarks Enter system view. system-view Create a class and enter traffic classifier tcl-name [ operator { and class view.

  • Page 65: Traffic Filtering Configuration Example

    Traffic filtering configuration example Network requirements As shown in Figure 18, Host is connected to GigabitEthernet 1/0/1 of Device. Configure traffic filtering to filter the packets with source port being 21, and received on GigabitEthernet 1/0/1. Figure 18 Network diagram Host Device GE1/0/1...

  • Page 66: Configuring Priority Marking

    Configuring priority marking Priority marking sets the priority fields or flag bits of packets to modify the priority of traffic. For example, you can use priority marking to set IP precedence or DSCP for a class of IP traffic to change its transmission priority in the network.

  • Page 67: Configuration Procedure

    IMPORTANT: Do not use the remark command together with the car command in a traffic behavior to perform color-based marking. Configuration procedure To configure priority marking: Step Command Remarks Enter system view. system-view Create a class and enter traffic classifier tcl-name [ operator { and | class view.

  • Page 68: Local Precedence Re-Marking Configuration Example

    Local precedence re-marking configuration example Network requirements As shown in Figure 19, the company’s enterprise network interconnects hosts with servers through Device. The network is described as follows: Host A and Host B are connected to GigabitEthernet 1/0/1 of Device. •...
  • Page 69 # Create advanced ACL 3002, and configure a rule to match packets with destination IP address 192.168.0.3. [Device] acl number 3002 [Device-acl-adv-3002] rule permit ip destination 192.168.0.3 0 [Device-acl-adv-3002] quit # Create a class named classifier_dbserver, and use ACL 3000 as the match criterion in the class. [Device] traffic classifier classifier_dbserver [Device-classifier-classifier_dbserver] if-match acl 3000 [Device-classifier-classifier_dbserver] quit...

  • Page 70: Configuring Traffic Redirecting

    Configuring traffic redirecting Traffic redirecting is the action of redirecting the packets matching the specific match criteria to a certain location for processing. The following redirect actions are supported: Redirecting traffic to the CPU—redirects packets that require processing by the CPU to the CPU. •...
  • Page 71 Step Command Remarks • Applying the QoS policy to an interface Choose one • Applying the QoS policy to a VLAN application Apply the QoS policy. • destination as Applying the QoS policy globally needed. • Applying the QoS policy to the control plane...

  • Page 72: Configuring Class-Based Accounting

    Configuring class-based accounting Class-based accounting collects statistics (in packets) on a per-traffic class basis. For example, you can define the action to collect statistics for traffic sourced from a certain IP address. By analyzing the statistics, you can determine whether anomalies have occurred and what action to take. Configuration procedure To configure class-based accounting: Step...

  • Page 73: Class-Based Accounting Configuration Example

    Class-based accounting configuration example Network requirements As shown in Figure 20, Host is connected to GigabitEthernet 1/0/1 of Device A. Configure class-based accounting to collect statistics for traffic sourced from 1.1.1.1/24 and received on GigabitEthernet 1/0/1. Figure 20 Network diagram Configuration procedure # Create basic ACL 2000, and configure a rule to match packets with source IP address 1.1.1.1.
  • Page 74 Operator: AND Rule(s) : If-match acl 2000 Behavior: behavior_1 Accounting Enable: 28529 (Packets)

  • Page 75: Configuring The Data Buffer

    Configuring the data buffer Overview Data buffer The Switch Series provides the data buffer to buffer packets to be sent out ports to avoid packet loss when bursty traffic causes congestion. The switch controls how a port uses the data buffer by allocating the cell resource and packet resource (called "buffer resources").

  • Page 76: Data Buffer Configuration Approaches

    On a per-port basis—As illustrated by the vertical lines in Figure 21, the switch automatically divides • the dedicated resource among all ports evenly. On a per-queue basis—As illustrated by the horizontal lines in Figure 21, the dedicated resource of •...

  • Page 77: Using The Burst Function To Configure The Data Buffer Setup

    H3C does not recommend modifying the data buffer parameters unless you are sure that your device will benefit from the change. If a larger buffer is needed, H3C recommends that you enable the burst function to allocate the buffer automatically.

  • Page 78: Configuring The Packet Resource

    Step Command Remarks Optional. Configure the shared buffer egress [ slot slot-number ] resource area of the cell By default, the shared resource area cell total-shared ratio ratio resource in percentage. of the cell resource is 60%. Configuring the minimum guaranteed resource size for a queue When configuring the minimum guaranteed resource size for a queue, follow these guidelines: Modifying the minimum guaranteed resource size for a queue can affect those of the other queues, •...

  • Page 79: Applying The Data Buffer Settings

    allocate the remaining dedicated resource space among all queues that are not manually assigned a minimum guaranteed resource space. For example, if you set the minimum guaranteed resource size to 30% for a queue, the remaining seven queues will each share 10% of the dedicated resource of the port.

  • Page 80: Appendix A Default Priority Mapping Tables

    Appendix A Default priority mapping tables Priority mapping tables For the default dscp-dscp mapping table, an input value yields a target value equal to it. Table 7 Default dot1p-lp and dot1p-dp priority mapping tables Input priority value dot1p-lp mapping dot1p-dp mapping 802.1p priority (dot1p) Local precedence (lp) Drop precedence (dp)

  • Page 81: Appendix B Packet Precedences

    Appendix B Packet precedences IP precedence and DSCP values Figure 23 ToS and DS fields As shown in Figure 23, the ToS field in the IPv4 header contains eight bits, where the first three bits (0 to 2) represent IP precedence from 0 to 7; the Traffic Classes field in the IPv6 header contains eight bits, where the first three bits (0 to 2) represent IP precedence from 0 to 7.

  • Page 82: 802.1P Priority

    DSCP value (decimal) DSCP value (binary) Description 010100 af22 010110 af23 011010 af31 011100 af32 011110 af33 100010 af41 100100 af42 100110 af43 001000 010000 011000 100000 101000 110000 111000 000000 be (default) 802.1p priority 802.1p priority lies in the Layer 2 header and applies to occasions where Layer 3 header analysis is not needed and QoS must be assured at Layer 2.
  • Page 83 Figure 25 802.1Q tag header Table 11 Description on 802.1p priority 802.1p priority (decimal) 802.1p priority (binary) Description best-effort background spare excellent-effort controlled-load video voice network-management...

  • Page 84: Index

    Index A C D I L M N O P Q T U Defining a traffic behavior,21 Displaying and maintaining ACLs,1 1 ACL configuration task list,3 Displaying and maintaining QoS policies,25 Applying the QoS policy,22 Displaying and maintaining queue-based accounting,53 Displaying and maintaining traffic accounting,62 Changing the port priority of an...
  • Page 85 techniques,17 Using the burst function to configure the data buffer setup,67 Traffic filtering configuration example,55 Traffic policing configuration example,41...

Table of Contents