1. Manuals
  2. Brands
  3. HP Manuals
  4. Switch
  5. 5830 series
  6. Configuration manual

HP 5830 Series Configuration Manual

Acl and qos
Hide thumbs Also See for 5830 Series:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Configuration Manual, Installation Manual
HP 5830 Switch Series
ACL and QoS

Configuration Guide

Part number: 5998-2066
Software version: Release 1115, Release 1118
Document version: 6W101-20130604

Advertisement

Table of Contents
loading

Related Manuals for HP 5830 Series

Summary of Contents for HP 5830 Series

  • Page 1: Configuration Guide

    HP 5830 Switch Series ACL and QoS Configuration Guide Part number: 5998-2066 Software version: Release 1115, Release 1118 Document version: 6W101-20130604...
  • Page 2 The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty.

  • Page 3: Table Of Contents

    Contents Configuring ACLs ························································································································································· 1   Overview ············································································································································································ 1   Applications on the switch ······································································································································ 1   ACL categories ························································································································································· 1   Numbering and naming ACLs ································································································································ 1   Match order ······························································································································································ 2   Rule comments and rule range remarks ················································································································· 2  ...
  • Page 4 Types of priorities ·················································································································································· 22   Priority mapping tables ········································································································································· 22   Priority trust mode on a port ································································································································· 23   Priority mapping procedure ································································································································· 23   Priority mapping configuration task list ······················································································································· 24   Configuring a priority mapping table ·························································································································· 24  ...
  • Page 5   IP precedence and DSCP values ·························································································································· 63   802.1p priority ······················································································································································ 64   Support and other resources ····································································································································· 66   Contacting HP ································································································································································ 66   Subscription service ·············································································································································· 66   Related information ························································································································································ 66   Documents ······························································································································································ 66  ...

  • Page 6: Configuring Acls

    Configuring ACLs An access control list (ACL) is a set of rules (or permit or deny statements) for identifying traffic based on criteria such as source IP address, destination IP address, and port number. Overview ACLs are primarily used for packet filtering. "Configuring packet filtering with ACLs"...

  • Page 7: Match Order

    Match order The rules in an ACL are sorted in a specific order. When a packet matches a rule, the device stops the matching process and performs the action defined in the rule. If an ACL contains overlapping or conflicting rules, the matching result and action to take depend on the rule order. The following ACL match orders are available: •...

  • Page 8: Rule Numbering

    Traditional packet filtering matches only first fragments of packets, and allows all subsequent non-first fragments to pass through. Attackers can fabricate non-first fragments to attack networks. To avoid the risks, the HP ACL implementation does the following: Filters all fragments by default, including non-first fragments.

  • Page 9: Configuration Task List

    Configuration task list Task Remarks Optional. Configuring a time range Applicable to IPv4 and IPv6. Configuring a basic ACL Required. Configuring an advanced ACL Configure at least one task. Applicable to IPv4 and IPv6. Configuring an Ethernet frame header ACL Optional.

  • Page 10: Configuring An Ipv6 Basic Acl

    Step Command Remarks Enter system system-view view. By default, no ACL exists. acl number acl-number Create an IPv4 IPv4 basic ACLs are numbered in the range of 2000 to [ name acl-name ] basic ACL and 2999. [ match-order { auto | enter its view.

  • Page 11: Configuring An Advanced Acl

    Step Command Remarks Optional. Configure a description for the description text By default, an IPv6 basic ACL has no ACL IPv6 basic ACL. description. Optional. Set the rule step step-value numbering step. The default setting is 5. By default, an IPv6 basic ACL does not contain rule [ rule-id ] { deny | permit } any rules.

  • Page 12: Configuring An Ipv6 Advanced Acl

    Step Command Remarks Optional. Configure a description for the description text By default, an IPv4 advanced ACL has no IPv4 advanced ACL. ACL description. Optional. Set the rule step step-value numbering step. The default setting is 5. rule [ rule-id ] { deny | permit } protocol [ { { ack ack-value | fin fin-value | psh psh-value | rst rst-value | syn syn-value | urg...

  • Page 13: Configuring An Ethernet Frame Header Acl

    Step Command Remarks By default, no ACL exists. IPv6 advanced ACLs are numbered in the Create an IPv6 acl ipv6 number acl6-number [ name range of 3000 to 3999. advanced ACL acl6-name ] [ match-order { auto | You can use the acl ipv6 name acl6-name and enter its view.

  • Page 14: Copying An Acl

    Step Command Remarks Enter system view. system-view By default, no ACL exists. Create an acl number acl-number Ethernet frame header ACLs are numbered in the Ethernet frame [ name acl-name ] range of 4000 to 4999. header ACL and [ match-order { auto | You can use the acl name acl-name command to enter enter its view.

  • Page 15: Copying An Ipv6 Basic Or Ipv6 Advanced Acl

    Step Command Enter system view. system-view Copy an existing IPv4 basic, IPv4 advanced, acl copy { source-acl-number | name source-acl-name } to { dest-acl-number | or Ethernet frame name dest-acl-name } header ACL to create a new ACL. Copying an IPv6 basic or IPv6 advanced ACL Step Command Enter system view.

  • Page 16: Applying An Ipv6 Basic Or Ipv6 Advanced Acl For Packet Filtering

    Applying an IPv6 basic or IPv6 advanced ACL for packet filtering Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number By default, no ACL is applied to the interface. Apply an IPv6 basic or IPv6 packet-filter ipv6 { acl6-number | advanced ACL to the interface name acl6-name } { inbound | Make sure no one is applying an...

  • Page 17: Ipv4 Packet Filtering Configuration Example

    IPv4 packet filtering configuration example Network requirements As shown in Figure 1, apply an ACL to the inbound direction of interface GigabitEthernet 1/0/1 on Device A so that every day, from 8:00 to 18:00, the interface allows only packets sourced from Host A to pass.
  • Page 18 Figure 2 Network diagram Configuration procedure # Create a time range from 08:00 to 18:00 every day. <DeviceA> system-view [DeviceA] time-range study 8:0 to 18:0 daily # Create IPv6 basic ACL 2009, and configure two rules for the ACL. One permits packets sourced from Host A and the other denies packets sourced from any other host during the time range study.

  • Page 19: Qos Overview

    QoS overview In data communications, Quality of Service (QoS) is a network's ability to provide differentiated service guarantees for diversified traffic in terms of bandwidth, delay, jitter, and drop rate. Network resources are scarce. The contention for resources requires that QoS prioritize important traffic flows over trivial ones.

  • Page 20: Qos Techniques

    QoS techniques The QoS techniques include traffic classification, traffic policing, traffic shaping, rate limit, congestion management, and congestion avoidance. The following section briefly introduces these QoS techniques. Figure 3 Position of the QoS techniques in a network As shown in Figure 3, traffic classification, traffic shaping, traffic policing, congestion management, and congestion avoidance mainly implement the following functions:...

  • Page 21: Qos Configuration Approaches

    QoS configuration approaches This chapter describes the QoS configuration approaches. Overview You can configure QoS in the following approaches: MQC approach • • Non-MQC approach Some features support both approaches, but some support only one. MQC approach In the modular QoS configuration (MQC) approach, you configure QoS service parameters by using QoS policies.

  • Page 22: Defining A Class

    Figure 4 QoS policy configuration procedure Defining a class This section describes how to define a class. Configuration guidelines If a class that uses the AND operator has multiple if-match acl, if-match acl ipv6, if-match customer-vlan-id or if-match service-vlan-id clauses, a packet that matches any of the clauses matches the class.
  • Page 23 Step Command Remarks Enter system view. system-view By default, the operator of a class is AND. The operator of a class can be AND or OR. Create a class and • traffic classifier tcl-name AND—A packet is assigned to a class only when enter class view.

  • Page 24: Defining A Traffic Behavior

    Keyword and argument combination Description Matches the VLAN IDs of ISP networks. service-vlan-id { vlan-id-list | vlan-id1 to The vlan-id-list is a list of up to eight VLAN IDs. The vlan-id1 to vlan-id2 } vlan-id2 specifies a VLAN ID range, where the vlan-id1 must be smaller than the vlan-id2.

  • Page 25: Applying The Qos Policy

    The dot1q-tag-manipulation keyword is only for VLAN mapping purposes. For more information about VLAN mapping, see Layer 2—LAN Switching Configuration Guide. Applying the QoS policy You can apply a QoS policy to the following destinations: An interface—The policy takes effect on the traffic sent or received on the interface. •...

  • Page 26: Displaying And Maintaining Qos Policies

    Step Command Enter system view. system-view qos vlan-policy policy-name vlan vlan-id-list { inbound | Apply the QoS policy to VLANs. outbound } Applying the QoS policy globally You can apply a QoS policy globally to the inbound or outbound direction of all ports. To apply the QoS policy globally: Step Command...

  • Page 27: Configuring Priority Mapping

    Configuring priority mapping This chapter describes how to configure priority mapping. Overview When a packet arrives, depending on your configuration, a device assigns a set of QoS priority parameters to the packet based on either a certain priority field carried in the packet or the port priority of the incoming port.

  • Page 28: Priority Trust Mode On A Port

    Priority trust mode on a port The priority trust mode on a port determines which priority is used for priority mapping table lookup. Port priority was introduced to use for priority mapping in addition to the priority fields carried in packets. The device provides the following priority trust modes: Using the 802.1p priority carried in packets for priority mapping.

  • Page 29: Priority Mapping Configuration Task List

    Priority mapping configuration task list You can modify priority mappings by modifying priority mapping tables, priority trust mode on a port, and port priority. HP recommends planning QoS throughout the network before making your QoS configuration. Perform these tasks to configure priority mapping: Task...

  • Page 30: Changing The Port Priority Of An Interface

    Step Command Remarks Enter system view. system-view Enter interface view. interface interface-type interface-number • Trust the DSCP priority in packets: Configure the priority By default, the device trusts qos trust dscp trust mode for the the 802.1p priority in • Trust the 802.1p priority in packets: interface.

  • Page 31: Priority Mapping Table And Priority Marking Configuration Example

    Figure 6 Network diagram   Configuration procedure # Assign port priority to GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2. Make sure that the priority of GigabitEthernet 1/0/1 is higher than that of GigabitEthernet 1/0/2, and that no trusted packet priority type is configured on GigabitEthernet 1/0/1 or GigabitEthernet 1/0/2. <DeviceC>...
  • Page 32 Table 3 Configuration plan Queuing plan Traffic Traffic priority order destination Traffic source Output queue Queue priority R&D department High R&D department > management Management Public servers High department > marketing department department Marketing department R&D department Management department > marketing Management Internet High...
  • Page 33 [Device-GigabitEthernet1/0/2] qos priority 4 [Device-GigabitEthernet1/0/2] quit # Set the port priority of GigabitEthernet 1/0/3 to 5. [Device] interface gigabitethernet 1/0/3 [Device-GigabitEthernet1/0/3] qos priority 5 [Device-GigabitEthernet1/0/3] quit Configure the priority mapping table: # Configure the 802.1p-to-local mapping table to map 802.1p priority values 3, 4, and 5 to local precedence values 2, 6, and 4.
  • Page 34 [Device-GigabitEthernet1/0/1] qos apply policy market inbound # Configure a priority marking policy for the R&D department, and apply the policy to the incoming traffic of GigabitEthernet 1/0/2. [Device] traffic behavior rd [Device-behavior-rd] remark dot1p 3 [Device-behavior-rd] quit [Device] qos policy rd [Device-qospolicy-rd] classifier http behavior rd [Device-qospolicy-rd] quit [Device] interface gigabitethernet 1/0/2...

  • Page 35: Configuring Traffic Policing, Traffic Shaping, And Rate Limit

    Configuring traffic policing, traffic shaping, and rate limit This chapter describes how to configure traffic policing, traffic shaping, and rate limit. Overview Traffic policing, traffic shaping, and rate limit are QoS techniques that help assign network resources, such as assigning bandwidth. They increase network performance and user satisfaction. For example, you can configure a flow to use only the resources committed to it in a certain time range.

  • Page 36: Traffic Policing

    CIR—Rate at which tokens are put into bucket C. It sets the average packet transmission or • forwarding rate allowed by bucket C. CBS—Size of bucket C, which specifies the transient burst of traffic that bucket C can forward. • Excess burst size (EBS)—Size of bucket E, which specifies the transient burst of traffic that bucket E •...

  • Page 37: Traffic Shaping

    Traffic shaping Traffic shaping shapes the outbound traffic. Traffic shaping limits the outbound traffic rate by buffering exceeding traffic. You can use traffic shaping to adapt the traffic output rate on a device to the input traffic rate of its connected device to avoid packet loss.

  • Page 38: Configuring Traffic Policing

    Rate limit also uses token buckets for traffic control. With rate limit configured on an interface, all packets to be sent through the interface are handled by the token bucket for rate limiting. If enough tokens are in the token bucket, packets can be forwarded. Otherwise, packets are put into QoS queues for congestion management.

  • Page 39: Configuring Gts

    GTS applicable to all traffic—Shapes all traffic. NOTE: The HP 5830AF-48G and HP 5830AF-48G TAA support the two types of GTS mentioned above. The HP 5830AF-96G and HP 5830AF-96G TAA support only GTS applicable to all traffic. Configuring queue-based GTS...

  • Page 40: Configuring The Rate Limit

    Configuring GTS for all traffic Step Command Remarks Enter system view. system-view Enter interface view. interface interface-type interface-number Configure GTS on the qos gts any cir interface. committed-information-rate Configuring the rate limit The rate limit of a physical interface specifies the maximum rate of incoming packets or outgoing packets. To configure the rate limit: Step Command...

  • Page 41: Configuration Procedures

    Perform traffic control on GigabitEthernet 1/0/1 of Device A for traffic received from Server and Host A, respectively, to meet the following requirements: Limit the rate of traffic from Server to 1024 kbps: Transmit the conforming traffic, and mark the •...
  • Page 42 [DeviceA] traffic behavior server [DeviceA-behavior-server] car cir 1024 red remark-dscp-pass 0 [DeviceA-behavior-server] quit # Create a behavior named host and configure the CAR action for the behavior as follows: Set the CIR to 256 kbps. [DeviceA] traffic behavior host [DeviceA-behavior-host] car cir 256 [DeviceA-behavior-host] quit # Create a QoS policy named car and associate class server with behavior server and class host with behavior host.
  • Page 43 # Create a QoS policy named car_outbound and associate class http with traffic behavior car_outbound in the QoS policy. [DeviceB] qos policy car_outbound [DeviceB-qospolicy-car_outbound] classifier http behavior car_outbound [DeviceB-qospolicy-car_outbound] quit # Apply QoS policy car_inbound to the incoming traffic of port GigabitEthernet 1/0/1. [DeviceB] interface GigabitEthernet 1/0/1 [DeviceB-GigabitEthernet1/0/1] qos apply policy car_inbound inbound # Apply QoS policy car_outbound to the outgoing traffic of port GigabitEthernet 1/0/2.

  • Page 44: Configuring Congestion Management

    Configuring congestion management This chapter describes how to configure congestion management. Overview This section describes why congestion occurs and the congestion management techniques. Causes, impacts, and countermeasures Network congestion degrades service quality. Congestion is a situation where the forwarding rate decreases due to insufficient resources, resulting in extra delay.
  • Page 45 SP queuing SP queuing is designed for mission-critical applications that require preferential service to reduce the response delay when congestion occurs. Figure 14 SP queuing Figure 14, SP queuing classifies eight queues on a port into eight classes, numbered 7 to 0 in descending priority order.
  • Page 46 Figure 15 WRR queuing Queue 0 Weight 1 Packets to be sent through this port Queue 1 Weight 2 Sent packets Interface …… Queue N-2 Weight N-1 Queue Sending queue Packet scheduling classification Queue N-1 Weight N Assume a port provides eight output queues. WRR assigns each queue a weight value (represented by w7, w6, w5, w4, w3, w2, w1, or w0) to decide the proportion of resources assigned to the queue.
  • Page 47 Compared with WRR, WFQ can work with the minimum guaranteed bandwidth as follows: • By setting the minimum guaranteed bandwidth, you can make sure that each WFQ queue is assured of certain bandwidth. The assignable bandwidth is allocated based on the priority of each queue (assignable bandwidth •...

  • Page 48: Congestion Management Configuration Task List

    Congestion management configuration task list Task Remarks Configuring SP queuing Configure WRR queuing Configuring WFQ queuing Perform one of the tasks as needed. Configuring SP+WRR queuing Configuring SP+WFQ queuing Configuring SP queuing Step Command Remarks Enter system view. system-view interface interface-type Enter interface view.

  • Page 49: Configuring Wfq Queuing

    Optional. The default queuing algorithm on an Enable WRR queuing. qos wrr [ byte-count | weight ] interface is SP. The weight keyword is not supported. Optional. Configure the scheduling qos wrr queue-id group group-id By default, the weights of queues 0 weight for a queue.

  • Page 50: Configuring Sp+Wrr Queuing

    qos wfq queue-id group If you have enabled WFQ on the port, Configure the scheduling group-id byte-count the default scheduling weight is 1 for weight for a queue. schedule-value each queue. Optional. Configure the minimum qos bandwidth queue queue-id By default, the minimum guaranteed guaranteed bandwidth for a min bandwidth-value bandwidth is not configured for a WFQ...

  • Page 51: Configuring Sp+Wfq Queuing

    Assign queue 0, queue 1, queue 2, and queue 3 on GigabitEthernet 1/0/1 to the SP queue • scheduling group. Configure queue 4, queue 5, queue 6, and queue 7 on GigabitEthernet 1/0/1 to use WRR • queuing, with the weights 2, 4, 6, and 8, respectively. The following is the configuration procedure: # Enter system view.
  • Page 52 For example: • Configure SP+WFQ queuing on GigabitEthernet 1/0/1, and use byte-count WFQ scheduling weights. Assign queue 0, queue 1, queue 2, and queue 3 on GigabitEthernet 1/0/1 to the SP queue • scheduling group. Configure queue 4, queue 5, queue 6, and queue 7 on GigabitEthernet 1/0/1 to use WFQ •...

  • Page 53: Configuring Congestion Avoidance

    Configuring congestion avoidance This chapter describes how to configure congestion avoidance. Overview Avoiding congestion before it occurs is a proactive approach to improving network performance. As a flow control mechanism, congestion avoidance actively monitors network resources (such as queues and memory buffers), and drops packets when congestion is expected to occur or deteriorate.

  • Page 54: Configuration Approaches

    Configuration approaches On the device, WRED is implemented with WRED tables. WRED tables are created globally in system view and then applied to interfaces. Parameters Before configuring WRED, determine the following parameters: Upper threshold and lower threshold—When the average queue length is below the lower •...

  • Page 55: Wred Configuration Example

    Display configuration information display qos wred table [ table-name ] [ | about a WRED table or all WRED { begin | exclude | include } Available in any view. tables. regular-expression ] WRED configuration example Network requirements Apply a WRED table to port GigabitEthernet 1/0/2. Configure the WRED table as follows: •...

  • Page 56: Configuring Traffic Filtering

    Configuring traffic filtering You can filter in or filter out a class of traffic by associating the class with a traffic filtering action. For example, you can filter packets sourced from a specific IP address according to network status. Configuration procedure To configure traffic filtering: Step Command...

  • Page 57: Configuration Example

    Configuration example Network requirements As shown in Figure 17, configure traffic filtering to filter the packets whose source port is 21 and which are received on GigabitEthernet 1/0/1. Figure 17 Network diagram   Configuration procedure # Create advanced ACL 3000 and configure a rule to match packets whose source port number is 21. <DeviceA>...

  • Page 58: Configuring Priority Marking

    Configuring priority marking Priority marking sets the priority fields or flag bits of packets to modify the priority of traffic. For example, you can use priority marking to set IP precedence or DSCP for a class of IP traffic to change its transmission priority in the network.

  • Page 59: Priority Marking Configuration Example

    Step Command Remarks • Applying the QoS policy to an interface • Applying the QoS policy to a Choose one of the application Apply the QoS policy. VLAN destinations as needed. • Applying the QoS policy globally display traffic behavior Display the priority marking Optional.
  • Page 60 # Create advanced ACL 3001 and configure a rule to match packets with destination IP address 192.168.0.2. [Device] acl number 3001 [Device-acl-adv-3001] rule permit ip destination 192.168.0.2 0 [Device-acl-adv-3001] quit # Create advanced ACL 3002 and configure a rule to match packets with destination IP address 192.168.0.3.
  • Page 61 # Apply the policy named policy_server to the incoming traffic of GigabitEthernet 1/0/1. [Device] interface gigabitethernet 1/0/1 [Device-GigabitEthernet1/0/1] qos apply policy policy_server inbound [Device-GigabitEthernet1/0/1] quit...

  • Page 62: Configuring Traffic Redirecting

    Configuring traffic redirecting Traffic redirecting is the action of redirecting the packets matching the specific match criteria to a certain location for processing. The following redirect actions are supported: Redirecting traffic to the CPU—Redirects packets that require processing by the CPU to the CPU. •...

  • Page 63: Traffic Redirecting Configuration Example

    Step Command Remarks Associate the class with the traffic behavior in the QoS classifier tcl-name behavior behavior-name policy. Return to system view. quit • Applying the QoS policy to an interface Choose one of the • Apply the QoS policy. Applying the QoS policy to a VLAN application destinations as needed.
  • Page 64 [DeviceA-acl-basic-2000] rule permit source 2.1.1.1 0 [DeviceA-acl-basic-2000] quit # Create basic ACL 2001 and configure a rule to match packets with source IP address 2.1.1.2. [DeviceA] acl number 2001 [DeviceA-acl-basic-2001] rule permit source 2.1.1.2 0 [DeviceA-acl-basic-2001] quit # Create a class named classifier_1 and use ACL 2000 as the match criterion in the class. [DeviceA] traffic classifier classifier_1 [DeviceA-classifier-classifier_1] if-match acl 2000 [DeviceA-classifier-classifier_1] quit...

  • Page 65: Configuring Class-Based Accounting

    Configuring class-based accounting Class-based accounting collects statistics (in packets or bytes) on a per-traffic class basis. For example, you can define the action to collect statistics for traffic sourced from a certain IP address. By analyzing the statistics, you can determine whether anomalies have occurred and what action to take. Configuration procedure To configure class-based accounting: Step...

  • Page 66: Displaying And Maintaining Class-Based Traffic Accounting

    Displaying and maintaining class-based traffic accounting To verify the class-based accounting configuration, use the display qos policy global, display qos policy interface, or display qos vlan-policy command in any view to display the traffic statistics collected after the configuration is complete. Configuration example Network requirements As shown in...

  • Page 67: Appendix

    Interface: GigabitEthernet1/0/1 Direction: Inbound Policy: policy Classifier: classifier_1 Operator: AND Rule(s) : If-match acl 2000 Behavior: behavior_1 Accounting Enable: 28529 (Packets) Appendix This chapter lists the appendix for QoS. Appendix A Default priority mapping tables For the default dscp-dscp priority mapping table, an input value yields a target value equal to it. Table 4 Default dot1p-lp and dot1p-dp priority mapping tables Input priority value dot1p-lp mapping...

  • Page 68: Appendix B Introduction To Packet Precedences

    Input priority value dscp-dp mapping dscp-dot1p mapping 32 to 39 40 to 47 48 to 55 56 to 63 Appendix B Introduction to packet precedences This section describes packet precedences. IP precedence and DSCP values Figure 21 ToS and DS fields As shown in Figure 21, the ToS field in the IPv4 header contains 8 bits, where the first 3 bits (0 to 2)

  • Page 69: 802.1P Priority

    Table 7 DSCP values DSCP value (decimal) DSCP value (binary) Description 101110 001010 af11 001100 af12 001110 af13 010010 af21 010100 af22 010110 af23 011010 af31 011100 af32 011110 af33 100010 af41 100100 af42 100110 af43 001000 010000 011000 100000 101000 110000 111000...
  • Page 70 Figure 23 802.1Q tag header Table 8 Description on 802.1p priority 802.1p priority (decimal) 802.1p priority (binary) Description best-effort background spare excellent-effort controlled-load video voice network-management...

  • Page 71: Support And Other Resources

    Related information Documents To find related documents, browse to the Manuals page of the HP Business Support Center website: http://www.hp.com/support/manuals For related documentation, navigate to the Networking section, and select a networking category. •...

  • Page 72: Conventions

    Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional. Braces enclose a set of required syntax choices separated by vertical bars, from which { x | y | ...
  • Page 73 Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.

  • Page 74: Index

    Index Numerics time-based rules, advanced ACL, 802.1 naming, configuring port to trust packet priority, numbering, configuring priority mapping table, Appendix B (Default priority maps), priority mapping table, Appendix C (Packet precedence), 802.1p packet precedence, applications on switch (ACL), applying ACL packet filtering, advanced configuration, QoS policy, automatic rule numbering, 3,...
  • Page 75 congestion management, SP+WFQ queuing, Ethernet frame header ACL, SP+WRR queuing, GTS, 34, tail drop, IPv4 ACL for packet filtering, techniques, IPv4 basic ACL, WFQ queuing, IPv6 ACL for packet filtering, WRED, IPv6 advanced ACL, WRED configuration, IPv6 basic ACL, WRR queuing, priority mapping, copying an ACL, priority marking, 53, 53,...
  • Page 76 802.1p packet precedence, ACL configuration, 4, copying ACL, ACL Ethernet frame header configuration, frame header ACL, ACL IPv6 advanced configuration, priority mapping configuration, IPv4 Ethernet frame header ACL ACL categories, configuration, ACL configuration, evaluating traffic, 30, 30, ACL IPv4 basic configuration, ACL naming, ACL numbering, feature (token bucket),...
  • Page 77 local defining QoS policy, QoS priority mapping local precedence), priority mapping configuration, 22, priority marking configuration, 26, 53, 53, priority trust mode configuration, maintaining QoS configuration, priority mapping, QoS configuration approaches, QoS policies, QoS MQC configuration approaches, maintaining ACLs, QoS non-MQC configuration approaches, managing traffic congestion techniques, QoS policy configuration, match...
  • Page 78 packet filtering WFQ queuing, ACL advanced configuration, WRR queuing, ACL application, precedence ACL configuration, 1, 4, 10, QoS priority mapping local precedence, ACL Ethernet frame header configuration, priority ACL packet fragment filtering, changing interface port priority, ACL switch applications, configuring port to trust packet priority, configuring IPv4 ACL, configuring trust mode, configuring IPv6 ACL,...
  • Page 79 configuring basic ACLs, displaying traffic policing, configuring class-based accounting, 60, maintaining ACLs, configuring Ethernet frame header ACLs, maintaining priority mapping, configuring GTS, 34, maintaining QoS policies, configuring IPv4 ACL for packet filtering, priority mapping, configuring IPv4 basic ACLs, configuring IPv6 ACL for packet filtering, configuring IPv6 advanced ACLs, ACL advanced configuration, configuring IPv6 basic ACLs,...
  • Page 80 displaying policies, ACL Ethernet frame header configuration, GTS configuration, 34, ACL IPv4 basic configuration, IntServ model, ACL IPv6 advanced configuration, maintaining policies, ACL IPv6 basic configuration, match criteria, rule MQC configuration, ACL automatic rule numbering, 3, non-MQC configuration, ACL automatic rule renumbering, priority mapping drop priority, ACL comments, priority mapping local precedence,...
  • Page 81 discussion, Telnet SP+WRR queuing ACL switch applications, configuration, time discussion, configuring range, statistics (class-based accounting), 60, time-based rules (ACL), step (ACL rule numbering), token bucket switching evaluating traffic, ACL configuration, QoS, ACL match order, traffic ACL rule comments, ACL advanced configuration, ACL rule range remarks, ACL configuration, 1, 4, ACL time-based rules,...
  • Page 82 traffic congestion configuration, avoidance configuration, discussion, management configuration, management techniques, traffic policing complicated evaluation, configuration, 30, 33, displaying, evaluation, QoS, token bucket, 30, traffic redirection, 17, traffic shaping complicated evaluation, configuration, discussion, evaluation, token bucket, user QoS priority mapping user priority, user-defined ACL, VLAN applying QoS policy,...

Table of Contents