HPE FlexFabric 5940 Series Command Reference Manual
  1. Manuals
  2. Brands
  3. HPE Manuals
  4. Switch
  5. FlexFabric 5940 SERIES
  6. Command reference manual

HPE FlexFabric 5940 Series Command Reference Manual

Hide thumbs Also See for FlexFabric 5940 Series:
Table of Contents

Advertisement

Quick Links

See also: Configuration Manual , Installation Manual
HPE FlexFabric 5940 Switch Series
ACL and QoS Command Reference
Part number: 5200-1001
Software version: Release 2508
Document version: 6W100-20160728

Advertisement

Table of Contents
loading

Related Manuals for HPE FlexFabric 5940 Series

Summary of Contents for HPE FlexFabric 5940 Series

  • Page 1 HPE FlexFabric 5940 Switch Series ACL and QoS Command Reference Part number: 5200-1001 Software version: Release 2508 Document version: 6W100-20160728...
  • Page 2 © Copyright 2016 Hewlett Packard Enterprise Development LP The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.

  • Page 3: Table Of Contents

    Contents ACL commands ······························································································ 1 acl ······························································································································································· 1 acl copy ······················································································································································ 2 acl logging interval ····································································································································· 3 acl trap interval ··········································································································································· 4 description ·················································································································································· 5 display acl ·················································································································································· 6 display packet-filter ···································································································································· 7 display packet-filter statistics ······················································································································ 8 display packet-filter statistics sum ············································································································ 11 display packet-filter verbose ·····················································································································...
  • Page 4 qos apply policy (user profile view) ·········································································································· 67 qos apply policy global ····························································································································· 67 qos policy ················································································································································· 68 qos vlan-policy ········································································································································· 69 reset qos policy control-plane ·················································································································· 69 reset qos policy global ······························································································································ 70 reset qos vlan-policy ································································································································ 70 Priority mapping commands ········································································· 72 Priority map commands ···································································································································...
  • Page 5 queue ····················································································································································· 103 queue ecn ·············································································································································· 104 queue weighting-constant ······················································································································ 105 Aggregate CAR commands ········································································ 106 car name ················································································································································ 106 display qos car name ····························································································································· 106 qos car ··················································································································································· 107 reset qos car name ································································································································ 109 Time range commands ··············································································· 110 display time-range ··································································································································...

  • Page 6: Acl Commands

    ACL commands Use acl to create an ACL and enter its view, or enter the view of an existing ACL. Use undo acl to delete the specified or all ACLs. Syntax acl [ ipv6 ] { advanced | basic } { acl-number | name acl-name } [ match-order { auto | config } ] acl mac { acl-number | name acl-name } [ match-order { auto | config } ] undo acl [ ipv6 ] { all | { advanced | basic } { acl-number | name acl-name } } undo acl mac { all | acl-number | name acl-name }...

  • Page 7: Acl Copy

    • ICMP or ICMPv6 message type, message code, and message name. • VPN instance. • Logging. • Time range. Slow forwarding requires packets to be sent to the control plane for forwarding entry calculation, which affects the device forwarding performance. Examples # Create IPv4 basic ACL 2000 and enter its view.

  • Page 8: Acl Logging Interval

    Syntax acl [ ipv6 | mac ] copy { source-acl-number | name source-acl-name } to { dest-acl-number | name dest-acl-name } Views System view Predefined user roles network-admin Parameters ipv6: Specifies the IPv6 ACL type. mac: Specifies the Layer 2 ACL type. source-acl-number: Specifies an existing source ACL by its number.

  • Page 9: Acl Trap Interval

    undo acl logging interval Default The interval is 0. The device does not generate log entries for packet filtering. Views System view Predefined user roles network-admin Parameters interval: Specifies the interval at which log entries are generated and output. It must be a multiple of 5, in the range of 0 to 1440 minutes.

  • Page 10: Description

    Parameters interval: Specifies the interval at which SNMP notifications are generated and output. It must be a multiple of 5, in the range of 0 to 1440 minutes. To disable SNMP notifications, set the value to 0. Usage guidelines The SNMP notifications feature is available for IPv4 or IPv6 ACL rules that have the logging keyword.

  • Page 11: Display Acl

    [Sysname-acl-ipv4-basic-2000] description This is an IPv4 basic ACL. Related commands display acl display acl Use display acl to display ACL configuration and match statistics. Syntax display acl [ ipv6 | mac ] { acl-number | all | name acl-name } Views Any view Predefined user roles...

  • Page 12: Display Packet-Filter

    Field Description This is an IPv4 basic ACL. Description of the ACL. ACL's step is 5 The rule numbering step is 5. Content of rule 5. The rule permits packets sourced from the IP address rule 5 permit source 1.1.1.1 0 1.1.1.1.

  • Page 13: Display Packet-Filter Statistics

    IPv4 default action: Deny Table 2 Command output Field Description Interface Interface to which the ACL applies. Inbound policy ACL used for filtering incoming traffic. Outbound policy ACL used for filtering outgoing traffic. IPv4 ACL 2001 IPv4 basic ACL 2001 has been successfully applied. IPv6 ACL 2002 (Failed) The device has failed to apply IPv6 basic ACL 2002.
  • Page 14 Predefined user roles network-admin network-operator Parameters interface interface-type interface-number: Specifies an interface by its type and number. inbound: Specifies the inbound direction. outbound: Specifies the outbound direction. ipv6: Specifies the IPv6 ACL type. mac: Specifies the Layer 2 ACL type. acl-number: Specifies an ACL by its number.
  • Page 15 Table 3 Command output Field Description Interface Interface to which the ACL applies. Inbound policy ACL used for filtering incoming traffic. Outbound policy ACL used for filtering outgoing traffic. IPv4 ACL 2001 IPv4 basic ACL 2001 has been successfully applied. IPv4 ACL 2002 (Failed) The device has failed to apply IPv4 basic ACL 2002.

  • Page 16: Display Packet-Filter Statistics Sum

    Related commands reset packet-filter statistics display packet-filter statistics sum Use display packet-filter statistics sum to display accumulated packet filtering statistics for an ACL. Syntax display packet-filter statistics sum { inbound | outbound } [ ipv6 | mac ] { acl-number | name acl-name } [ brief ] Views Any view...

  • Page 17: Display Packet-Filter Verbose

    Inbound policy: IPv4 ACL 2000 Totally 2 packets permitted, 0 packets denied Totally 100% permitted, 0% denied Table 4 Command output Field Description Accumulated packet filtering statistics. Inbound policy Accumulated packet filtering statistics in the inbound direction. Outbound policy Accumulated packet filtering statistics in the outbound direction. IPv4 ACL 2001 Accumulated packet filtering statistics of IPv4 basic ACL 2001.
  • Page 18 name acl-name: Specifies an ACL by its name. The acl-name argument is a case-insensitive string of 1 to 63 characters. slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays ACL application details for packet filtering for the master device. Usage guidelines If acl-number, name acl-name, ipv6, or mac is not specified, this command displays application details of all ACLs for packet filtering.

  • Page 19: Display Qos-Acl Resource

    Field Description action deny for packet filtering. The action permit still functions. • Permit—The default action permit has been successfully applied for packet filtering. Packet filter default action for packets that do not match any IPv6 ACLs: • Deny—The default action deny has been successfully applied for packet filtering.

  • Page 20: Packet-Filter

    --------------------------------------------------------------------- VFP ACL 1024 IFP ACL 16384 14336 2040 IFP Meter 8192 7168 1024 IFP Counter 8192 7168 1022 EFP ACL 1024 1021 EFP Meter EFP Counter Table 6 Command output Field Description Interfaces Interface range for the resources. Resource type: •...

  • Page 21: Packet-Filter Default Deny

    Parameters ipv6: Specifies the IPv6 ACL type. mac: Specifies the Layer 2 ACL type. acl-number: Specifies an ACL by its number. • 2000 to 2999 for basic ACLs. • 3000 to 3999 for advanced ACLs. • 4000 to 4999 for Layer 2 ACLs. name acl-name: Specifies an ACL by its name.

  • Page 22: Packet-Filter Filter

    Views System view Predefined user roles network-admin Usage guidelines The packet filter applies the default action to all ACL applications for packet filtering. The default action appears in the display command output for packet filtering. Examples # Set the packet filter default action to deny. <Sysname>...

  • Page 23: Reset Packet-Filter Statistics

    Syntax reset acl [ ipv6 | mac ] counter { acl-number | all | name acl-name } Views User view Predefined user roles network-admin Parameters ipv6: Specifies the IPv6 ACL type. mac: Specifies the Layer 2 ACL type. acl-number: Specifies an ACL by its number. •...

  • Page 24: Rule (Ipv4 Advanced Acl View)

    mac: Specifies the Layer 2 ACL type. acl-number: Specifies an ACL by its number. • 2000 to 2999 for basic ACLs. • 3000 to 3999 for advanced ACLs. • 4000 to 4999 for Layer 2 ACLs. name acl-name: Specifies an ACL by its name. The acl-name argument is a case-insensitive string of 1 to 63 characters.
  • Page 25 Parameters rule-id: Specifies a rule ID in the range of 0 to 65534. If you do not specify a rule ID when creating an ACL rule, the system automatically assigns it a rule ID. This rule ID is the nearest higher multiple of the numbering step to the current highest rule ID, starting from 0.
  • Page 26 Parameters Function Description time-range-name the rule. case-insensitive string of 1 to 32 characters. It must start with an English letter. If the time range is not configured, the system creates the rule. However, the rule using the time range can take effect only after you configure the time range.
  • Page 27 Parameters Function Description icmp-message } The icmp-message argument specifies a message name. Supported ICMP message names and their corresponding type and code values are listed in Table Table 10 ICMP message names supported in IPv4 advanced ACL rules ICMP message name ICMP message type ICMP message code echo...

  • Page 28: Rule (Ipv4 Basic Acl View)

    If you do not specify optional parameters, the undo rule rule-id command deletes the entire rule. If you specify optional parameters, the undo rule rule-id command deletes the specified attributes. The undo rule { deny | permit } command can only be used to delete the entire rule. You must specify all the attributes of the rule for the command.
  • Page 29 undo rule rule-id [ counting | fragment | logging | source | time-range | vpn-instance ] * undo rule { deny | permit } [ counting | fragment | logging | source { source-address source-wildcard | any } | time-range time-range-name | vpn-instance vpn-instance-name ] * Default No IPv4 basic ACL rules exist.

  • Page 30: Rule (Ipv6 Advanced Acl View)

    To view the existing IPv4 basic and advanced ACL rules, use the display acl all command. The rule ID is required in the undo rule rule-id command. If you do not specify optional parameters, the undo rule rule-id command deletes the entire rule. If you specify optional parameters, the undo rule rule-id command deletes the specified attributes.
  • Page 31 Default No IPv6 advanced ACL rules exist. Views IPv6 advanced ACL view Predefined user roles network-admin Parameters rule-id: Specifies a rule ID in the range of 0 to 65534. If you do not specify a rule ID when creating an ACL rule, the system automatically assigns it a rule ID.
  • Page 32 Parameters Function Description packet filtering) that uses the ACL supports logging. routing-type: Value of the IPv6 routing header type, in the range of 0 to 255. routing [ type Specifies an IPv6 routing If you specify the type routing-type option, the rule routing-type ] header type.
  • Page 33 Parameters Function Description Specifies the flags Parameter specific to TCP. for indicating the established established status of The rule matches TCP packets with the ACK or RST flag bit set. a TCP connection. If the protocol argument is icmpv6 (58), set the parameters shown in Table Table 13 ICMPv6-specific parameters for IPv6 advanced ACL rules Parameters...
  • Page 34 You can edit ACL rules only when the match order is config. To view the existing IPv6 basic and advanced ACL rules, use the display acl ipv6 all command. The rule ID is required in the undo rule rule-id command. If you do not specify optional parameters, the undo rule rule-id command deletes the entire rule.

  • Page 35: Rule (Ipv6 Basic Acl View)

    time-range rule (IPv6 basic ACL view) Use rule to create or edit an IPv6 basic ACL rule. Use undo rule to delete an entire IPv6 basic ACL rule or some attributes in the rule. Syntax rule [ rule-id ] { deny | permit } [ counting | fragment | logging | routing [ type routing-type ] | source { source-address source-prefix | source-address/source-prefix | any } | time-range time-range-name | vpn-instance vpn-instance-name ] * undo rule rule-id [ counting | fragment | logging | routing | source | time-range | vpn-instance ]...

  • Page 36: Rule (Layer 2 Acl View)

    vpn-instance vpn-instance-name: Applies the rule to an MPLS L3VPN instance. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, the rule applies to both non-VPN packets and VPN packets. Usage guidelines Within an ACL, the permit or deny statement of each rule must be unique.
  • Page 37 Default No Layer 2 ACL rules exist. Views Layer 2 ACL view Predefined user roles network-admin Parameters rule-id: Specifies a rule ID in the range of 0 to 65534. If you do not specify a rule ID when creating an ACL rule, the system automatically assigns it a rule ID.

  • Page 38: Rule Comment

    If you do not specify optional parameters, the undo rule rule-id command deletes the entire rule. If you specify optional parameters, the undo rule-id rule command deletes the specified attributes. The undo rule { deny | permit } command can only be used to delete the entire rule. You must specify all the attributes of the rule for the command.

  • Page 39: Step

    <Sysname> system-view [Sysname] acl basic 2000 [Sysname-acl-ipv4-basic-2000] rule 0 deny source 1.1.1.1 0 [Sysname-acl-ipv4-basic-2000] rule 0 comment This rule is used on ten-gigabitethernet 1/0/1. Related commands display acl step Use step to set a rule numbering step for an ACL. Use undo step to restore the default.

  • Page 40: Qos Policy Commands

    QoS policy commands Traffic class commands display traffic classifier Use display traffic classifier to display traffic classes. Syntax display traffic classifier user-defined [ classifier-name ] [ slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters user-defined: Specifies user-defined traffic classes. classifier-name: Specifies a traffic class by its name, a case-sensitive string of 1 to 31 characters.

  • Page 41: If-Match

    Table 15 Command output Field Description Classifier Traffic class name and its match criteria. Match operator you set for the traffic class. If the operator is AND, the traffic class Operator matches the packets that match all its match criteria. If the operator is OR, the traffic class matches the packets that match any of its match criteria.
  • Page 42 Option Description The dot1p-value&<1-8> argument specifies a space-separated list of up to eight 802.1p priority values. The value range for the dot1p-value argument is 0 to 7. Matches VLAN IDs in inner VLAN tags of double-tagged packets. The vlan-id-list argument specifies a space-separated list of up to 10 VLAN items.
  • Page 43 Protocol Description arp-snooping ARP snooping packets BFD packets BGP packets bgp4+ IPv6 BGP packets dhcp DHCP packets dhcp-snooping DHCP snooping packets dhcpv6 IPv6 DHCP packets dldp DLDP packets dot1x 802.1X packets FTP packets hoplimit-expires Hop-limit expire packets http HTTP packets https HTTPS packets icmp...
  • Page 44 When you configure a match criterion that can have multiple values in one if-match command, follow these restrictions and guidelines: • You can specify up to eight values for any of the following match criteria in one if-match command: Control plane protocol. 802.1p priority.
  • Page 45 [Sysname] traffic classifier class1 [Sysname-classifier-class1] if-match service-dot1p 5 # Define a match criterion for traffic class class1 to match advanced ACL 3101. <Sysname> system-view [Sysname] traffic classifier class1 [Sysname-classifier-class1] if-match acl 3101 # Define a match criterion for traffic class class1 to match the ACL named flow. <Sysname>...

  • Page 46: Traffic Classifier

    # Define a match criterion for traffic class class1 to match the packets with a local QoS ID of 3. <Sysname> system-view [Sysname] traffic classifier class1 [Sysname-classifier-class1] if-match qos-local-id 3 # Define a match criterion for traffic class class1 to match ARP protocol packets. <Sysname>...

  • Page 47: Traffic Behavior Commands

    Examples # Create a traffic class named class1. <Sysname> system-view [Sysname] traffic classifier class1 [Sysname-classifier-class1] Related commands display traffic classifier Traffic behavior commands accounting Use accounting to configure a traffic accounting action in a traffic behavior. Use undo accounting to restore the default. Syntax accounting { byte | packet } undo accounting...
  • Page 48 car cir committed-information-rate [ cbs committed-burst-size ] pir peak-information-rate [ ebs excess-burst-size ] [ green action | red action | yellow action ] * undo car Default No CAR action is configured. Views Traffic behavior view Predefined user roles network-admin Parameters cir committed-information-rate: Specifies the committed information rate (CIR) in kbps, which is an average traffic rate.

  • Page 49: Display Traffic Behavior

    If you execute the car command multiple times in the same traffic behavior, the most recent configuration takes effect. Examples # Configure a CAR action in traffic behavior database: • Set the CIR to 200 kbps, CBS to 51200 bytes, and EBS to 0. •...

  • Page 50: Filter

    Behavior: 2 (ID 101) Accounting enable: Packet Filter enable: Permit Marking: Remark dscp 4 Redirecting: Redirect to the CPU Table 18 Command output Field Description Behavior Name and contents of a traffic behavior. Marking Information about priority marking. Remark dscp Action of setting the DSCP value for packets.

  • Page 51: Nest Top-Most

    Examples # Configure a traffic filtering action as deny in traffic behavior database. <Sysname> system-view [Sysname] traffic behavior database [Sysname-behavior-database] filter deny nest top-most Use nest top-most to configure an outer VLAN tag adding action in a traffic behavior. Use undo nest top-most to restore the default. Syntax nest top-most vlan vlan-id undo nest top-most...

  • Page 52: Remark Customer-Vlan-Id

    Views Traffic behavior view Predefined user roles network-admin Parameters cpu: Redirects traffic to the CPU. interface interface-type interface-number: Redirects traffic to an interface specified by its type and number. slot slot-number: Redirects traffic to an IRF member device specified by its member ID. Usage guidelines If you execute the redirect command multiple times in the same traffic behavior, the most recent configuration takes effect.

  • Page 53: Remark Dot1P

    [Sysname] traffic behavior b1 [Sysname-behavior-b1] remark customer-vlan-id 111 remark dot1p Use remark dot1p to configure an 802.1p priority marking action or an inner-to-outer tag priority copying action in a traffic behavior. Use undo remark dot1p to restore the default. Syntax remark [ green | red | yellow ] dot1p dot1p-value undo remark [ green | red | yellow ] dot1p remark dot1p customer-dot1p-trust...

  • Page 54: Remark Drop-Precedence

    remark drop-precedence Use remark drop-precedence to configure a drop priority marking action in a traffic behavior. Use undo remark drop-precedence to restore the default. Syntax remark drop-precedence drop-precedence-value undo remark drop-precedence Default No drop priority marking action is configured. Views Traffic behavior view Predefined user roles network-admin...

  • Page 55: Remark Ip-Precedence

    red: Specifies red packets. yellow: Specifies yellow packets. dscp-value: Specifies a DSCP value, which can be a number from 0 to 63 or a keyword in Table Table 19 DSCP keywords and values Keyword DSCP value (binary) DSCP value (decimal) af11 001010 af12...

  • Page 56: Remark Local-Precedence

    Default No IP precedence marking action is configured. Views Traffic behavior view Predefined user roles network-admin Parameters green: Specifies green packets. red: Specifies red packets. yellow: Specifies yellow packets. ip-precedence-value: Specifies the IP precedence value to be marked for packets, in the range of 0 to 7.

  • Page 57: Remark Qos-Local-Id

    [Sysname-behavior-database] remark local-precedence 2 remark qos-local-id Use remark qos-local-id to configure a local QoS ID marking action in a traffic behavior. Use undo remark qos-local-id to restore the default. Syntax remark qos-local-id local-id-value undo remark qos-local-id Default No local QoS ID marking action is configured. Views Traffic behavior view Predefined user roles...

  • Page 58: Traffic Behavior

    Parameters vlan-id: Specifies an SVLAN ID in the range of 1 to 4094. Examples # Configure traffic behavior b1 to mark matching packets with SVLAN 222. <Sysname> system-view [Sysname] traffic behavior b1 [Sysname-behavior-b1] remark service-vlan-id 222 traffic behavior Use traffic behavior to create a traffic behavior and enter its view, or enter the view of an existing traffic behavior.

  • Page 59: Control-Plane

    Default No traffic behavior is associated with a traffic class. Views QoS policy view Predefined user roles network-admin Parameters classifier-name: Specifies a traffic class by its name, a case-sensitive string of 1 to 31 characters. behavior-name: Specifies a traffic behavior by its name, a case-sensitive string of 1 to 31 characters. insert-before before-classifier-name: Inserts the new traffic class before an existing traffic class in the QoS policy.

  • Page 60: Display Qos Policy

    Usage guidelines A QoS policy applied in control plane view takes effect on all packets to the control plane except the packets sent from the management interface. Examples # Enter the control plane view of slot 3. <Sysname> system-view [Sysname] control-plane slot 3 [Sysname-cp-slot3] display qos policy Use display qos policy to display QoS policies.

  • Page 61: Display Qos Policy Control-Plane

    Accounting enable: Packet Filter enable: Permit Marking: Remark dot1p 4 Classifier: 3 (ID 102) Behavior: 3 -none- For the output description, see Table 15 Table display qos policy control-plane Use display qos policy control-plane to display QoS policies applied to a control plane. Syntax display qos policy control-plane slot slot-number Views...

  • Page 62: Display Qos Policy Control-Plane Pre-Defined

    Classifier: 2 Operator: AND Rule(s) : If-match protocol ipv6 Behavior: 2 Accounting enable: 0 (Packets) Filter enable: Permit Marking: Remark dscp 3 Classifier: 3 Operator: AND Rule(s) : -none- Behavior: 3 -none- Table 20 Command output Field Description Direction Inbound direction on the control plane. Green packets Statistics about green packets.

  • Page 63: Display Qos Policy Global

    Default 1000 (pps) IS-IS 1000 (pps) critical VRRP 1000 (pps) important OSPF Multicast 1000 (pps) critical OSPF Unicast 1000 (pps) critical IGMP 500 (pps) important OSPFv3 Unicast 1000 (pps) critical OSPFv3 Multicast 1000 (pps) critical VRRPv6 1000 (pps) important 1000 (pps) normal DHCP Snooping 300 (pps)
  • Page 64 Syntax display qos policy global [ slot slot-number ] [ inbound | outbound ] Views Any view Predefined user roles network-admin network-operator Parameters inbound: Displays inbound global QoS policies. An inbound global QoS policy applies to the incoming traffic globally. outbound: Displays outbound global QoS policies.

  • Page 65: Display Qos Policy Interface

    Marking: Remark dscp 3 Classifier: 3 Operator: AND Rule(s) : -none- Behavior: 3 -none- Table 22 Command output Field Description Direction Direction (inbound or outbound ) in which the QoS policy is applied. Green packets Statistics about green packets. Yellow packets Statistics about yellow packets.
  • Page 66 Policy: 1 Classifier: 1 Matched : 0 (Packets) 0 (Bytes) 5-minute statistics: Forwarded: 0/0 (pps/bps) Dropped : 0/0 (pps/bps) Operator: AND Rule(s) : If-match acl 2000 Behavior: 1 Marking: Remark dscp 3 Committed Access Rate: CIR 112 (kbps), CBS 7000 (Bytes), EBS 512 (Bytes) Green action : pass Yellow action : pass...
  • Page 67 Policy: a Classifier: a Operator: AND Rule(s) : If-match any Behavior: a Mirroring: Mirror to the interface: Ten-GigabitEthernet1/0/2 Committed Access Rate: CIR 100 (kbps), CBS 6250 (Bytes), EBS 0 (Bytes) Green action : pass Yellow action : pass Red action : discard Green packets : 0 (Packets) Red packets...

  • Page 68: Display Qos Policy User-Profile

    Red packets : 0 (Packets) Table 23 Command output Field Description Direction Direction in which the QoS policy is applied to the interface. Matched Number of matching packets. Average rate of successfully forwarded matching packets in a statistics Forwarded collection period. Average rate of dropped matching packets in a statistics collection Dropped period.

  • Page 69: Display Qos Vlan-Policy

    <Sysname> display qos policy user-profile name abc user-id 30000000 inbound User-Profile: abc User ID: 0x30000000(global) Direction: Inbound Policy: p1 Classifier: default-class Matched : 0 (Packets) 0 (Bytes) Operator: AND Rule(s) : If-match any Behavior: be -none- # Display the QoS policy applied to user profile abc for a local user. <Sysname>...
  • Page 70 Views Any view Predefined user roles network-admin network-operator Parameters name policy-name: Specifies a QoS policy by its name, a case-sensitive string of 1 to 31 characters. vlan vlan-id: Specifies a VLAN by its ID in the range of 1 to 4094. inbound: Displays QoS policies applied to incoming traffic.

  • Page 71: Qos Apply Policy (Interface View, Control Plane View)

    Remark dscp 3 Classifier: 3 Operator: AND Rule(s) : -none- Behavior: 3 -none- Table 25 Command output Field Description Direction Direction in which the QoS policy is applied for the VLAN. Green packets Statistics about green packets. Yellow packets Statistics about yellow packets. Red packets Statistics about red packets.

  • Page 72: Qos Apply Policy (User Profile View)

    Examples # Apply QoS policy USER1 to the outgoing traffic of Ten-GigabitEthernet 1/0/1. <Sysname> system-view [Sysname] interface ten-gigabitethernet 1/0/1 [Sysname-Ten-GigabitEthernet1/0/1] qos apply policy USER1 outbound # Apply QoS policy aaa to the incoming traffic of the control plane of slot 3. <Sysname>...

  • Page 73: Qos Policy

    undo qos apply policy policy-name global { inbound | outbound } Default No QoS policy is applied globally. Views System view Predefined user roles network-admin Parameters policy-name: Specifies a QoS policy by its name, a case-sensitive string of 1 to 31 characters. inbound: Applies the QoS policy to the incoming packets on all interfaces.

  • Page 74: Qos Vlan-Policy

    [Sysname-qospolicy-user1] Related commands classifier behavior qos apply policy qos apply policy global qos vlan-policy qos vlan-policy Use qos vlan-policy to apply a QoS policy to the specified VLANs. Use undo qos vlan-policy to remove a QoS policy from the specified VLANs. Syntax qos vlan-policy policy-name vlan vlan-id-list { inbound | outbound } undo qos vlan-policy policy-name vlan vlan-id-list { inbound | outbound }...

  • Page 75: Reset Qos Policy Global

    Parameters slot slot-number: Specifies an IRF member device by its member ID. Examples # Clear the statistics of the QoS policy applied to the control plane of slot 3. <Sysname> reset qos policy control-plane slot 3 reset qos policy global Use reset qos policy global to clear the statistics of a global QoS policy.
  • Page 76 Usage guidelines If you do not specify a direction, this command clears the statistics of the QoS policies in both directions of the VLAN. Examples # Clear the statistics of QoS policies applied to VLAN 2. <Sysname> reset qos vlan-policy vlan 2...

  • Page 77: Priority Mapping Commands

    Priority mapping commands Priority map commands display qos map-table Use display qos map-table to display the configuration of priority maps. Syntax display qos map-table [ dot1p-dp | dot1p-exp | dot1p-lp | dscp-dot1p | dscp-dp | dscp-dscp | exp-dot1p ] Views Any view Predefined user roles network-admin...

  • Page 78: Import

    Table 27 Command output Field Description MAP-TABLE NAME Name of the priority map. TYPE Type of the priority map. IMPORT Input values of the priority map. EXPORT Output values of the priority map. import Use import to configure mappings for a priority map. Use undo import to restore the specified or all mappings to the default for a priority map.

  • Page 79: Priority Trust Mode Commands

    Views System view Predefined user roles network-admin Parameters For the description of other keywords, see Table Examples # Enter 802.1p-local priority map view. <Sysname> system-view [Sysname] qos map-table dot1p-lp [Sysname-maptbl-dot1p-lp] Related commands display qos map-table import Priority trust mode commands display qos trust interface Use display qos trust interface to display the priority trust mode and port priorities of an interface.

  • Page 80: Qos Trust

    Field Description Priority trust mode on the interface: dot1p, dscp, or none. If the trust mode Port priority trust type is none, the port priority is used for priority mapping. qos trust Use qos trust to configure the priority trust mode for an interface. Use undo qos trust to restore the default.
  • Page 81 Syntax qos priority priority-value undo qos priority Default The port priority is 0. Views Layer 2/Layer 3 Ethernet interface view Predefined user roles network-admin Parameters priority-value: Specifies a port priority value in the range of 0 to 7. Examples # Set the port priority of Ten-GigabitEthernet 1/0/1 to 2. <Sysname>...

  • Page 82: Traffic Policing, Gts, And Rate Limit Commands

    Traffic policing, GTS, and rate limit commands Traffic policing commands qos car Use qos car to configure a CAR policy for a user profile. Use undo qos car to delete a CAR policy from a user profile. Syntax qos car { inbound | outbound } any cir committed-information-rate [ cbs committed-burst-size [ ebs excess-burst-size ] ] qos car { inbound | outbound } any cir committed-information-rate [ cbs committed-burst-size ] pir peak-information-rate [ ebs excess-burst-size ]...

  • Page 83: Gts Commands

    The conforming traffic is permitted to pass through, and the excess traffic is dropped. If you execute the qos car command multiple times for the same user profile, the most recent configuration takes effect. Examples # Perform CAR for packets received by user profile user. The CAR parameters are as follows: •...

  • Page 84: Qos Gts

    Discarded: 0 (Packets) 0 (Bytes) Delayed : 0 (Packets) 0 (Bytes) Table 29 Command output Field Description Interface Interface name, including the interface type and interface number. Rule Match criteria. CIR in kbps. CBS in bytes. EBS in bytes. PIR in kbps. Queue Length Number of packets that the buffer can hold.

  • Page 85: Rate Limit Commands

    Number Keyword cir committed-information-rate: Specifies the CIR in kbps. The committed-information-rate argument has the following value ranges: • 8 to 10485760 for 10-GE interfaces. • 8 to 41943040 for 40-GE interfaces. • 8 to 104857600 for 100-GE interfaces. The specified value must be an integral multiple of 8. cbs committed-burst-size: Specifies the CBS in bytes.

  • Page 86: Qos Lr

    network-operator Parameters interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays the rate limit information for all interfaces. Examples # Display the rate limit information for all interfaces. <Sysname> display qos lr interface Interface: Ten-GigabitEthernet1/0/1 Direction: Inbound CIR 2000 (kbps), CBS 20000 (Bytes), EBS 0 (Bytes)
  • Page 87 Default No rate limit is configured on an interface or PW. Views Layer 2/Layer 3 Ethernet interface view Predefined user roles network-admin Parameters inbound: Limits the rate of incoming packets. outbound: Limits the rate of outgoing packets. cir committed-information-rate: Specifies the CIR in kbps. The committed-information-rate argument has the following value ranges: •...

  • Page 88: Congestion Management Commands

    Congestion management commands Common commands display qos queue interface Use display qos queue interface to display the queuing information for interfaces. Syntax display qos queue interface [ interface-type interface-number ] Views Any view Predefined user roles network-admin network-operator Parameters interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays the queuing information for all interfaces.

  • Page 89: Sp Commands

    Table 32 Command output Field Description Interface Interface name, including the interface type and interface number. Output queue Type of the current output queue. Number of the group that holds the queue. By default, all queues are in Group group 1. Byte-count Byte-count scheduling weight of the queue.

  • Page 90: Wrr Commands

    undo qos sp Default Byte-count WRR queuing is used on an interface, and queues 0 through 7 have a weight of 1, 2, 3, 4, 5, 9, 13, and 15, respectively. Views Layer 2/Layer 3 Ethernet interface view Predefined user roles network-admin Examples # Enable SP queuing on Ten-GigabitEthernet 1/0/1.

  • Page 91: Qos Wrr

    Table 34 Command output Field Description Interface Interface type and interface number. Output queue Type of the current output queue. Number of the group a queue is assigned to. By default, all queues belong to Group group 1. Packet-based queue scheduling weight of a queue. N/A is displayed for a queue Weight that uses the SP scheduling algorithm.

  • Page 92: Qos Wrr { Byte-Count | Weight

    Related commands display qos queue wrr interface qos wrr { byte-count | weight } Use qos wrr { byte-count | weight } to configure the WRR queuing parameters for a queue on an interface. Use undo qos wrr to delete the WRR queuing parameters of a queue on an interface. Syntax qos wrr queue-id group 1 { byte-count | weight } schedule-value undo qos wrr queue-id...

  • Page 93: Wfq Commands

    Use undo qos wrr group sp to remove a queue from the SP group. Syntax qos wrr queue-id group sp undo qos wrr queue-id Default All queues on a WRR-enabled interface are in WRR group 1. Views Layer 2/Layer 3 Ethernet interface view Predefined user roles network-admin Parameters...

  • Page 94: Qos Bandwidth Queue

    Parameters interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays the WFQ configuration of all interfaces. Examples # Display the WFQ configuration of Ten-GigabitEthernet 1/0/1. <Sysname> display qos wfq interface ten-gigabitethernet 1/0/1 Interface: Ten-GigabitEthernet1/0/1 Output queue: Hardware Weighted Fair Queuing Queue ID...

  • Page 95: Qos Wfq

    Parameters queue-id: Specifies a queue by its ID. The value range for this argument is 0 to 7 or keywords Table min bandwidth-value: Sets the minimum guaranteed bandwidth in kbps. The bandwidth-value argument has the following value ranges: • 8 to 10000000 for 10-GE interfaces. •...

  • Page 96: Qos Wfq { Byte-Count | Weight

    Examples # Enable weight-based WFQ on Ten-GigabitEthernet 1/0/1. <Sysname> system-view [Sysname] interface ten-gigabitethernet 1/0/1 [Sysname-Ten-GigabitEthernet1/0/1] qos wfq weight # Enable byte-count WFQ on Ten-GigabitEthernet 1/0/1. <Sysname> system-view [Sysname] interface ten-gigabitethernet 1/0/1 [Sysname-Ten-GigabitEthernet1/0/1] qos wfq byte-count Related commands display qos queue wfq interface qos wfq { byte-count | weight } Use qos wfq { byte-count | weight } to assign a queue to a WFQ group with a certain scheduling weight.

  • Page 97: Qos Wfq Group Sp

    Related commands display qos queue wfq interface qos bandwidth queue qos wfq qos wfq group sp Use qos wfq group sp to assign a queue to the SP group. Use undo qos wfq group sp to remove a queue from the SP group. Syntax qos wfq queue-id group sp undo qos wfq queue-id...
  • Page 98 Syntax display qos queue-statistics interface [ interface-type interface-number ] outbound Views Any view Predefined user roles network-admin network-operator Parameters interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays the queue-based outgoing traffic statistics for all interfaces. Examples # Display queue-based outgoing traffic statistics for HundredGigE 1/0/1.

  • Page 99: Queue Scheduling Profile Commands

    Forwarded: 0 packets, 0 bytes, 0 pps, 0 bps Dropped: 0 packets, 0 bytes Current queue length: 0 packets Table 36 Command output Field Description Interface Interface for which queue-based traffic statistics are displayed. Direction Direction of traffic for which statistics are collected. Forwarded Counts forwarded traffic both in packets and in bytes.

  • Page 100: Display Qos Qmprofile Configuration

    Examples # Configure queue 0 as a WFQ queue, and set the minimum guaranteed bandwidth to 100 kbps for queue 0. <Sysname> system-view [Sysname] qos qmprofile myprofile [Sysname-qmprofile-myprofile] queue 0 wfq group 1 weight 1 [Sysname-qmprofile-myprofile] bandwidth queue 0 min 100 display qos qmprofile configuration Use display qos qmprofile configuration to display the queue scheduling profile configuration.

  • Page 101: Display Qos Qmprofile Interface

    Field Description • WRR. • WFQ. Priority group to which the queue belongs. Group The default value is 1. Scheduling unit: weight or byte-count. Schedule unit N/A indicates that this field is ignored. This field indicates: • Weight value for the weight scheduling unit. Schedule value •...

  • Page 102: Qos Qmprofile

    undo qos apply qmprofile Default No queue scheduling profile is applied to an interface. Views Layer 2/Layer 3 Ethernet interface view Predefined user roles network-admin Parameters profile-name: Specifies a queue scheduling profile by its name, a case-sensitive string of 1 to 31 characters.

  • Page 103: Queue

    <Sysname> system-view [Sysname] qos qmprofile myprofile [Sysname-qmprofile-myprofile] Related commands display qos qmprofile interface queue queue Use queue to configure queue scheduling parameters. Use undo queue to delete queue scheduling parameter settings. Syntax queue queue-id { sp | wfq [ group group-id ] { weight | byte-count } schedule-value | wrr group group-id { weight | byte-count } schedule-value } undo queue queue-id Default...
  • Page 104 [Sysname] qos qmprofile myprofile [Sysname-qmprofile-myprofile] queue 1 wrr group 1 weight 10 Related commands display qos qmprofile interface qos qmprofile...

  • Page 105: Congestion Avoidance Commands

    Congestion avoidance commands WRED commands display qos wred interface Use display qos wred interface to display the WRED information for interfaces. Syntax display qos wred interface [ interface-type interface-number ] Views Any view Predefined user roles network-admin network-operator Parameters interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays the WRED information for all interfaces.

  • Page 106: Qos Wred Apply

    Parameters name table-name: Specifies a WRED table by its name, a case-sensitive string of 1 to 32 characters. If you do not specify a WRED table, this command displays the configuration of all WRED tables. slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays the WRED table configuration for the master device.

  • Page 107: Qos Wred Queue Table

    Use undo qos wred apply to restore the default. Syntax qos wred apply [ table-name ] undo qos wred apply Default No WRED table is applied to an interface, and the tail drop mode is used on an interface. Views Layer 2/Layer 3 Ethernet interface view Predefined user roles network-admin...

  • Page 108: Queue

    Usage guidelines You cannot delete a WRED table in use. To delete it, first remove it from the specified interface. You can use the display qos wred table command to display the default WRED table, which cannot be modified or deleted. Examples # Create a queue-based WRED table named queue-table1.

  • Page 109: Queue Ecn

    dropped at random. The longer the queue is, the higher the drop probability is. When the average queue size exceeds the upper threshold, subsequent packets are dropped. Examples # In queue-based WRED table queue-table1, configure the following drop-related parameters for packets in queue 1: •...

  • Page 110: Queue Weighting-Constant

    qos wred queue table queue weighting-constant Use queue weighting-constant to specify an exponent for average queue length calculation for a queue. Use undo queue weighting-constant to restore the default. Syntax queue queue-id weighting-constant exponent undo queue queue-id weighting-constant Default The exponent for average queue length calculation is 9. Views WRED table view Predefined user roles...

  • Page 111: Aggregate Car Commands

    Aggregate CAR commands car name Use car name to use an aggregate CAR action in a traffic behavior. Use undo car to restore the default. Syntax car name car-name undo car Default No aggregate CAR action is configured in a traffic behavior. Views Traffic behavior view Predefined user roles...

  • Page 112: Qos Car

    Parameters car-name: Specifies an aggregate CAR action by its name. This argument must start with a letter, and is a case-sensitive string of 1 to 31 characters. If you do not specify an aggregate CAR action, this command displays information about all aggregate CAR actions. Examples # Display information about all aggregate CAR actions.
  • Page 113 Use undo qos car to delete an aggregate CAR action. Syntax qos car car-name aggregative cir committed-information-rate [ cbs committed-burst-size [ ebs excess-burst-size ] ] [ green action | red action | yellow action ] * qos car car-name aggregative cir committed-information-rate [ cbs committed-burst-size ] pir peak-information-rate [ ebs excess-burst-size ] [ green action | red action | yellow action ] * undo qos car car-name Default...

  • Page 114: Reset Qos Car Name

    An aggregate CAR action takes effect only after it is applied to an interface or used in a QoS policy. Examples # Configure aggregate CAR action aggcar-1, where CIR is 25600, CBS is 512000, and red packets are dropped. <Sysname> system-view [Sysname] qos car aggcar-1 aggregative cir 25600 cbs 512000 red discard Related commands display qos car name...

  • Page 115: Time Range Commands

    Time range commands display time-range Use display time-range to display time range configuration and status. Syntax display time-range { time-range-name | all } Views Any view Predefined user roles network-admin network-operator Parameters time-range-name: Specifies a time range name, a case-insensitive string of 1 to 32 characters. It must start with an English letter.
  • Page 116 Default No time ranges exist. Views System view Predefined user roles network-admin Parameters time-range-name: Specifies a time range name. The name is a case-insensitive string of 1 to 32 characters. It must start with an English letter. To avoid confusion, it cannot be all. start-time to end-time: Specifies a periodic statement.
  • Page 117 Combining all periodic statements. Combining all absolute statements. Taking the intersection of the two statement sets as the active period of the time range. Examples # Create a periodic time range t1, setting it to be active between 8:00 to 18:00 during working days. <Sysname>...

  • Page 118: Data Buffer Commands

    Data buffer commands Inappropriate data buffer changes can cause system problems. Before manually changing data buffer settings, make sure you understand its impact on your device. As a best practice, use the burst-mode enable command if the system requires large buffer spaces. The burst-mode enable command and the buffer apply command are mutually exclusive.

  • Page 119: Buffer Queue Shared

    Predefined user roles network-admin Parameters egress: Specifies the egress buffer. slot slot-number: Specifies an IRF member device by its member ID (slot number). If you do not specify an IRF member device, this command applies to all IRF member devices. cell: Specifies cell resources.

  • Page 120: Buffer Total-Shared

    queue-id: Specifies a queue by its ID in the range of 0 to 7. ratio ratio: Specifies the maximum shared-area ratio in percentage. The value range for ratio is 1 to 100. Usage guidelines By default, all queues have an equal share of the shared area. You can set the shared-area ratio for a queue.

  • Page 121: Burst-Mode Enable

    <Sysname> system-view [Sysname] buffer egress cell total-shared ratio 50 burst-mode enable Use burst-mode enable to enable the Burst feature. Use undo burst-mode enable to disable the Burst feature. Syntax burst-mode enable undo burst-mode enable Default The Burst feature is disabled. Views System view Predefined user roles...

  • Page 122: Display Buffer Usage

    Parameters slot slot-number: Specifies an IRF member device by its member ID (slot number). If you do not specify an IRF member device, this command displays buffer size settings for all IRF member devices. queue queue-id: Specifies a queue by its number in the range of 0 to 7. If you specify a queue, this command displays the fixed-area ratio and shared-area ratio for the specified queue.
  • Page 123 Views Any view Predefined user roles network-admin network-operator Parameters slot slot-number: Specifies an IRF member device by its member ID (slot number). If you do not specify an IRF member device, this command displays buffer usage for all IRF member devices. Examples # Display buffer usage.

  • Page 124: Qcn Commands

    QCN commands display qcn cp interface Use display qcn cp interface to display congestion point (CP) statistics. Syntax display qcn cp interface [ interface-type interface-number ] [ priority priority ] Views Any view Predefined user roles network-admin network-operator Parameters interface-type interface-number: Specifies a Layer 2 Ethernet interface by its type and number. If you do not specify an interface, this command displays CP statistics for all Layer 2 Ethernet interfaces.

  • Page 125: Display Qcn Global

    Passed : 200000 (Packets) Discarded: 20 (Packets) CNM count: 3000 (Packets) Table 45 Command output Field Description Passed Number of packets allowed to pass through. Discarded Number of packets discarded. CNM count Number of CNMs sent. Related commands reset qcn cp interface display qcn global Use display qcn global to display the global CND settings.

  • Page 126: Display Qcn Interface

    Field Description • edge—Maps the priority of incoming frames with a specific CNPV to an alternate value and removes congestion notification (CN) tags before sending out the frames. • interior—Does not alter the priority of incoming frames with a specific CNPV and removes CN tags before sending out the frames.

  • Page 127: Display Qcn Profile

    Field Description • auto—The interface negotiates the defense mode by using LLDP. • admin—The interface uses a user-configured defense mode. • comp—The interface uses the global defense mode. Alternate Alternate value. display qcn profile Use display qcn profile to display the settings of Quantized Congestion Notification (QCN) profiles. Syntax display qcn profile [ profile-id | default ] [ slot slot-number ] Views...

  • Page 128: Qcn Port Priority

    undo qcn enable Default QCN is disabled. Views System view Predefined user roles network-admin Usage guidelines To make QCN settings take effect, you must enable QCN. Examples # Enable QCN. <Sysname> system-view [Sysname] qcn enable qcn port priority Use qcn port priority to configure CND settings for an interface. Use undo qcn port priority to delete the CND settings of an interface.

  • Page 129: Qcn Priority

    auto: Configures the interface to negotiate the defense mode by using LLDP. Usage guidelines If a device is not assigned to a CND, you cannot configure this command on its interfaces. The CND settings for an interface take precedence over the global CND settings. Examples # Configure defense mode disabled and alternate value 0 for Ten-GigabitEthernet 1/0/1 in the CND with CNPV 1.

  • Page 130: Qcn Priority Profile

    interior: Specifies the interior defense mode. This mode does not alter the priority of incoming frames with a specific CNPV and removes CN tags before sending out the frames. interior-ready: Specifies the interior-ready defense mode. This mode does not alter the priority of incoming frames with a specific CNPV and retains CN tags when sending out the frames.

  • Page 131: Qcn Profile

    <Sysname> system-view [Sysname] qcn priority 2 profile 2 qcn profile Use qcn profile to create a profile. Use undo qcn profile to delete a profile. Syntax qcn profile profile-id set-point length-value weight weight-value undo qcn profile profile-id Default No user-created profiles exist. Views System view Predefined user roles...
  • Page 132 Examples # Clear CP statistics for Layer 2 Ethernet interfaces in all CNDs. <Sysname> reset qcn cp interface...

  • Page 133: Document Conventions And Icons

    Document conventions and icons Conventions This section describes the conventions used in the documentation. Port numbering in examples The port numbers in this document are for illustration only and might be unavailable on your device. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown.

  • Page 134: Network Topology Icons

    Network topology icons Convention Description Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.

  • Page 135: Support And Other Resources

    Support and other resources Accessing Hewlett Packard Enterprise Support • For live assistance, go to the Contact Hewlett Packard Enterprise Worldwide website: www.hpe.com/assistance • To access documentation and support services, go to the Hewlett Packard Enterprise Support Center website: www.hpe.com/support/hpesc Information to collect •...

  • Page 136: Websites

    For more information and device support details, go to the following website: www.hpe.com/info/insightremotesupport/docs Documentation feedback Hewlett Packard Enterprise is committed to providing documentation that meets your needs. To help us improve the documentation, send any errors, suggestions, or comments to Documentation Feedback (docsfeedback@hpe.com). When submitting your feedback, include the document title,...
  • Page 137 part number, edition, and publication date located on the front cover of the document. For online help content, include the product name, product version, help edition, and publication date located on the legal notices page.

  • Page 138: Index

    Index A B C D F I N P Q R S T W display qos qmprofile configuration,95 display qos qmprofile interface,96 accounting,42 display qos queue interface,83 acl,1 display qos queue sp interface,84 copy,2 display qos queue wfq interface,88 acl logging interval,3 display qos queue wrr interface,85...
  • Page 139 lr,81 remark local-precedence,51 map-table,73 remark qos-local-id,52 policy,68 remark service-vlan-id,52 priority,75 Remote support,131 qmprofile,97 reset acl counter,17 sp,84 reset packet-filter statistics,18 trust,75 reset qcn cp interface,126 vlan-policy,69 reset qos car name,109 wfq,90 reset qos policy control-plane,69 qos wfq { byte-count | weight },91 reset qos policy global,70...

Table of Contents