H3C S7500E Series Configuration Manual
  1. Manuals
  2. Brands
  3. H3C Manuals
  4. Network Router
  5. H3C S7500E Series
  6. Configuration manual
H3C S7500E Series Configuration Manual

H3C S7500E Series Configuration Manual

Hide thumbs Also See for S7500E Series:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Command Manual, Operating Manual
H3C S7500E Series Ethernet Switches
ACL and QoS

Configuration Guide

Hangzhou H3C Technologies Co., Ltd.
http://www.h3c.com
Document Version: 20100722-C-1.01
Product Version: Release 6605 and Later

Advertisement

Table of Contents
loading

Related Manuals for H3C S7500E Series

Summary of Contents for H3C S7500E Series

  • Page 1: Configuration Guide

    H3C S7500E Series Ethernet Switches ACL and QoS Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Document Version: 20100722-C-1.01 Product Version: Release 6605 and Later...
  • Page 2 SecPro, SecPoint, SecEngine, SecPath, Comware, Secware, Storware, NQA, VVG, V G, V G, PSPT, XGbus, N-Bus, TiGem, InnoVision and HUASAN are trademarks of Hangzhou H3C Technologies Co., Ltd. All other trademarks that may be mentioned in this manual are the property of their respective owners.

  • Page 3: Document Organization

    Preface The H3C S7500E documentation set includes 12 configuration guides, which describe the software features for the H3C S7500E Series Ethernet Switches and guide you through the software configuration procedures. These configuration guides also provide configuration examples to help you apply software features to different network scenarios.
  • Page 4 Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional.
  • Page 5 Card datasheets Describe card specifications, features, and standards. Provides a complete guide to hardware installation Installation guide and hardware specifications. H3C N68 Cabinet Guides you through installing and remodeling H3C Installation and Remodel N68 cabinets. Introduction H3C Pluggable SFP [SFP+][XFP] Transceiver...

  • Page 6: Obtaining Documentation

    Required software version Pluggable modules supported by the card Obtaining Documentation You can access the most up-to-date H3C product documentation on the World Wide Web at http://www.h3c.com. Click the links on the top navigation bar to obtain different categories of product documentation: [Technical Support &...

  • Page 7: Table Of Contents

    Table of Contents 1 ACL Configuration·····································································································································1-1 ACL Overview ·········································································································································1-1 Introduction to ACL··························································································································1-1 Application of ACLs on the Switch ··································································································1-2 ACL Classification ···························································································································1-2 ACL Numbering and Naming ··········································································································1-3 Match Order·····································································································································1-3 ACL Rule Numbering Step ··············································································································1-4 Implementing Time-Based ACL Rules ····························································································1-5 IPv4 Fragments Filtering with ACLs ································································································1-5 ACL Configuration Task List ···················································································································1-5 Configuring an ACL·································································································································1-6 Creating a Time Range ···················································································································1-6...
  • Page 8 4 Priority Mapping Configuration················································································································4-1 Priority Mapping Overview ······················································································································4-1 Introduction to Priority Mapping·······································································································4-1 Priority Mapping Tables···················································································································4-1 Priority Trust Mode on a Port ··········································································································4-2 Priority Mapping Procedure·············································································································4-2 Priority Mapping Configuration Tasks ·····································································································4-4 Configuring Priority Mapping···················································································································4-5 Configuring a Priority Mapping Table ······························································································4-5 Configuring the Priority Trust Mode on a Port·················································································4-5 Configuring the Port Priority of a Port······························································································4-6 Displaying and Maintaining Priority Mapping··························································································4-6 Priority Mapping Configuration Examples·······························································································4-7...
  • Page 9 WRED Configuration Approaches···································································································7-2 Introduction to WRED Parameters ··································································································7-2 Configuring WRED on an Interface·········································································································7-2 Configuration Procedure··················································································································7-2 Configuration Example ····················································································································7-3 Displaying and Maintaining WRED ·········································································································7-3 8 Traffic Filtering Configuration··················································································································8-1 Traffic Filtering Overview ························································································································8-1 Configuring Traffic Filtering·····················································································································8-1 Support of Line Cards for the Traffic Filtering Function ··········································································8-2 Traffic Filtering Configuration Example···································································································8-3 Traffic Filtering Configuration Example ···························································································8-3 9 Priority Marking Configuration·················································································································9-1...
  • Page 10 14 Appendix A Default Priority Mapping Tables ·····················································································14-1 15 Appendix B Introduction to Packet Precedences ··············································································15-1 IP Precedence and DSCP Values ········································································································15-1 802.1p Priority ·······································································································································15-2 EXP Values ···········································································································································15-3 16 Index ·······················································································································································16-1...

  • Page 11: Acl Configuration

    Framework (IRF). Two S7500E series can be connected together to form a distributed IRF device. If an S7500E series is not in any IRF, it operates as a distributed device; if the S7500E series is in an IRF, it operates as a distributed IRF device. For introduction of IRF, see IRF Configuration Guide.

  • Page 12: Application Of Acls On The Switch

    efficiently prevent illegal users from accessing networks and to control network traffic and save network resources. Access control lists (ACL) are often used to filter packets with configured matching rules. ACLs are sets of rules (or sets of permit or deny statements) that decide what packets can pass and what should be rejected based on matching criteria such as source MAC address, destination MAC address, source IP address, destination IP address, and port number.

  • Page 13: Acl Numbering And Naming

    Category ACL number IP version Match criteria Source/destination IPv6 address, protocols IPv6 over IPv6, and other Layer 3 and Layer 4 header fields Layer 2 header fields, such as source and Ethernet frame 4000 to 4999 IPv4 and IPv6 destination MAC addresses, 802.1p priority, header ACLs and link layer protocol type ACL Numbering and Naming...

  • Page 14: Acl Rule Numbering Step

    ACL category Depth-first rule sorting procedures A rule configured with a VPN instance takes precedence. A rule configured with a specific protocol is prior to a rule with the protocol type set to IP. IP represents any protocol over IP. A rule with more 0s in the source IP address wildcard mask takes precedence.

  • Page 15: Implementing Time-Based Acl Rules

    example, the default ACL rule numbering step is 5. If you do assign IDs to rules you are creating, they are numbered 0, 5, 10, 15, and so on. The wider the numbering step, the more rules you can insert between two rules.

  • Page 16: Configuring An Acl

    Task Remarks Creating a Time Range Optional Configuring an IPv4 basic ACL Configuring an IPv4 advanced ACL Configuring an Ethernet Frame Header ACL Copying an IPv4 ACL Optional IPv6 ACL configuration task list Complete the following tasks to configure an IPv6 ACL: Task Remarks Creating a Time Range...

  • Page 17: Configuring A Basic Acl

    Configuring a Basic ACL Configuring an IPv4 basic ACL IPv4 basic ACLs match packets based on only source IP address. Follow these steps to configure an IPv4 basic ACL: To do… Use the command… Remarks Enter system view –– system-view Required By default, no ACL exists.
  • Page 18 You cannot create a rule with, or modify a rule to have, the same permit/deny statement as an existing rule in the ACL. When the ACL match order is auto, a newly created rule will be inserted among the existing rules in the depth-first match order.

  • Page 19: Configuring An Advanced Acl

    To do… Use the command… Remarks Optional Configure or edit a rule description rule rule-id comment text By default, an IPv6 basic ACL rule has no rule description. Note that: You can only modify the existing rules of an ACL that uses the match order of config. When modifying a rule of such an ACL, you may choose to change just some of the settings, in which case the other settings remain the same.
  • Page 20 To do… Use the command… Remarks Required By default, no ACL exists. IPv4 advanced ACLs are acl number acl-number [ name numbered in the range 3000 to Create an IPv4 advanced ACL and acl-name ] [ match-order { auto | 3999.
  • Page 21 You can only modify the existing rules of an ACL that uses the match order of config. When modifying a rule of such an ACL, you may choose to change just some of the settings, in which case the other settings remain the same. You cannot create a rule with, or modify a rule to have, the same permit/deny statement as an existing rule in the ACL.

  • Page 22: Configuring An Ethernet Frame Header Acl

    To do… Use the command… Remarks Required By default IPv6 advanced ACL rule [ rule-id ] { deny | permit } protocol does not contain any rule. [ { established | { ack ack-value | fin fin-value | psh psh-value | rst rst-value | To create or edit multiple rules, syn syn-value | urg urg-value } * } | repeat this step.
  • Page 23 Follow these steps to configure an Ethernet frame header ACL: To do… Use the command… Remarks Enter system view system-view –– Required By default, no ACL exists. Ethernet frame header ACLs are acl number acl-number [ name numbered in the range 4000 to Create an Ethernet frame header acl-name ] [ match-order { auto | 4999..

  • Page 24: Copying An Acl

    When the ACL match order is auto, a newly created rule will be inserted among the existing rules in the depth-first match order. Note that the IDs of the rules still remain the same. You can modify the match order of an ACL with the acl number acl-number [ name acl-name ] match-order { auto | config } command but only when it does not contain any rules.

  • Page 25: Displaying And Maintaining Acls

    Displaying and Maintaining ACLs To do... Use the command… Remarks Display configuration and match display acl { acl-number | all | name statistics for one or all IPv4 ACLs Available in any view acl-name } [ slot slot-number ] (distributed device) Display configuration and match display acl { acl-number | all | name statistics for one or all IPv4 ACLs...

  • Page 26: Network Diagram

    Network Diagram Figure 1-1 Network diagram for IPv4 ACL configuration President’s Office 192.168.1.0/24 Salary server 192.168.4.1 GE2/0/1 GE2/0/4 GE2/0/2 GE2/0/3 Switch Marketing department R&D department 192.168.3.0/24 192.168.2.0/24 Configuration Procedure Create a time range for office hours # Create a periodic time range spanning 8:00 to 18:00 in working days. <Switch>...

  • Page 27: Ipv6 Acl Configuration Example

    # Configure traffic behavior b_ market to deny matching packets. [Switch] traffic behavior b_market [Switch-behavior-b_market] filter deny [Switch-behavior-b_market] quit # Configure QoS policy p_rd to use traffic behavior b_rd for class c_rd. [Switch] qos policy p_rd [Switch-qospolicy-p_rd] classifier c_rd behavior b_rd [Switch-qospolicy-p_rd] quit # Configure QoS policy p_market to use traffic behavior b_market for class c_market.
  • Page 28 [Switch] traffic behavior b_rd [Switch-behavior-b_rd] filter deny [Switch-behavior-b_rd] quit # Configure QoS policy p_rd to use traffic behavior b_rd for class c_rd. [Switch] qos policy p_rd [Switch-qospolicy-p_rd] classifier c_rd behavior b_rd [Switch-qospolicy-p_rd] quit # Apply QoS policy p_rd to interface GigabitEthernet 2/0/1. [Switch] interface GigabitEthernet 2/0/1 [Switch-GigabitEthernet2/0/1] qos apply policy p_rd inbound 1-18...

  • Page 29: Qos Overview

    Framework (IRF). Two S7500E series can be connected together to form a distributed IRF device. If an S7500E series is not in any IRF, it operates as a distributed device; if the S7500E series is in an IRF, it operates as a distributed IRF device. For introduction of IRF, see IRF Configuration Guide.

  • Page 30: Intserv Service Model

    IntServ Service Model IntServ is a multiple services model that can accommodate multiple QoS requirements. In this model, an application must request a specific kind of service from the network before it can send data. The request is made by RSVP signaling. RSVP runs on each device from the source end to the destination end, and monitors each data flow to prevent each data flow from consuming too many resources.

  • Page 31: Positions Of The Qos Techniques In A Network

    Positions of the QoS Techniques in a Network Figure 2-1 Positions of the QoS techniques in a network As shown in Figure 2-1, traffic classification, traffic shaping, traffic policing, congestion management, and congestion avoidance mainly implement the following functions: Traffic classification uses certain match criteria to assign packets with the same characteristics to a class.

  • Page 32: Qos Configuration Approaches

    QoS Configuration Approaches This chapter covers the following topics: QoS Configuration Approach Overview Configuring a QoS Policy QoS Configuration Approach Overview Two approaches are available for you to configure QoS: policy-based and non policy-based. Some QoS features can be configured in either approach while some can be configured only in one approach.

  • Page 33: Defining A Class

    Figure 3-1 QoS policy configuration procedure Defining a Class To define a class, you need to specify a name for it and then configure match criteria in class view. Follow these steps to define a class: To do… Use the command… Remarks Enter system view —...
  • Page 34 Keyword and argument combination Description Specifies to match an IPv6 ACL specified by its number or name. The access-list-number argument acl ipv6 { access-list-number | name acl-name } specifies an ACL by its number, which ranges from 2000 to 3999; the name acl-name keyword-argument combination specifies an ACL by its name.
  • Page 35 Keyword and argument combination Description Specifies to match the packets of the VLANs of the operator’s network. The vlan-id-list argument is a list of VLAN IDs, in the form of vlan-id to vlan-id or service-vlan-id vlan-id-list multiple discontinuous VLAN IDs (separated by space).

  • Page 36: Defining A Traffic Behavior

    The matching criteria listed below must be unique in a traffic class with the operator being AND. Therefore, even though you can define multiple if-match clauses for these matching criteria or input multiple values for a list argument (such as the 8021p-list argument) listed below in a traffic class, avoid doing that.

  • Page 37: Applying The Qos Policy

    To do… Use the command… Remarks Create a policy and enter policy Required qos policy policy-name view Required classifier tcl-name behavior Specify the Associate a class with a behavior behavior-name [ mode dot1q-tag-manipulation keyword in the policy dot1q-tag-manipulation ] if the class-behavior association is defined for VLAN mapping.
  • Page 38 You can modify classes, behaviors, and class-behavior associations in a QoS policy even after it is applied. The QoS policies applied to ports, VLANs, and the system globally have descending priorities. For example, if a port and a VLAN carried on the port have both referenced a QoS policy for incoming traffic, the one on the port is used to match traffic prior to the one for the VLAN.
  • Page 39 To do… Use the command… Remarks Required The configuration made in user profile view takes effect when the user-profile is activated and there Enter user profile view user-profile profile-name are online users. See User Profile Configuration in the Security Configuration Guide for more information about user profiles.
  • Page 40 QoS policies cannot be applied to dynamic VLANs, for example, VLANs created by GVRP. Applying the QoS policy globally You can apply a QoS policy globally to the inbound or outbound direction of all ports. Follow these steps to apply the QoS policy globally: To do…...

  • Page 41: Displaying And Maintaining Qos Policies

    To do… Use the command… Remarks Enter control plane view (on a control-plane chassis chassis-number slot Required distributed IRF device) slot-number Apply the QoS policy to the qos apply policy policy-name { inbound | Required control plane outbound } The QoS policy applied to the control plane for a specific slot takes effect only on the slot. In case a global QoS policy conflicts with a control plane QoS policy, the control plane QoS policy takes effect on the control plane.
  • Page 42 To do… Use the command… Remarks display qos vlan-policy { name Display VLAN QoS policy policy-name | vlan [ vlan-id ] } configuration on a distributed IRF [ chassis chassis-number slot Available in any view device slot-number ] [ inbound | outbound ] Display information about QoS display qos policy global [ slot...
  • Page 43 3-12...

  • Page 44: Priority Mapping Configuration

    Priority Mapping Configuration When configuring priority mapping, go to these sections for information you are interested in: Priority Mapping Overview Priority Mapping Configuration Tasks Configuring Priority Mapping Displaying and Maintaining Priority Mapping Priority Mapping Configuration Examples Priority Mapping Overview Introduction to Priority Mapping The priorities of a packet determine its transmission priority.

  • Page 45: Priority Trust Mode On A Port

    The priority trust mode on a port decides which priority is used for priority mapping table lookup. There are two priority trust modes on the H3C S7500E series switches: dot1p: Uses the 802.1p priority carried in packets for priority mapping.
  • Page 46 Figure 4-1 Priority mapping procedure for an Ethernet packet Receive a packet on a port Which priority is DSCP in packets trusted on the port? Look up the dscp-dp, dscp- 802.1p in dot1p, and dscp- packets dscp tables Mark the packet Use the port with 802.1p Is the packet...

  • Page 47: Priority Mapping Configuration Tasks

    Figure 4-2 Priority mapping procedure for an MPLS packet Receive a packet Look up the Look up the exp-dp table exp-dot1p table Mark the packet Mark the packet with drop with new 802.1p precedence priority Look up the dot1p-lp table Mark the packet with local precedence...

  • Page 48: Configuring Priority Mapping

    Configuring Priority Mapping Configuring a Priority Mapping Table Follow these steps to configure an uncolored priority mapping table: To do… Use the command… Remarks Enter system view system-view — qos map-table { dot1p-dp | dot1p-exp | dot1p-lp | Enter priority mapping table view Required dscp-dot1p | dscp-dp | dscp-dscp | exp-dot1p | exp-dp }...

  • Page 49: Configuring The Port Priority Of A Port

    To do… Use the command… Remarks Trust the 802.1p undo qos trust priority in packets Display the priority trust Optional display qos trust interface mode configuration on the [ interface-type interface-number ] Available in any view port Configuring the Port Priority of a Port You can change the port priority of a port used for priority mapping.

  • Page 50: Priority Mapping Configuration Examples

    Priority Mapping Configuration Examples Priority Mapping Table and Priority Marking Configuration Example For information about priority marking, see Priority Marking Configuration. Network requirements As shown in Figure 4-3, the enterprise network of a company interconnects all departments through Device. The network is described as follows: The marketing department connects to GigabitEthernet 2/0/1 of Device, which sets the 802.1p priority of traffic from the marketing department to 3.
  • Page 51 Figure 4-3 Network diagram for priority mapping table and priority marking configuration Internet Host Host Server Server GE2/0/5 GE2/0/3 GE2/0/2 Management department R&D department GE2/0/4 GE2/0/1 Device Data server Host Server Mail server Public servers Marketing department Configuration procedure Configure trusting port priority # Set the port priority of GigabitEthernet 2/0/1 to 3.
  • Page 52 # Mark the HTTP traffic of the management department, marketing department, and R&D department to the Internet with 802.1p priorities 4, 5, and 3 respectively. Use the priority mapping table configured above to map the 802.1p priorities to local precedence values 6, 4, and 2 respectively for differentiated traffic treatment.

  • Page 53: Traffic Policing, Traffic Shaping, And Line Rate Overview

    Traffic Policing, Traffic Shaping, and Line Rate Configuration When configuring traffic classification, traffic policing, and traffic shaping, go to these sections for information you are interested in: Traffic Policing, Traffic Shaping, and Line Rate Overview Configuring Traffic Policing Configuring GTS Configuring the Line Rate Displaying and Maintaining Traffic Policing, GTS, and Line Rate Traffic Policing, Traffic Shaping, and Line Rate Overview...

  • Page 54: Traffic Policing

    Evaluation is performed for each arriving packet. In each evaluation, if the number of tokens in the bucket is enough, the traffic conforms to the specification and the corresponding tokens for forwarding the packet are taken away; if the number of tokens in the bucket is not enough, it means that too many tokens have been used and the traffic is excessive.

  • Page 55: Traffic Shaping

    Figure 5-1 Schematic diagram for traffic policing Tokens are put into the bucket at the set rate Packets to be sent through this interface Packets sent Packet classification Token bucket Queue Packets dropped Traffic policing is widely used in policing traffic entering the networks of internet service providers (ISPs).

  • Page 56: Line Rate

    Figure 5-2 Schematic diagram for GTS Tokens are put into the bucket at the set rate Packets to be sent through this interface Packets sent Packet classification Token bucket Queue Packets dropped For example, in Figure 5-3, Switch A sends packets to Switch B. Switch B performs traffic policing on packets from Switch A and drops packets exceeding the limit.

  • Page 57: Configuring Traffic Policing

    Figure 5-4 Line rate implementation In the token bucket approach to traffic control, bursty traffic can be transmitted so long as enough tokens are available in the token bucket; if tokens are inadequate, packets cannot be transmitted until the required number of tokens are generated in the token bucket. Thus, traffic rate is restricted to the rate for generating tokens, thus limiting traffic rate and allowing bursty traffic.

  • Page 58: Configuration Example

    To do… Use the command… Remarks Required car cir committed-information-rate [ cbs committed-burst-size [ ebs On SC, SA, and EA LPUs, Configure a traffic policing excess-burst-size ] ] [ pir the granularity of traffic action peak-information-rate ] [ green action ] policing is 64 kbps.

  • Page 59: Configuring Gts

    [Sysname-GigabitEthernet2/0/1] qos apply policy http inbound Configuring GTS Configuration Procedure On the H3C S7500E series switches, traffic shaping is implemented as queue-based GTS, that is, configuring GTS parameters for packets of a certain queue. Follow these steps to configure queue-based GTS: To do…...

  • Page 60: Configuration Example

    Configuration Example Configure GTS on GigabitEthernet2/0/1, shaping the packets of queue 1 when the sending rate exceeds 512 kbps. # Enter system view. <Sysname> system-view # Enter interface view. [Sysname] interface gigabitethernet 2/0/1 # Configure GTS parameters. [Sysname-GigabitEthernet2/0/1] qos gts queue 1 cir 512 Configuring the Line Rate Configuration Procedure Follow these steps to configure the line rate:...

  • Page 61: Displaying And Maintaining Traffic Policing, Gts, And Line Rate

    # Limit the outbound line rate of GigabitEthernet 2/0/1 to 512 kbps. [Sysname-GigabitEthernet2/0/1] qos lr outbound cir 512 Displaying and Maintaining Traffic Policing, GTS, and Line Rate On the S7500E series switches, you can configure traffic policing in policy-based approach. For related displaying and maintaining commands, see Displaying and Maintaining QoS Policies.

  • Page 62: Congestion Management Configuration

    Congestion Management Configuration When configuring hardware congestion management, go to these sections for information you are interested in: Congestion Management Overview Congestion Management Configuration Approaches Per-Queue Hardware Congestion Management Displaying and Maintaining Congestion Management Congestion Management Overview Causes, Impacts, and Countermeasures of Congestion Network congestion is a major factor contributed to service quality degrading on a traditional network.

  • Page 63: Congestion Management Policies

    Congestion Management Policies In general, congestion management uses queuing technology. The system uses a certain queuing algorithm for traffic classification, and then uses a certain precedence algorithm to send the traffic. Each queuing algorithm addresses a particular network traffic problem and which algorithm is used affects bandwidth resource assignment, delay, and jitter significantly.
  • Page 64 Figure 6-3 Schematic diagram for WRR queuing Queue 0 Weight 1 Packets to be sent through this port Queue 1 Weight 2 Sent packets Interface …… Queue N-2 Weight N-1 Queue Sending queue Packet scheduling classification Queue N-1 Weight N Assume there are eight output queues on a port.

  • Page 65: Congestion Management Configuration Approaches

    Short packets and long packets are fairly scheduled: if there are both long packets and short packets in queues, statistically the short packets should be scheduled preferentially to reduce the jitter between packets as a whole. Compared with FQ, WFQ takes weights into account when determining the queue scheduling order. Statistically, WFQ gives high priority traffic more scheduling opportunities than low priority traffic.

  • Page 66: Per-Queue Hardware Congestion Management

    Task Remarks Configuring SP Queuing Optional Configure WRR Queuing Optional Configuring WFQ Queuing Optional Configuring SP+WRR Queues Optional Per-Queue Hardware Congestion Management Configuring SP Queuing Configuration procedure Follow these steps to configure SP queuing: To do… Use the command… Remarks Enter system view system-view —...
  • Page 67 Configure WRR Queuing Configuration procedure Follow these steps to configure group-based WRR queuing: To do… Use the command… Remarks Enter system view system-view — Enter Use either command interface interface-type Enter interface Settings in interface view take interface-number interface view effect on the current interface;...
  • Page 68 To do… Use the command… Remarks Enter system view system-view — Enter Use either command interface interface-type Enter interface Settings in interface view take interface-number interface view effect on the current interface; view or port settings in port group view take Enter port group view port-group manual port-group-name...

  • Page 69: Configuring Sp+Wrr Queues

    [Sysname] interface gigabitethernet 2/0/1 [Sysname-GigabitEthernet2/0/1] qos wfq [Sysname-GigabitEthernet2/0/1] qos wfq 1 weight 1 [Sysname-GigabitEthernet2/0/1] qos wfq 3 weight 5 [Sysname-GigabitEthernet2/0/1] qos wfq 4 weight 10 [Sysname-GigabitEthernet2/0/1] qos wfq 5 weight 15 [Sysname-GigabitEthernet2/0/1] qos wfq 6 weight 10 # Set the minimum guaranteed bandwidth of queue 1 to 128 kbps. [Sysname-GigabitEthernet2/0/1] qos bandwidth queue 1 min 128 Configuring SP+WRR Queues Configuration Procedure...

  • Page 70: Displaying And Maintaining Congestion Management

    [Sysname] interface GigabitEthernet 2/0/1 [Sysname-GigabitEthernet2/0/1] qos wrr [Sysname-GigabitEthernet2/0/1] qos wrr 0 group sp [Sysname-GigabitEthernet2/0/1] qos wrr 1 group sp [Sysname-GigabitEthernet2/0/1] qos wrr 2 group sp [Sysname-GigabitEthernet2/0/1] qos wrr 3 group sp [Sysname-GigabitEthernet2/0/1] qos wrr 4 group 1 weight 2 [Sysname-GigabitEthernet2/0/1] qos wrr 5 group 1 weight 4 [Sysname-GigabitEthernet2/0/1] qos wrr 6 group 1 weight 6 [Sysname-GigabitEthernet2/0/1] qos wrr 7 group 1 weight 8 Displaying and Maintaining Congestion Management...

  • Page 71: Congestion Avoidance

    Congestion Avoidance When configuring congestion avoidance, go to these sections for information you are interested in: Congestion Avoidance Overview Introduction to WRED Configuration Configuring WRED on an Interface Displaying and Maintaining WRED Congestion Avoidance Overview Avoiding congestion before it occurs to deteriorate network performance is a proactive approach to improving network performance.

  • Page 72: Introduction To Wred Configuration

    Packets with a lower IP precedence are more likely to be dropped. Introduction to WRED Configuration WRED Configuration Approaches On an S7500E series switch, WRED is implemented with WRED tables. WRED tables are created globally in system view and then applied to interfaces. Introduction to WRED Parameters...

  • Page 73: Configuration Example

    To do… Use the command… Remarks Enter system view system-view — Create a WRED table — qos wred queue table table-name Optional Configure the drop queue queue-id [ drop-level drop-level ] By default, the low-limit argument parameters for each low-limit low-limit [ discard-probability is 100 and the discard-prob queue in the WRED table discard-prob ]...

  • Page 74: Traffic Filtering Configuration

    Traffic Filtering Configuration When configuring traffic filtering, go to these sections for information you are interested in: Traffic Filtering Overview Configuring Traffic Filtering Traffic Filtering Configuration Example Traffic Filtering Overview You can filter in or filter out a class of traffic by associating the class with a traffic filtering action. For example, you can filter packets sourced from a specific IP address according to network status.

  • Page 75: Support Of Line Cards For The Traffic Filtering Function

    For line card categories and their description, see the installation manual for the S7500E series switches. Table 8-1 Support of line cards for the traffic filtering action...

  • Page 76: Traffic Filtering Configuration Example

    Traffic direction (right) Inbound Outbound Card category (below) Supported Supported Traffic Filtering Configuration Example Traffic Filtering Configuration Example Network requirements As shown in Figure 8-1, Host is connected to GigabitEthernet 2/0/1 of Device. Configure traffic filtering to filter the packets whose source port is 21 received on GigabitEthernet 2/0/1. Figure 8-1 Network diagram for traffic filtering configuration Configuration procedure # Create advanced ACL 3000, and configure a rule to match packets whose source port number is 21.

  • Page 77: Priority Marking Configuration

    Priority Marking Configuration When configuring priority marking, go to these sections for information you are interested in: Priority Marking Overview Configuring Priority Marking Priority Marking Configuration Example Priority Marking Overview Priority marking can be used together with priority mapping. For details, see Priority Mapping Table and Priority Marking Configuration Example.
  • Page 78 To do… Use the command… Remarks Set the 802.1p priority for packets or configure the remark dot1p { 8021p | Optional inner-to-outer tag priority customer-dot1p-trust } copying function Optional Set the drop precedence for remark drop-precedence Applicable to only the packets drop-precedence-value outbound direction...

  • Page 79: Support Of Line Cards For Priority Marking

    For line card categories and their description, see the installation manual for the S7500E series switches. Table 9-1 Support of SC/SA/EA cards for priority marking...
  • Page 80 Card category (right) Action Inbound Outbound Inbound Outbound Inbound Outbound (below) Remarking the specified QoS Not supported Not supported local ID for supported supported supported supported packets. Table 9-2 Support of EB/SD cards for priority marking Card category (right) Action (below) Inbound Outbound Inbound...

  • Page 81: Priority Marking Configuration Example

    Priority Marking Configuration Example Priority Marking Configuration Example Network requirements As shown in Figure 9-1, the enterprise network of a company interconnects hosts with servers through Device. The network is described as follows: Host A and Host B are connected to GigabitEthernet 2/0/1 of Device. The data server, mail server, and file server are connected to GigabitEthernet 2/0/2 of Device.

  • Page 82: Qos-Local-Id Marking Configuration Example

    [Device-acl-adv-3002] rule permit ip destination 192.168.0.3 0 [Device-acl-adv-3002] quit # Create a class named classifier_dbserver, and reference ACL 3000 in the class. [Device] traffic classifier classifier_dbserver [Device-classifier-classifier_dbserver] if-match acl 3000 [Device-classifier-classifier_dbserver] quit # Create a class named classifier_mserver, and reference ACL 3001 in the class. [Device] traffic classifier classifier_mserver [Device-classifier-classifier_mserver] if-match acl 3001 [Device-classifier-classifier_mserver] quit...
  • Page 83 With QoS local ID marking, however, traffic limit applies to the two classes as a whole, allowing the switch to dynamically assign the bandwidth to the two classes depending on their traffic size. To configure QoS-local-ID marking to limit the total rate of the two classes, you need to mark packets of the two classes with the same QoS-local-ID;...

  • Page 84: Traffic Redirecting Configuration

    Traffic Redirecting Configuration When configuring traffic redirecting, go to these sections for information you are interested in: Traffic Redirecting Overview Configuring Traffic Redirecting Traffic Redirecting Overview Traffic redirecting is the action of redirecting the packets matching the specific match criteria to a certain location for processing.

  • Page 85: Support Of Line Cards For Traffic Redirecting

    Support of Line Cards for Traffic Redirecting Table 10-1 shows the support of line cards for the traffic redirecting action for the inbound and outbound traffic. For line card categories and their description, see the installation manual for the S7500E series switches. 10-2...
  • Page 86 Table 10-1 Support of line cards for the traffic redirecting action Direction(right) Inbound Outbound Card category (below) SC LPU Supported Not Supported SA LPU Supported Not Supported EA LPU Supported Not Supported EB LPU Supported Not Supported SD LPU Supported Not Supported 10-3...

  • Page 87: Aggregation Car Configuration

    CAR is enabled for multiple ports, the total traffic on these ports must conform to the traffic policing parameters set in the aggregation CAR. The S7500E series switches implement aggregation CAR with QoS policies. Only the SD and EB cards support QoS policies that contain aggregation CAR actions.

  • Page 88: Displaying And Maintaining Aggregation Car

    To do… Use the command… Remarks Exit class view quit — traffic behavior behavior-name Required Enter traffic behavior view Reference the aggregation Required car name car-name CAR in the traffic behavior Exit policy view quit — To an interface Applying the QoS policy to an interface —...
  • Page 89 [Sysname-classifier-2] if-match customer-vlan-id 100 [Sysname-classifier-2] quit [Sysname] traffic behavior 2 [Sysname-behavior-2] car name aggcar-1 [Sysname-behavior-2] quit # Create QoS policy car, associate class 1 with behavior 1, and associate class 2 with behavior 2. [Sysname] qos policy car [Sysname-qospolicy-car] classifier 1 behavior 1 [Sysname-qospolicy-car] classifier 2 behavior 2 [Sysname-qospolicy-car] quit # Apply the QoS policy to the incoming traffic of GigabitEthernet 2/0/1.

  • Page 90: Class-Based Accounting Configuration

    Class-Based Accounting Configuration When configuring class-based accounting, go to these sections for information you are interested in: Class-Based Accounting Overview Configuring Class-Based Accounting Displaying and Maintaining Traffic Accounting Class-Based Accounting Configuration Example Class-Based Accounting Overview Class-based accounting collects statistics on a per-traffic class basis. For example, you can define the action to collect statistics for traffic sourced from a certain IP address.

  • Page 91: Displaying And Maintaining Traffic Accounting

    To do… Use the command… Remarks To an interface Applying the QoS policy to an interface — To a VLAN Applying the QoS policy to a VLAN — Apply the Globally Applying the QoS policy globally — policy To the control Applying the QoS policy to the control plane plane...
  • Page 92 # Create a policy named policy, and associate class classifier_1 with behavior behavior_1 in the policy. [DeviceA] qos policy policy [DeviceA-qospolicy-policy] classifier classifier_1 behavior behavior_1 [DeviceA-qospolicy-policy] quit # Apply the policy named policy to the incoming traffic of GigabitEthernet 2/0/1. [DeviceA] interface gigabitethernet 2/0/1 [DeviceA-GigabitEthernet2/0/1] qos apply policy policy inbound [DeviceA-GigabitEthernet2/0/1] quit...

  • Page 93: Qos In An Epon System

    CoS precedence and local precedence. Configuring the ONU to perform congestion management for traffic from uplink ports, supporting SP and WFQ queue scheduling algorithms (available to only H3C ONUs). Processing on an OLT By default, an OLT port trusts the 802.1p precedence of the packets. You can configure to trust the DSCP precedence of the packets through the command line.

  • Page 94: Qos Functions For Downlink Traffic

    Figure 13-1 QoS model for uplink traffic in an EPON system QoS Functions for Downlink Traffic Processing on an OLT Configuring the OLT to perform priority mapping for packets received from the uplink port according to the CoS-to-local precedence mapping table and then assign packets to output queues of the OLT port.

  • Page 95: Configuring Qos In An Epon System

    Configuring QoS in an EPON System QoS Configuration Task List in an EPON System QoS configurations in an EPON system are the same as those in Ethernet, and the corresponding configuration commands in OLT port view and ONU port view are the same as those in Ethernet port view too.

  • Page 96: Configuring Qos At The Olt Side

    Reference QoS at the OLT side Assign downlink bandwidth for each Assign downlink bandwidth for an ONU Table 13-2 Configure QoS at the ONU side of an EPON system QoS at the ONU side Reference Configuring traffic classification and CoS priority marking for incoming Priority mapping on the UNI packets on UNIs Configure priority trust mode for the...
  • Page 97 Sending buffer size of the OLT port For traffic to be sent out an OLT port, you can set the priority threshold to identify high-priority traffic and low-priority traffic. You can set sending buffer to reserve buffer for high-priority queues and thus decrease the dropping probability of high-priority packets and guarantee QoS for high-priority packet transmission.
  • Page 98 High-priority packet buffering takes effect for downlink traffic only when downlink bandwidth allocation policy is enabled (as shown in Configure traffic policing for downlink/uplink traffic of a UNI). Assign downlink bandwidth for an ONU When an S7500E works as an OLT in an EPON system, you can limit the rate at which the OLT port sends traffic to each ONU, that is, assign downlink bandwidth to each ONU.

  • Page 99: Configuring Qos At The Onu Side

    Configuring QoS at the ONU Side Priority mapping on the ONU port When the ONU receives packets on an ONU port, it assigns local precedence to the packets according to the 802.1p-to-local precedence mapping table. Table 13-3 shows the default 802.1p-to-local precedence mapping table.
  • Page 100 criteria, VLAN operation mode of the port, and VLAN tagging status of the received packets. For details, Table 13-4. Table 13-4 Relationship between VLAN operation modes and priority remarking VLAN operation With or without VLAN Packet processing mode In the case of traffic classification based on the source MAC address/destination MAC address, Ethernet priority, VLAN ID, or physical port, if the packet matches the configured traffic classification rule, the packet is priority-remarked with...
  • Page 101 Configure uplink traffic uni uni-number classification-marking index index queue priority remarking for a qid priority priority { selector operator matched-value } Required &<1-4> Currently, up to eight rules can be configured for each UNI port on an H3C ONU. 13-12...
  • Page 102 Table 13-5 Restrictions about the configuration Item Restrictions If a source MAC address–based traffic classification rule and a destination MAC address–based traffic classification rule are configured for a UNI port of an ONU, and if the uplink traffic satisfies both rules, only the destination MAC address–based traffic classification rule applies even if the other one has a higher priority.

  • Page 103: Example For Uni Priority Remarking Configuration

    By default, traffic policing is not configured uplink/downlink traffic extra-burst-size for a UNI. ebs-value }* } | outbound Note that: only H3C ONUs support the cir cir-value [ pir outbound keyword. pir-value ] } Example for UNI Priority Remarking Configuration Network requirements Set the uplink bandwidth of the ONU to 50 Mbps.
  • Page 104 Configuration procedure # Create ONU 3/0/1:1, and bind it to the ONU. <Sysname> system-view [Sysname] interface olt 3/0/1 [Sysname-Olt3/0/1] using onu 1 [Sysname-Olt3/0/1] quit [Sysname] interface onu 3/0/1:1 [Sysname-Onu3/0/1:1] bind onuid 000f-e200-0104 # Set the uplink bandwidth of the ONU port to 50 Mbps (64 Kbps × 800). [Sysname-Onu3/0/1:1] upstream-sla minimum-bandwidth 800 maximum-bandwidth 800 # Configure the VLAN operation mode as transparent for UNI 1 and UNI 2.

  • Page 105: Appendix A Default Priority Mapping Tables

    Appendix A Default Priority Mapping Tables For the default dot1p-exp, dscp-dscp, and exp-dot1p priority mapping tables, an input value yields a target value that is equal to it. Table 14-1 The default dot1p-lp and dot1p-dp priority mapping tables Input priority value dot1p-lp mapping dot1p-dp mapping Local precedence...
  • Page 106 Input priority value dscp-dp mapping dscp-dot1p mapping DSCP Drop precedence (dp) 802.1p priority (dot1p) 40 to 47 48 to 55 56 to 63 Table 14-3 The default exp-dp priority mapping tables Input priority value exp-dp mapping EXP value Drop precedence (dp) 14-2...

  • Page 107: Appendix B Introduction To Packet Precedences

    Appendix B Introduction to Packet Precedences IP Precedence and DSCP Values Figure 15-1 ToS and DS fields As shown in Figure 15-1, the ToS field of the IP header contains eight bits, and the first three bits (0 to 2) represent IP precedence from 0 to 7. According to RFC 2474, the ToS field of the IP header is redefined as the differentiated services (DS) field, where a DSCP value is represented by the first six bits (0 to 5) and is in the range 0 to 63.

  • Page 108: 802.1P Priority

    Table 15-2 Description on DSCP values DSCP value (decimal) DSCP value (binary) Description 101110 001010 af11 001100 af12 001110 af13 010010 af21 010100 af22 010110 af23 011010 af31 011100 af32 011110 af33 100010 af41 100100 af42 100110 af43 001000 010000 011000 100000 101000...

  • Page 109: Exp Values

    Figure 15-2 An Ethernet frame with an 802.1Q tag header As shown in Figure 15-2, the 4-byte 802.1Q tag header consists of the tag protocol identifier (TPID, two bytes in length), whose value is 0x8100, and the tag control information (TCI, two bytes in length). Figure 15-3 presents the format of the 802.1Q tag header.
  • Page 110 Figure 15-4 MPLS label structure As shown in Figure 15-4, the EXP field is 3 bits long and ranges from 0 to 7. 15-4...

  • Page 111: Index

    Index DiffServ Service Model Displaying and Maintaining QoS Policies ACL Classification 3-10 ACL Numbering and Naming Application of ACLs on the Switch Applying the QoS Policy Example for UNI Priority Remarking Configuration 13-14 Best-Effort Service Model Implementing Time-Based ACL Rules Introduction to ACL Causes, Impacts, and Countermeasures of Introduction to Priority Mapping...
  • Page 112 QoS Configuration Task List in an EPON System 13-6 QoS Functions for Downlink Traffic 13-5 QoS Functions for Uplink Traffic 13-4 QoS-Local-ID Marking Configuration Example Traffic Evaluation and Token Buckets Traffic Filtering Configuration Example Traffic Policing Traffic Shaping WRED Configuration Approaches 16-2...

Table of Contents