ACL commands accelerate Use accelerate to enable ACL acceleration. Use undo accelerate to disable ACL acceleration. Syntax accelerate undo accelerate Default ACL acceleration is disabled. Views IPv4 basic/advanced ACL view IPv6 basic/advanced ACL view Predefined user roles network-admin Usage guidelines This command does not take effect if the hardware resources are insufficient.
Page 7
Default No ACLs exist. Views System view Predefined user roles network-admin Parameters ipv6: Specifies the IPv6 ACL type. To specify the IPv4 ACL type, do not provide this keyword. basic: Specifies the basic ACL type. advanced: Specifies the advanced ACL type. acl-number: Assigns a number to the ACL.
The new ACL has the same properties and content as the source ACL, but uses a different number or name from the source ACL. To specify the IPv4 ACL type, do not specify the ipv6 keyword. Examples # Create IPv4 basic ACL 2002 by copying IPv4 basic ACL 2001. <Sysname>...
rule (IPv6 advanced ACL view) rule (IPv6 basic ACL view) acl trap interval Use acl trap interval to enable SNMP notifications for packet filtering and set the interval. Use undo acl interval to restore the default. Syntax acl trap interval interval undo acl trap interval Default The interval is 0.
Syntax description text undo description Default An ACL does not have a description. Views IPv4 basic/advanced ACL view IPv6 basic/advanced ACL view Predefined user roles network-admin Parameters text: Specifies a description, a case-sensitive string of 1 to 127 characters. Examples # Configure a description for IPv4 basic ACL 2000.
To specify the IPv4 ACL type, do not specify the ipv6 keyword. Examples # Display configuration and match statistics for IPv4 basic ACL 2001. <Sysname> display acl 2001 Basic IPv4 ACL 2001, 2 rules, match-order is auto, This is an IPv4 basic ACL. ACL's step is 5 ACL accelerated rule 5 permit source 1.1.1.1 0...
Parameters summary: Displays summary information about ACL acceleration status. verbose: Displays detailed information about ACL acceleration status. ipv6: Specifies the IPv6 ACL type. acl-number: Specifies an ACL by its number. The following are available value ranges: • 2000 to 2999 for basic ACLs. •...
Page 14
Predefined user roles network-admin network-operator Parameters interface interface-type interface-number: Specifies an interface by its type and number. VLAN interfaces are not supported. If you do not specify an interface, this command displays ACL application information for packet filtering on all interfaces except VLAN interfaces. inbound: Specifies the inbound direction.
Field Description Packet filter default action for packets that do not match any IPv4 ACLs: • Deny—The default action deny has been successfully applied for packet filtering. • Deny (Failed)—The device has failed to apply the default action deny for packet filtering. The action permit still functions.
• 2000 to 2999 for basic ACLs. • 3000 to 3999 for advanced ACLs. name acl-name: Specifies an ACL by its name. The acl-name argument is a case-insensitive string of 1 to 63 characters. brief: Displays brief statistics. Usage guidelines If default, acl-number, name acl-name, or ipv6 is not specified, this command displays packet filtering statistics for all ACLs and default action statistics.
Parameters inbound: Specifies the inbound direction. outbound: Specifies the outbound direction. ipv6: Specifies the IPv6 ACL type. acl-number: Specifies an ACL by its number. The following are available value ranges: • 2000 to 2999 for basic ACLs. • 3000 to 3999 for advanced ACLs. name acl-name: Specifies an ACL by its name.
Field Description Packet filter default action for packets that do not match any IPv6 ACLs: • Deny—The default action deny has been successfully applied for packet filtering. • Deny (Failed)—The device has failed to apply the default action deny for packet filtering. The action permit still functions.
This feature does not take effect on an interface that is an aggregation member port. Examples # Apply IPv4 basic ACL 2001 to filter incoming traffic on GigabitEthernet 2/1/1. <Sysname> system-view [Sysname] interface gigabitethernet 2/1/1 [Sysname-GigabitEthernet2/1/1] packet-filter 2001 inbound Related commands display packet-filter display packet-filter statistics display packet-filter verbose...
packet-filter default deny Use packet-filter default deny to set the packet filtering default action to deny. The packet filter denies packets that do not match any ACL rule. Use undo packet-filter default deny to restore the default. Syntax packet-filter default deny undo packet-filter default deny Default The packet filtering default action is permit.
Parameters inbound: Specifies the incoming packets. outbound: Specifies the outgoing packets. Usage guidelines To enable hardware-count for the packet filtering default action on an interface, make sure you have applied ACLs to the interface for packet filtering. Examples # Set the packet filtering default action to deny. Apply IPv4 basic ACL 2001 to GigabitEthernet 2/1/1 for filtering incoming packets, and enable hardware-count for the packet filtering default action on GigabitEthernet 2/1/1.
Page 26
Parameters Function Description The address-group-name argument specifies an object group of destination IP addresses. destination The dest-address dest-wildcard arguments specify a { object-group Specifies a destination destination IP address and a wildcard mask in dotted address-group-name address. decimal notation. An all-zero wildcard mask | dest-address represents a host address.
Page 27
Table 8 TCP/UDP-specific parameters for IPv4 advanced ACL rules Parameters Function Description source-port The port-group-name argument specifies an object group of ports. { object-group Specifies one or The operator argument can be lt (lower than), gt (greater than), eq port-group-name more UDP or TCP (equal to), neq (not equal to), or range (inclusive range).
Page 28
ICMP message name ICMP message type ICMP message code host-unreachable information-reply information-request net-redirect net-tos-redirect net-unreachable parameter-problem port-unreachable protocol-unreachable reassembly-timeout source-quench source-route-failed timestamp-reply timestamp-request ttl-exceeded Usage guidelines Within an ACL, the permit or deny statement of each rule must be unique. If the rule you are creating or editing has the same deny or permit statement as another rule in the ACL, the rule will not be created or changed.
Page 30
deny: Denies matching packets. permit: Allows matching packets to pass. counting: Counts the times that the rule is matched. If you do not specify this keyword, matches for the rule are not counted. fragment: Applies the rule only to non-first fragments. If you do not specify this keyword, the rule applies to both fragments and non-fragments.
acl logging interval display acl step time-range rule (IPv6 advanced ACL view) Use rule to create or edit an IPv6 advanced ACL rule. Use undo rule to delete an entire IPv6 advanced ACL rule or some attributes in the rule. Syntax rule [ rule-id ] { deny | permit } protocol [ { { ack ack-value | fin fin-value | psh psh-value | rst rst-value | syn syn-value | urg urg-value } * | established } | counting | destination { object-group...
Page 32
• A protocol name: gre (47), icmpv6 (58), ipv6, ipv6-ah (51), ipv6-esp (50), ospf (89), tcp (6), or udp (17). The ipv6 keyword specifies all protocols. Table 11 describes the parameters that you can specify regardless of the value for the protocol argument.
Page 33
Parameters Function Description The time-range-name argument is a case-insensitive string of 1 to 32 characters. It must start with an English letter. If the time range is not configured, the system time-range Specifies a time range for creates the rule. However, the rule using the time range time-range-name the rule.
Page 34
Table 13 ICMPv6-specific parameters for IPv6 advanced ACL rules Parameters Function Description The icmp6-type argument is in the range of 0 to 255. icmp6-type The icmp6-code argument is in the range of 0 to 255. Specifies the ICMPv6 { icmp6-type The icmp6-message argument specifies a message message type and icmp6-code |...
Examples # Create an IPv6 advanced ACL rule to permit TCP packets with the destination port 80 from 2030:5060::/64 to FE80:5060::/96. <Sysname> system-view [Sysname] acl ipv6 advanced 3000 [Sysname-acl-ipv6-adv-3000] rule permit tcp source 2030:5060::/64 destination fe80:5060::/96 destination-port eq 80 # Create IPv6 advanced ACL rules to permit all IPv6 packets but the ICMPv6 packets destined for FE80:5060:1001::/48.
Usage guidelines Within an ACL, the permit or deny statement of each rule must be unique. If the rule you are creating or editing has the same deny or permit statement as another rule in the ACL, the rule will not be created or changed.
Predefined user roles network-admin Parameters rule-id: Specifies an ACL rule ID in the range of 0 to 65534. The ACL rule must already exist. text: Specifies a comment about the ACL rule, a case-sensitive string of 1 to 127 characters. Usage guidelines This command adds a comment to a rule if the rule does not have a comment.
Rule(s) : If-match not protocol ipv6 Classifier: 3 (ID 102) Operator: AND Rule(s) : -none- # Display the system-defined traffic class (default-class). <Sysname> display traffic classifier system-defined default-class System-defined classifier information: Classifier: default-class (ID 0) Operator: AND Rule(s) : If-match any Table 15 Command output Field Description...
Page 42
Table 16 Available match criteria Option Description Matches an ACL. The value range for the acl-number argument is 2000 to 5999 for IPv4 acl [ ipv6 ] { acl-number | ACLs and 2000 to 5999 for IPv6 ACLs. name acl-name } The acl-name argument is a case-insensitive string of 1 to 63 characters, which must start with an English letter.
Page 43
Option Description Matches RTP protocol ports. rtp start-port The value ranges for the start-port-number and end-port-number start-port-number end-port arguments are both 2000 to 65535. This criterion matches RTP packets end-port-number with an even UDP destination port number in the specified RTP port number range.
Page 44
802.1p priority. DSCP. IP precedence. Local precedence. MPLS EXP. • If a packet matches one of the specified values, it matches the if-match command. • To delete a criterion that has multiple values, the specified values in the undo if-match command must be identical with those specified in the if-match command.
Page 45
# Define a match criterion for traffic class class1 to match all packets. <Sysname> system-view [Sysname] traffic classifier class1 [Sysname-classifier-class1] if-match any # Define a match criterion for traffic class class1 to match the packets with a DSCP value of 1, 6, or <Sysname>...
traffic classifier Use traffic classifier to create a traffic class and enter its view, or enter the view of an existing traffic class. Use undo traffic classifier to delete a traffic class. Syntax traffic classifier classifier-name [ operator { and | or } ] undo traffic classifier classifier-name Default No traffic classes exist.
Page 47
Default No CAR action is configured. Views Traffic behavior view Predefined user roles network-admin Parameters cir committed-information-rate: Specifies the committed information rate (CIR) in kbps, which is an average traffic rate. cbs committed-burst-size: Specifies the committed burst size (CBS) in bytes. ebs excess-burst-size: Specifies the excess burst size (EBS) in bytes.
<Sysname> system-view [Sysname] traffic behavior database [Sysname-behavior-database] car cir 200 cbs 51200 ebs 0 green pass red remark-dscp-pass car percent Use car percent to configure a CAR action in percentage in a traffic behavior. Use undo car to restore the default. Syntax car cir percent cir-percent [ cbs cbs-time [ ebs ebs-time ] ] [ green action | red action | yellow action ] *...
• remark-mpls-exp-pass new-exp: Sets the EXP field value of the MPLS packet to new-exp and permits the packet to pass through. The new-exp argument is in the range of 0 to 7. • remark-prec-pass new-precedence: Sets the IP precedence of the packet to new-precedence and permits the packet to pass through.
Page 50
Parameters system-defined: Specifies system-defined traffic behaviors. user-defined: Specifies user-defined traffic behaviors. behavior-name: Specifies a behavior by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a traffic behavior, this command displays all traffic behaviors. slot slot-number: Specifies a card by its slot number.
Page 51
Behavior: af (ID 1) Assured Forwarding: Bandwidth 20 (%) Discard Method: Tail Behavior: ef (ID 2) Expedited Forwarding: Bandwidth 20 (%) Cbs-ratio 25 Behavior: be-flow-based (ID 3) Flow based Weighted Fair Queue: Max number of hashed queues: 256 Discard Method: IP Precedence based WRED Exponential Weight: 9 High Dis-prob...
Field Description Lower threshold of the queue. High Upper threshold of the queue. Dis-prob Denominator for drop probability calculation. filter Use filter to configure a traffic filtering action in a traffic behavior. Use undo filter to restore the default. Syntax filter { deny | permit } undo filter Default...
Predefined user roles network-admin Parameters cir committed-information-rate: Sets the CIR in kbps, which specifies the average traffic rate. cbs committed-burst-size: Sets the CBS in bytes, which specifies the size of bursty traffic when the actual average rate is not greater than CIR. ebs excess-burst-size: Sets the EBS in bytes.
Parameters cir cir-percent: Specifies the CIR in percentage, in the range of 1 to 100. The actual CIR value is cir-percent × interface bandwidth. cbs cbs-time: Specifies the CBS in milliseconds. The default cbs-time is 500 milliseconds. The actual CBS value is cbs-time × the actual CIR value. ebs ebs-time: Specifies the EBS in milliseconds.
[Sysname-behavior-database] remark dot1p 2 remark dscp Use remark dscp to configure a DSCP marking action in a traffic behavior. Use undo remark dscp to delete the action. Syntax remark dscp dscp-value undo remark dscp Default No DSCP marking action is configured. Views Traffic behavior view Predefined user roles...
Keyword DSCP value (binary) DSCP value (decimal) 101110 Examples # Configure traffic behavior database to mark matching traffic with DSCP 6. <Sysname> system-view [Sysname] traffic behavior database [Sysname-behavior-database] remark dscp 6 remark ip-precedence Use remark ip-precedence to configure an IP precedence marking action in a traffic behavior. Use undo remark ip-precedence to delete the action.
Predefined user roles network-admin Parameters local-precedence-value: Specifies the local precedence to be marked for packets, in the range of 0 to Examples # Configure traffic behavior database to mark matching traffic with local precedence 2. <Sysname> system-view [Sysname] traffic behavior database [Sysname-behavior-database] remark local-precedence 2 remark qos-local-id Use remark qos-local-id to configure a local QoS ID marking action in a traffic behavior.
Views Traffic behavior view Predefined user roles network-admin Parameters service-class-value: Specifies the MPLS TE CoS in the range of 0 to 7. Usage guidelines The remark service-class action can take effect only on the inbound direction of an interface. If you execute the remark service-class command multiple times in the same traffic behavior, the most recent configuration takes effect.
traffic-policy Use traffic-policy to nest a policy in a traffic behavior. Use undo traffic-policy to remove child policies from a traffic behavior. Syntax traffic-policy policy-name undo traffic-policy Default No policy is nested in a traffic behavior. Views Traffic behavior view Predefined user roles network-admin Parameters...
QoS policy commands classifier behavior Use classifier behavior to associate a traffic behavior with a traffic class in a QoS policy. Use undo classifier to delete a class-behavior association from a QoS policy. Syntax classifier classifier-name behavior behavior-name [ insert-before before-classifier-name ] undo classifier classifier-name Default No traffic behavior is associated with a traffic class.
Marking: Remark mpls-exp 4 Classifier: 3 (ID 102) Behavior: 3 -none- # Display the system-defined QoS policy (default). <Sysname> display qos policy system-defined System-defined QoS policy information: Policy: default (ID 0) Classifier: default-class (ID 0) Behavior: be -none- Classifier: ef (ID 1) Behavior: ef Expedited Forwarding: Bandwidth 20 (%) Cbs-ratio 25...
Page 63
Predefined user roles network-admin network-operator Parameters number: Specifies a tunnel interface by its number in the range of 0 to 20479. ipv4-address: Specifies the spoke's private IPv4 address of a hub-spoke tunnel. Ipv6-address: Specifies the spoke's private IPv6 address of a hub-spoke tunnel. outbound: Displays the QoS policy applied to outgoing traffic.
Table 19 Command output Field Description Hub-spoke tunnel information. A hub-spoke tunnel is uniquely identified by a tunnel interface and the spoke's Session private IPv4 or IPv6 address. The word inactive indicates that a QoS policy fails to be applied to the hub-spoke tunnel or the applied QoS policy does not exist. Direction Direction to which a QoS policy is applied on the hub-spoke tunnel.
Page 66
Classifier: a Operator: AND Rule(s) : If-match any Behavior: a Mirroring: Mirror to the interface: GigabitEthernet2/1/2 Committed Access Rate: CIR 112 (kbps), CBS 5120 (Bytes), EBS 0 (Bytes) Green action : pass Yellow action : pass Red action : discard Green packets : 0 (Packets) Red packets : 0 (Packets)
display qos policy l2vpn-pw Use display qos policy l2vpn-pw to display the QoS policies applied to PWs. Syntax display qos policy l2vpn-pw [ peer ip-address pw-id pw-id ] [ outbound ] Views Any view Predefined user roles network-admin network-operator Parameters peer ip-address pw-id pw-id: Specifies a PW by its peer PE LSR ID and its PW ID.
Page 70
# Display the QoS policy applied to user profile abc for a local user. <Sysname> display qos policy user-profile name abc user-id 30000001 inbound User-Profile: abc slot 2: User ID: 0x30000001(local) Direction: Inbound Policy: p1 Classifier: default-class Matched : 0 (Packets) 0 (Bytes) Operator: AND Rule(s) : If-match any...
Page 71
If-match any Behavior: be -none- # Display the QoS policy applied to user profile abc for all online users on a slot. <Sysname> display qos policy user-profile name abc slot 2 User-Profile: abc User ID: 0x30000000(global) Direction: Inbound Policy: p1 Classifier: default-class Matched : 0 (Packets) 0 (Bytes) Operator: AND...
Page 72
Operator: AND Rule(s) : If-match any Behavior: be -none- # Display QoS policies applied to all user profiles for all online users. <Sysname> display qos policy user-profile User-Profile: abc slot 3: User ID: 0x30000000(local) Direction: Inbound Policy: p1 Classifier: default-class Matched : 0 (Packets) 0 (Bytes) Operator: AND Rule(s) :...
Table 22 Command output Field Description Indicates a global user, who comes online from a global interface such as an global aggregate interface. local Indicates a local user, who comes online from a physical interface. Matched Number of packets that meet match criteria. Green packets Statistics about green packets.
<Sysname> system-view [Sysname] interface gigabitethernet 2/1/1 [Sysname-GigabitEthernet2/1/1] qos apply policy USER1 outbound # Apply QoS policy 1 to the outgoing traffic of PW 1 with peer PE IP address 1.1.1.1. <Sysname> system-view [Sysname] xconnect-group a [Sysname-xcg-a] connection a [Sysname-xcg-a-a] peer 1.1.1.1 pw-id 1 [Sysname-xcg-a-a-1.1.1.1-1] qos apply policy 1 outbound qos apply policy (user profile view) Use qos apply policy global to apply a QoS policy to a user profile.
Default No QoS policies exist. Views System view Predefined user roles network-admin Parameters policy-name: Specifies a name for the QoS policy, a case-sensitive string of 1 to 31 characters. Usage guidelines To delete a QoS policy that has been applied to an object, you must first remove the QoS policy from the object.
Examples # Clear the statistics for the QoS policy applied to the outgoing traffic of the hub-spoke tunnel with spoke's IPv4 address 192.168.0.3 on tunnel interface 1. <Sysname> reset qos policy advpn tunnel 1 192.168.0.3 outbound QoS policy-based traffic rate statistics collection period commands qos flow-interval Use qos flow-interval to set the QoS policy-based traffic rate statistics collection period for an...
Traffic policing, GTS, and rate limit commands Traffic policing commands display qos car interface Use display qos car interface to display the CAR information for interfaces. Syntax display qos car interface [ interface-type interface-number ] Views Any view Predefined user roles network-admin network-operator Parameters...
Red packets : 0 (Packets), 0 (Bytes) Table 23 Command output Field Description Interface Interface name, including interface type and interface number. Direction Direction in which traffic policing is applied. Rule Match criteria. CIR in kbps (if the CIR is specified in absolute value) or in percentage (if the CIR is specified in percentage).
Examples # Display all CAR lists. <Sysname> display qos carl List Rules destination-ip-address range 1.1.1.1 to 1.1.1.2 per-address shared-bandwidth destination-ip-address subnet 1.1.1.1 22 per-address shared-bandwidth dscp 1 2 3 4 5 6 7 cs1 mac 0000-0000-0000 mpls-exp 0 1 2 precedence 0 1 2 3 4 5 6 7 source-ip-address range 1.1.1.1 to 1.1.1.2 source-ip-address subnet 1.1.1.1 31...
Page 80
pir peak-information-rate: Specifies the PIR in kbps. green: Specifies the action to take on packets when the traffic rate conforms to the CIR. The default is pass. red: Specifies the action to take on packets when the traffic rate conforms to neither CIR nor PIR. The default is discard.
<Sysname> system-view [Sysname] interface gigabitethernet 2/1/1 [Sysname-GigabitEthernet2/1/1] qos car outbound any cir 200 cbs 5120 ebs 0 green pass red remark-prec-pass 0 Related commands display qos car interface qos carl qos car (user profile view) Use qos car to configure a CAR policy for a user profile. Use undo qos car to delete a CAR policy from a user profile.
• The CIR is 200 kbps. • The CBS is 51200 bytes. <Sysname> system-view [Sysname] user-profile user [Sysname-user-profile-user] qos car outbound any cir 200 cbs 51200 qos carl Use qos carl to create or modify a CAR list. Use undo qos carl to delete a CAR list. Syntax qos carl carl-index { dscp dscp-list | mac mac-address | mpls-exp mpls-exp-value | precedence precedence-value | { destination-ip-address | source-ip-address } { range start-ip-address to...
per-address: Performs per-IP address rate limiting within the network segment. When this keyword is specified, the CIR is dedicated bandwidth for each IP address and is not shared by any other IP address. If you do not specify this keyword, the following events occur: •...
Page 84
Syntax display qos gts interface [ interface-type interface-number ] Views Any view Predefined user roles network-admin network-operator Parameters interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays the GTS information for all interfaces. Examples # Display the GTS information for all interfaces.
Field Description Queue Size Number of packets in the buffer. Passed Number and bytes of packets that have been forwarded. Discarded Number and bytes of dropped packets. Delayed Number and bytes of delayed packets. qos gts Use qos gts to set GTS parameters on an interface. Use undo qos gts to delete the GTS configuration on an interface.
CIR 1024 (kbps), CBS 64000 (Bytes), EBS 0 (Bytes) Passed : 0 (Packets) 0 (Bytes) Delayed : 0 (Packets) 0 (Bytes) Active shaping: No Table 25 Command output Field Description Interface Interface name, including the interface type and interface number. L2VPN-PW A PW is uniquely identified by a combination of the peer PE IP address and PW ID.
Page 88
Parameters outbound: Limits the rate of outgoing packets. cir committed-information-rate: Specifies the CIR in kbps. cbs committed-burst-size: Specifies the CBS in bytes. ebs excess-burst-size: Specifies the EBS in bytes, which is the traffic exceeding CBS when two token buckets are used. Examples # Limit the rate of outgoing packets on GigabitEthernet 2/1/1, with CIR 200 kbps and CBS 51200 bytes.
Congestion management commands Common commands display qos queue interface Use display qos queue interface to display the queuing information for interfaces. Syntax display qos queue interface [ interface-type interface-number ] Views Any view Predefined user roles network-admin network-operator Parameters interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays the queuing information for all interfaces.
Field Description Max active Maximum number of active WFQ queues that was reached. Total Total number of configured WFQ queues. display qos queue l2vpn-pw Use display qos queue l2vpn-pw to display the queuing information for PWs. Syntax display qos queue l2vpn-pw [ peer ip-address pw-id pw-id ] Views Any view Predefined user roles...
Field Description Active Number of active WFQ queues. Max active Maximum number of active WFQ queues that was reached. Total Total number of configured WFQ queues. reset qos statistics l2vpn-pw Use reset qos statistics l2vpn-pw to clear the QoS statistics for PWs. Syntax reset qos statistics l2vpn-pw [ peer ip-address pw-id pw-id ] Views...
Usage guidelines For FIFO queuing to take effect on a subinterface, you must configure the rate limit on the subinterface. Examples # Set the FIFO queue length to 100 on GigabitEthernet 2/1/1. <Sysname> system-view [Sysname] interface gigabitethernet 2/1/1 [Sysname-GigabitEthernet2/1/1] qos fifo queue-length 100 Related commands display qos queue fifo interface PQ commands...
Field Description Length Number of packets allowed in each queue. Discards Number of dropped packets. Top priority queue. Middle Middle priority queue. Normal Normal priority queue. Bottom Bottom priority queue. display qos pql Use display qos pql to display the PQ list configuration. Syntax In standalone mode: display qos pql [ pql-index ] [ slot slot-number ]...
qos pq Use qos pq to apply a PQ list to an interface. Use undo qos pq to restore the default. Syntax qos pq pql pql-index undo qos pq Default An interface uses FIFO queuing. Views Interface view Predefined user roles network-admin Parameters pql pql-index: Specifies a PQ list by its number in the range of 1 to 16.
Predefined user roles network-admin Parameters pql-index: Specifies a PQ list by its number in the range of 1 to 16. top, middle, normal, bottom: Specifies a priority queue. The four queues are in descending priority order. Usage guidelines If a packet does not match any criteria in a PQ list, the packet is assigned to the default queue of the PQ list.
[Sysname] qos pql 12 inbound-interface gigabitethernet 2/1/1 queue middle qos pql local-precedence Use qos pql local-precedence to configure an assignment rule for a PQ list to assign packets with any of the specified local precedence values to a priority queue. Use undo qos pql local-precedence to delete an assignment rule based on the specified local precedence values from a PQ list.
Views System view Predefined user roles network-admin Parameters pql-index: Specifies a PQ list by its number in the range of 1 to 16. top, middle, normal, bottom: Specifies a priority queue. The four queues are in descending priority order. queue-key key-value: Matches specific IP or IPv6 packets. If you specify neither the queue-key argument nor the key-value argument, all IP or IPv6 packets are matched.
Default No assignment rule is configured for a PQ list. Views System view Predefined user roles network-admin Parameters pql-index: Specifies a PQ list by its number in the range of 1 to 16. exp-list: Specifies a space-separated list of up to eight MPLS EXP values. The value range is 0 to 7. top, middle, normal, bottom: Specifies a priority queue.
Examples # In PQ list 10, set the length of the top queue to 10. <Sysname> system-view [Sysname] qos pql 10 queue top queue-length 10 CQ commands display qos queue cq interface Use display qos queue cq interface to display the CQ information for interfaces. Syntax display qos queue cq interface [ interface-type interface-number ] Views...
Views Interface view Predefined user roles network-admin Parameters cql cql-index: Specifies a CQ list by its number in the range of 1 to 16. Usage guidelines If you execute this command multiple times on an interface, the most recent configuration takes effect.
Usage guidelines If a packet does not match any criteria in a CQ list, the packet is assigned to the default queue of the CQ list. Examples # Specify queue 2 as the default queue for CQ list 5. <Sysname> system-view [Sysname] qos cql 5 default-queue 2 qos cql inbound-interface Use qos cql inbound-interface to configure an assignment rule for a CQ list to assign packets...
undo qos cql cql-index local-precedence local-precedence-list Default No assignment rule is configured for a CQ list. Views System view Predefined user roles network-admin Parameters cql-index: Specifies a CQ list by its number in the range of 1 to 16. local-precedence-list: Specifies a space-separated list of up to eight local precedence values. The value range is 0 to 7.
Table 32 Values of the queue-key argument and the key-value argument queue-key key-value Description ACL number in the range of Packets matching a specific ACL are enqueued. 2000 to 3999 fragments Fragmented packets are enqueued. Length in the range of 0 to greater-than Packets greater than a specific size are enqueued.
Usage guidelines You can configure this command multiple times for the same CQ list to establish multiple assignment rules based on MPLS EXP values. Examples # In CQ list 5, assign packets with MPLS EXP value 2 or 4 to custom queue 3. <Sysname>...
Default The number of bytes forwarded from a queue during a cycle is 1500 bytes. Views System view Predefined user roles network-admin Parameters cql-index: Specifies a CQ list by its number in the range of 1 to 16. queue-id: Specifies a custom queue by its ID in the range of 1 to 16. byte-count: Specifies the number of bytes forwarded from a queue during a cycle of queue scheduling.
Predefined user roles network-admin Parameters dscp: Specifies a DSCP weight. precedence: Specifies an IP precedence weight. queue-length max-queue-length: Specifies the maximum number of packets a queue can hold. The value range for the max-queue-length argument is 1 to 1024, and the default is 64. queue-number total-queue-number: Specifies the total number of queues, which can be 16, 32, 64, 128, 256, 512, 1024, 2048, or 4096.
Usage guidelines If you specify a VT interface, this command displays the RTPQ information for all VA interfaces of the VT interface. A VT interface itself does not have QoS information. Examples # Display the RTPQ information for GigabitEthernet 2/1/1. <Sysname>...
Examples # Enable RTPQ on GigabitEthernet 2/1/1 for RTP packets with a destination UDP port number in the range of 16384 to 32767. <Sysname> system-view [Sysname] interface gigabitethernet 2/1/1 [Sysname-GigabitEthernet2/1/1] qos rtpq start-port 16384 end-port 32767 bandwidth 64 CBQ commands display qos queue cbq Use display qos queue cbq to display the CBQ information for interfaces or PWs.
BE Queues: Active/Max active/Total 0/0/256 AF Queues: Allocated 1 Bandwidth(kbps): Available/Max reserve 74992/75000 Table 35 Command output Field Description Interface Interface name, including the interface type and interface number. A PW is uniquely identified by a combination of the peer PE IP L2VPN-PW address and PW ID.
Use the default maximum reserved bandwidth setting in most situations. If you adjust the setting, make sure the Layer 2 frame header plus the data traffic is under the maximum available bandwidth of the interface. The maximum available bandwidth of an interface can be set by using the bandwidth command. For more information about this command, see Interface Command Reference.
Related commands display qos queue cbq interface traffic behavior queue ef Use queue ef to configure expedited forwarding (EF) and assign its maximum bandwidth. Use undo queue ef to restore the default. Syntax queue ef bandwidth { bandwidth [ cbs burst ] | pct percentage [ cbs-ratio ratio ] } undo queue ef Default EF is not configured.
Default WFQ is not configured for the default class. Views Traffic behavior view Predefined user roles network-admin Parameters queue-number total-queue-number: Specifies the number of fair queues, which can be 16, 32, 64, 128, 256, 512, 1024, 2048, or 4096. The default is 256. Usage guidelines The traffic behavior configured with this command can only be associated with the default class.
The undo queue af or undo queue wfq command deletes the queue length configured by using the queue-length command. Examples # Set the maximum queue length to 16 and specify tail drop for AF. <Sysname> system-view [Sysname] traffic behavior database [Sysname-behavior-database] queue af bandwidth 200 [Sysname-behavior-database] queue-length 16 Related commands...
Related commands queue af queue wfq wred dscp Use wred dscp to set the lower limit, upper limit, and drop probability denominator for packets with a DSCP value. Use undo wred dscp to delete the settings for a DSCP value. Syntax wred dscp dscp-value low-limit low-limit high-limit high-limit [ discard-probability discard-prob ] undo wred dscp dscp-value...
wred wred ip-precedence Use wred ip-precedence to set the lower limit, upper limit, and drop probability denominator for packets with an IP precedence value. Use undo wred ip-precedence to delete the settings for an IP precedence value. Syntax wred ip-precedence precedence low-limit low-limit high-limit high-limit [ discard-probability discard-prob ] undo wred ip-precedence precedence Default...
wred weighting-constant Use wred weighting-constant to set the exponent for WRED to calculate the average queue size. Use undo wred weighting-constant to restore the default. Syntax wred weighting-constant exponent undo wred weighting-constant Default The exponent for WRED to calculate the average queue size is 9. Views Traffic behavior view Predefined user roles...
Page 121
Default Packet information pre-extraction is disabled on an interface. Views Tunnel interface view Predefined user roles network-admin Examples # Enable packet information pre-extraction on Tunnel 1. <Sysname> system-view [Sysname] interface tunnel 1 [Sysname-Tunnel1] qos pre-classify...
Congestion avoidance commands display qos wred interface Use display qos wred interface to display the WRED information for interfaces. Syntax display qos wred interface [ interface-type interface-number ] Views Any view Predefined user roles network-admin network-operator Parameters interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays the WRED information for all interfaces.
qos wred enable Use qos wred enable to enable WRED on an interface. Use undo qos wred enable to restore the default. Syntax qos wred [ dscp | ip-precedence ] enable undo qos wred [ dscp | ip-precedence ] enable Default Tail drop is used.
Views Interface view Predefined user roles network-admin Parameters dscp-value: Specifies a DSCP value in the range of 0 to 63. This argument can also be represented by using one of the keywords listed in Table low limit low-limit: Specifies the lower WRED limit (in packets) in the range of 1 to 1024. high-limit high-limit: Specifies the upper WRED limit (in packets) in the range of 1 to 1024.
Parameters ip-precedence precedence: Specifies an IP precedence value in the range of 0 to 7. low limit low-limit: Specifies the lower WRED limit (in packets) in the range of 1 to 1024. high-limit high-limit: Specifies the upper WRED limit (in packets) in the range of 1 to 1024. discard-probability discard-prob: Specifies the denominator for drop probability calculation, in the range of 1 to 255.
Page 126
Examples # Set the exponent for the average queue size calculation to 6 on GigabitEthernet 2/1/1. <Sysname> system-view [Sysname] interface gigabitethernet 2/1/1 [Sysname-GigabitEthernet2/1/1] qos wfq queue-length 100 queue-number 512 [Sysname-GigabitEthernet2/1/1] qos wred enable [Sysname-GigabitEthernet2/1/1] qos wred weighting-constant 6 Related commands display qos wred interface qos wred enable...
MPLS QoS commands if-match mpls-exp Use if-match mpls-exp to define a criterion to match the EXP field in the first (topmost) MPLS label. Use undo if-match mpls-exp to delete the match criterion. Syntax if-match [ not ] mpls-exp exp-value&<1-8> undo if-match [ not ] mpls-exp exp-value&<1-8> Default No criterion is defined to match the EXP field in the first (topmost) MPLS label.
Parameters not: Matches packets not conforming to the specified criterion. exp-value&<1-8>: Specifies a space-separated list of up to eight EXP values. The value range for the exp-value argument is 0 to 7. If the same MPLS EXP value is specified multiple times, the system considers them as one.
Page 129
Default No EXP value marking action is configured for the second label in a traffic behavior. Views Traffic behavior view Predefined user roles network-admin Parameters exp-value: Specifies an EXP value in the range of 0 to 7. Examples # Set the EXP value to 0 for the second label of MPLS packets. <Sysname>...
FR QoS commands Use cbs to set the CBS for an FR class. Use undo cbs to delete the CBS setting of an FR class. Syntax cbs [ inbound | outbound ] committed-burst-size undo cbs [ inbound | outbound ] Default The CBS for an FR class is 56000 bits.
undo cir Default The CIR for an FR class is 56000 bps. Views FR class view Predefined user roles network-admin Parameters committed-information-rate: Sets the CIR in the range of 1000 to 45000000 bps. Usage guidelines The set CIR takes effect on both incoming and outgoing traffic and must be equal to or smaller than the outbound CIR ALLOW.
Usage guidelines The outbound CIR ALLOW must be greater than or equal to the CIR. If you do not specify the inbound or outbound keyword, the set CIR ALLOW takes effect on both incoming and outgoing packets. Examples # Set the CIR ALLOW to 64000 bps for FR class test1. <Sysname>...
Usage guidelines If you do not specify the inbound or outbound keyword, the set EBS takes effect on both incoming and outgoing packets. Examples # Set the EBS to 32000 bits for FR class test1. <Sysname> system-view [Sysname] fr class test1 [Sysname-fr-class-test1] ebs 32000 Related commands cir allow...
Default End-to-end FRF.12 fragmentation is disabled for an FR class. Views FR class view Predefined user roles network-admin Usage guidelines This command enables end-to-end FRF.12 fragmentation on all PVCs associated with an FR class or PVCs of all interfaces associated with an FR class. Examples # Enable Frame Relay FRF.12 fragmentation for FR class test1.
undo fr class class-name Default No FR classes exist. Views System view Predefined user roles network-admin Parameters class-name: Specifies the name of the FR class, a case-sensitive string of 1 to 30 characters. Usage guidelines For the FR class parameters to take effect, associate the FR class with an interface or PVC and enable FR QoS on the interface.
After a DE rule list is applied to an FR PVC, the DE bits of packets matching the DE rule list are set to Examples # Apply DE rule list 3 to DLCI 100 of Serial 2/1/1. <Sysname> system-view [Sysname] interface Serial 2/1/1 [Sysname-Serial2/1/1] fr dlci 100 [Sysname-Serial2/1/1-fr-dlci-100] quit [Sysname-Serial2/1/1] fr de del 3 dlci 100...
fr del protocol Use fr del protocol ip to create a DE rule list and add an IP protocol-based DE rule. Use undo fr del protocol ip to delete an IP protocol-based DE rule from a DE rule list. Syntax fr del list-number protocol ip [ acl acl-number | fragments | greater-than min-number | less-than max-number | tcp-port tcpport-number | udp-port udpport-number ] undo fr del list-number protocol ip [ fragments | acl acl-number | less-than bytes | greater-than...
Page 139
Application name TCP port number hostname ident klogin kshell login nntp pop2 pop3 smtp sunrpc tacacs talk telnet time uucp whois udp-port udpport-number: Specifies the IP packets with the specified source or destination UDP port number. The value range for the udpport-number argument is 0 to 65535. The udpport-number argument can be either an upper-layer application name or the associated port number.
Application name UDP port number snmp snmptrap sunrpc syslog tacacs talk tftp time xdmcp Usage guidelines If you do not specify any parameters, this command applies to all IP packets. To add more IP protocol-based DE rules to a DE rule list, repeat this command. A DE rule list can contain both interface-based DE rules and IP-protocol-based DE rules.
Usage guidelines FRTP is applicable only to the ingress interfaces on the DCE of an FR network. Examples # Enable FRTP on Serial 2/1/1. <Sysname> system-view [Sysname] interface Serial 2/1/1 [Sysname-Serial2/1/1] fr traffic-policing Related commands fr class fr traffic-shaping Use fr traffic-shaping to enable FRTS. Use undo fr traffic-shaping to disable FRTS.
Views FR interface (main interface or subinterface) view FR PVC view Predefined user roles network-admin Parameters class-name: Specifies an FR class by its name, a case-sensitive string of 1 to 30 characters. The FC class must already exist. Usage guidelines For an interface associated with an FR class, all PVCs on the interface inherit the FR QoS parameters in the FR class.
For interface congestion-based adaptation, the router reduces the transmission rates of all FRTS-enabled PVCs associated with the FR class when the number of packets in the output queue reaches the threshold. When the number of packets drops below the threshold, the router increases the transmission rates of those PVCs.
Time range commands display time-range Use display time-range to display time range configuration and status. Syntax display time-range { time-range-name | all } Views Any view Predefined user roles network-admin network-operator Parameters time-range-name: Specifies a time range name, a case-insensitive string of 1 to 32 characters. all: Displays the configuration and status of all existing time ranges.
Page 145
Default No time ranges exist. Views System view Predefined user roles network-admin Parameters time-range-name: Specifies a time range name. The name is a case-insensitive string of 1 to 32 characters. To avoid confusion, it cannot be all. start-time to end-time: Specifies a periodic statement. Both start-time and end-time are in hh:mm format (24-hour clock).
Page 146
Combining all periodic statements. Combining all absolute statements. Taking the intersection of the two statement sets as the active period of the time range. Examples # Create a periodic time range t1, setting it to be active between 8:00 to 18:00 during working days. <Sysname>...
Document conventions and icons Conventions This section describes the conventions used in the documentation. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional.
Network topology icons Convention Description Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.
Support and other resources Accessing Hewlett Packard Enterprise Support • For live assistance, go to the Contact Hewlett Packard Enterprise Worldwide website: www.hpe.com/assistance • To access documentation and support services, go to the Hewlett Packard Enterprise Support Center website: www.hpe.com/support/hpesc Information to collect •...
For more information and device support details, go to the following website: www.hpe.com/info/insightremotesupport/docs Documentation feedback Hewlett Packard Enterprise is committed to providing documentation that meets your needs. To help us improve the documentation, send any errors, suggestions, or comments to Documentation Feedback (docsfeedback@hpe.com). When submitting your feedback, include the document title,...
Page 151
part number, edition, and publication date located on the front cover of the document. For online help content, include the product name, product version, help edition, and publication date located on the legal notices page.
Index A C D E F G I P Q R S T W display traffic behavior,44 display traffic classifier,35 accelerate,1 acl,1 copy,3 ebs,128 acl logging interval,4 acl trap interval,5 fifo queue-length,129 filter,47 car,41 class,130 percent,43 fr de del,131 cbs,125 fr del inbound-interface,132 cir,125...