H3C S5120-EI Series Configuration Manual
  1. Manuals
  2. Brands
  3. H3C Manuals
  4. Network Router
  5. S5120-EI Series
  6. Configuration manual
H3C S5120-EI Series Configuration Manual

H3C S5120-EI Series Configuration Manual

Acl and qos
Hide thumbs Also See for S5120-EI Series:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Configuration Manual, Operating Manual
H3C S5120-EI Series Ethernet Switches
ACL and QoS
Configuration Guide
Hangzhou H3C Technologies Co., Ltd.
http://www.h3c.com
Document Version: 6W102-20100722
Product Version: Release 2202

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the S5120-EI Series and is the answer not in the manual?

Questions and answers

Related Manuals for H3C S5120-EI Series

Summary of Contents for H3C S5120-EI Series

  • Page 1 H3C S5120-EI Series Ethernet Switches ACL and QoS Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Document Version: 6W102-20100722 Product Version: Release 2202...
  • Page 2 SecPro, SecPoint, SecEngine, SecPath, Comware, Secware, Storware, NQA, VVG, V G, V G, PSPT, XGbus, N-Bus, TiGem, InnoVision and HUASAN are trademarks of Hangzhou H3C Technologies Co., Ltd. All other trademarks that may be mentioned in this manual are the property of their respective owners.
  • Page 3 The H3C S5120-EI documentation set includes 10 configuration guides, which describe the software features for the S5120-EI Series Ethernet Switches and guide you through the software configuration procedures. These configuration guides also provide configuration examples to help you apply software features to different network scenarios.
  • Page 4 Convention Description Means reader be careful. Improper operation may cause data loss or damage to equipment. Means a complementary description. About the H3C S5120-EI Documentation Set The H3C S5120-EI documentation set also includes: Category Documents Purposes Product Marketing brochures Describe product specifications and benefits.
  • Page 5 Obtaining Documentation You can access the most up-to-date H3C product documentation on the World Wide Web at http://www.h3c.com. Click the links on the top navigation bar to obtain different categories of product documentation: [Technical Support & Documents > Technical Documents] –...

  • Page 6: Table Of Contents

    Table of Contents 1 ACL Configuration·····································································································································1-1 ACL Overview ·········································································································································1-1 Introduction to ACL··························································································································1-1 Application of ACLs on the Switch ··································································································1-2 ACL Classification ···························································································································1-2 ACL Numbering and Naming ··········································································································1-3 Match Order·····································································································································1-3 ACL Rule Numbering Step ··············································································································1-4 Implementing Time-Based ACL Rules ····························································································1-5 IPv4 Fragments Filtering with ACLs ································································································1-5 ACL Configuration Task List ···················································································································1-5 Configuring an ACL·································································································································1-6 Creating a Time Range ···················································································································1-6...
  • Page 7 4 Priority Mapping Configuration················································································································4-1 Priority Mapping Overview ······················································································································4-1 Introduction to Priority Mapping·······································································································4-1 Priority Mapping Tables···················································································································4-1 Priority Trust Mode on a Port ··········································································································4-2 Priority Mapping Procedure·············································································································4-2 Priority Mapping Configuration Tasks ·····································································································4-3 Configuring Priority Mapping···················································································································4-4 Configuring a Priority Mapping Table ······························································································4-4 Configuring the Priority Trust Mode on a Port·················································································4-4 Configuring the Port Priority of a Port······························································································4-5 Displaying and Maintaining Priority Mapping··························································································4-6 Priority Mapping Configuration Examples·······························································································4-6...
  • Page 8 Traffic Filtering Configuration Example···································································································7-2 Traffic Filtering Configuration Example ···························································································7-2 8 Priority Marking Configuration·················································································································8-1 Priority Marking Overview ·······················································································································8-1 Configuring Priority Marking····················································································································8-1 Priority Marking Configuration Example··································································································8-2 Priority Marking Configuration Example ··························································································8-2 9 Traffic Redirecting Configuration ············································································································9-1 Traffic Redirecting Overview···················································································································9-1 Traffic Redirecting ···························································································································9-1 Configuring Traffic Redirecting ···············································································································9-1 10 Class-Based Accounting Configuration······························································································10-1 Class-Based Accounting Overview·······································································································10-1...

  • Page 9: Acl Configuration

    ACL Configuration This chapter includes these sections: ACL Overview ACL Configuration Task List Configuring an ACL Creating a Time Range Configuring a Basic ACL Configuring an Advanced ACL Configuring an Ethernet Frame Header ACL Copying an ACL Displaying and Maintaining ACLs ACL Configuration Examples Unless otherwise stated, ACLs refer to both IPv4 and IPv6 ACLs throughout this document.

  • Page 10: Application Of Acls On The Switch

    ACLs are sets of rules (or sets of permit or deny statements) that decide what packets can pass and what should be rejected based on matching criteria such as source MAC address, destination MAC address, source IP address, destination IP address, and port number. Application of ACLs on the Switch The switch supports two ACL application modes: Hardware-based application: An ACL is assigned to a piece of hardware.

  • Page 11: Acl Numbering And Naming

    Category ACL number IP version Match criteria Source/destination IPv6 address, protocols over IPv6 IPv6, and other Layer 3 and Layer 4 header fields Layer 2 header fields, such as source and Ethernet frame 4000 to 4999 IPv4 and IPv6 destination MAC addresses, 802.1p priority, header ACLs and link layer protocol type ACL Numbering and Naming...

  • Page 12: Acl Rule Numbering Step

    ACL category Depth-first rule sorting procedures A rule configured with a longer prefix for the source IP address takes precedence. A longer prefix means a narrower IP address range. IPv6 basic ACL A rule with a smaller ID takes precedence. A rule configured with a specific protocol is prior to a rule with the protocol type set to IP.

  • Page 13: Implementing Time-Based Acl Rules

    For example, if the numbering step is 5 (the default), and there are five ACL rules numbered 0, 5, 9, 10, and 12, the newly defined rule will be numbered 15. If the ACL does not contain any rule, the first rule will be numbered 0.

  • Page 14: Configuring An Acl

    IPv6 ACL configuration task list Complete the following tasks to configure an IPv6 ACL: Task Remarks Creating a Time Range Optional Configuring an IPv6 basic ACL Required Configuring an IPv6 Advanced ACL Configure at least one task Configuring an Ethernet Frame Header ACL Copying an IPv6 ACL Optional Applying an IPv6 ACL for Packet Filtering...
  • Page 15 To do… Use the command… Remarks Required By default, no ACL exists. IPv4 basic ACLs are numbered in acl number acl-number [ name Create an IPv4 basic ACL and the range 2000 to 2999. acl-name ] [ match-order { auto | enter its view You can use the acl name config } ]...
  • Page 16 You can modify the match order of an ACL with the acl number acl-number [ name acl-name ] match-order { auto | config } command but only when it does not contain any rules. Configuring an IPv6 basic ACL Follow these steps to configure an IPv6 basic ACL: To do…...

  • Page 17: Configuring An Advanced Acl

    You can only modify the existing rules of an ACL that uses the match order of config. When modifying a rule of such an ACL, you may choose to change just some of the settings, in which case the other settings remain the same. You cannot create a rule with, or modify a rule to have, the same permit/deny statement as an existing rule in the ACL.
  • Page 18 To do… Use the command… Remarks rule [ rule-id ] { deny | permit } protocol [ { established | { ack Required ack-value | fin fin-value | psh psh-value | rst rst-value | syn By default, an IPv4 advanced ACL syn-value | urg urg-value } * } | does not contain any rule.
  • Page 19 Follow these steps to configure an IPv6 advanced ACL: To do… Use the command… Remarks Enter system view –– system-view Required By default, no ACL exists. IPv6 advanced ACLs are acl ipv6 number acl6-number [ name numbered in the range 3000 to Create an IPv6 advanced ACL acl6-name ] [ match-order { auto | 3999.

  • Page 20: Configuring An Ethernet Frame Header Acl

    Note that: You can only modify the existing rules of an ACL that uses the match order of config. When modifying a rule of such an ACL, you may choose to change just some of the settings, in which case the other settings remain the same. You cannot create a rule with, or modify a rule to have, the same permit/deny statement as an existing rule in the ACL.

  • Page 21: Copying An Acl

    To do… Use the command… Remarks Required By default an Ethernet frame rule [ rule-id ] { deny | permit } header ACL does not contain any [ cos vlan-pri | dest-mac rule. dest-addr dest-mask | lsap lsap-code lsap-wildcard | To create or edit multiple rules, Create or edit a rule source-mac sour-addr...

  • Page 22: Applying An Acl For Packet Filtering

    To do… Use the command… Remarks Enter system view system-view — acl copy { source-acl-number | Copy an existing IPv4 ACL to name source-acl-name } to Required create a new IPv4 ACL { dest-acl-number | name dest-acl-name } Copying an IPv6 ACL Follow these steps to copy an IPv6 ACL: To do…...

  • Page 23: Displaying And Maintaining Acls

    To do… Use the command… Remarks Enter system view system-view — Enter Ethernet interface view or interface interface-type — VLAN interface view interface-number Required Apply an IPv4 ACL to the interface packet-filter { acl-number | name By default, no IPv4 ACL is applied to filter IPv4 packets acl-name } inbound to the interface.

  • Page 24: Acl Configuration Examples

    To do... Use the command… Remarks Display configuration and match display acl ipv6 { acl6-number | all | Available in any view statistics for one or all IPv6 ACLs name acl6-name } Display the usage of ACL display acl resource [ slot slot-number ] Available in any view resources Display the configuration and...

  • Page 25: Ipv6 Acl Application Configuration Example

    [DeviceA] interface GigabitEthernet 1/0/1 [DeviceA-GigabitEthernet1/0/1] packet-filter 2009 inbound [DeviceA-GigabitEthernet1/0/1] quit # Enable the device to generate and output IPv4 packet filtering logs at 10-minute intervals. [DeviceA] acl logging frequence 10 # Configure the device to output informational log messages to the console. [DeviceA] info-center source default channel 0 log level informational IPv6 ACL Application Configuration Example Network requirements...

  • Page 26: Qos Overview

    QoS Overview This chapter covers the following topics: Introduction to QoS Introduction to QoS Service Models QoS Techniques Overview Introduction to QoS For network traffic, the Quality of Service (QoS) involves bandwidth, delay, and packet loss rate during traffic forwarding process. In a network, you can improve the QoS by guaranteeing the bandwidth, and reducing the delay, jitter, and packet loss rate.

  • Page 27: Diffserv Service Model

    requested, reserved, and pre-purchased resources. The Inter-Serv model can definitely identify and guarantee QoS for each data flow, and provides the most granularly differentiated QoS. However, the Inter-Serv model imposes extremely high requirements on devices. In a network with heavy data traffic, the Inter-Serv model imposes very great pressure on the storage and processing capabilities of devices.
  • Page 28 Traffic shaping proactively adjusts the output rate of traffic to adapt traffic to the network resources of the downstream device and avoid unnecessary packet drop. Traffic shaping is usually applied to the outgoing traffic of a port. Congestion management provides a resource scheduling policy to arrange the forwarding sequence of packets when congestion occurs.

  • Page 29: Qos Configuration Approaches

    QoS Configuration Approaches This chapter covers the following topics: QoS Configuration Approach Overview Configuring a QoS Policy QoS Configuration Approach Overview Two approaches are available for you to configure QoS: policy-based and non policy-based. Some QoS features can be configured in either approach while some can be configured only in one approach.

  • Page 30: Defining A Class

    Figure 3-1 QoS policy configuration procedure Define a class Define a behavior Define a policy Apply the policy Apply the Apply the Apply the Apply the policy to policy to a policy policy to an online VLAN globally interface users Defining a Class To define a class, you need to specify a name for it and then configure match criteria in class view.
  • Page 31 Table 3-1 The keyword and argument combinations for the match-criteria argument Form Description Matches an ACL The acl-number argument ranges from 2000 to 4999 for an IPv4 ACL, and 2000 to 3999 for an IPv6 ACL. acl [ ipv6 ] { acl-number | name acl-name } The acl-name argument is a case-insensitive string of 1 to 32 characters, which must start with an English letter from a to z or A to Z, and cannot be all to avoid...

  • Page 32: Defining A Traffic Behavior

    Suppose the logical relationship between classification rules is and. Note the following when using the if-match command to define matching rules. If multiple matching rules with the acl or acl ipv6 keyword specified are defined in a class, the actual logical relationship between these rules is or when the policy is applied. If multiple matching rules with the customer-vlan-id or service-vlan-id keyword specified are defined in a class, the actual logical relationship between these rules is or.

  • Page 33: Defining A Policy

    Defining a Policy In a policy, you can define multiple class-behavior associations. A behavior is performed for the associated class of packets. In this way, various QoS features can be implemented. If a QoS policy contains multiple class-behavior associations, they are matched in the order they are configured.
  • Page 34 You cannot modify the classification rules, traffic behaviors, and classifier-behavior associations in a QoS policy already applied. To check whether a QoS policy has been applied successfully, use the display qos policy interface command. The switch may save the applications of some QoS policies that have failed to be applied due to insufficient hardware resources in the configuration file.
  • Page 35 To do… Use the command… Remarks Required The configuration made in user profile view takes effect when the user-profile is activated and there Enter user profile view user-profile profile-name are online users. See User Profile Configuration in the Security Configuration Guide for more information about user profiles.

  • Page 36: Displaying And Maintaining Qos Policies

    QoS policies cannot be applied to dynamic VLANs, for example, VLANs created by GVRP. Do not apply a QoS policy to a VLAN and the ports in the VLAN at the same time. Applying the QoS policy globally You can apply a QoS policy globally to the inbound or outbound direction of all ports. Follow these steps to apply the QoS policy globally: To do…...
  • Page 37 To do… Use the command… Remarks Clear the statistics of QoS policies reset qos vlan-policy [ vlan Available in user view applied to VLANs vlan-id ] [ inbound ] Clear the statistics for a QoS policy reset qos policy global Available in user view applied globally [ inbound ]...

  • Page 38: Priority Mapping Configuration

    Priority Mapping Configuration When configuring priority mapping, go to these sections for information you are interested in: Priority Mapping Overview Priority Mapping Configuration Tasks Configuring Priority Mapping Displaying and Maintaining Priority Mapping Priority Mapping Configuration Examples Priority Mapping Overview Introduction to Priority Mapping The priorities of a packet determine its transmission priority.

  • Page 39: Priority Trust Mode On A Port

    The priority trust mode on a port decides which priority is used for priority mapping table lookup. For the priority mapping purpose, port priority was introduced so that you can use it for priority mapping in addition to priority fields carried in packets. There are three priority trust modes on H3C S5120-EI series switches: dot1p: Uses the 802.1p priority carried in packets for priority mapping.

  • Page 40: Priority Mapping Configuration Tasks

    Figure 4-1 Priority mapping procedure for an Ethernet packet Receive a packet on a port Which priority is 802.1p trusted on the Port priority in packets port? Use the port priority as the Use the port priority DSCP 802.1p priority for Is the packet as the 802.1p priority in packets...

  • Page 41: Configuring Priority Mapping

    Task Remarks Configuring a Priority Mapping Table Optional Configuring the Priority Trust Mode on a Port Optional Configuring the Port Priority of a Port Optional Configuring Priority Mapping Configuring a Priority Mapping Table Follow these steps to configure an uncolored priority mapping table: To do…...

  • Page 42: Configuring The Port Priority Of A Port

    To do… Use the command… Remarks group view settings in port group view take Enter port port-group manual port-group-name effect on all ports in the port group. group view Trust the 802.1p or DSCP qos trust { dot1p | dscp } Use either command Configure priority in...

  • Page 43: Displaying And Maintaining Priority Mapping

    Displaying and Maintaining Priority Mapping To do… Use the command… Remarks display qos map-table Display priority mapping table [ dot1p-dp | dot1p-lp | Available in any view configuration dscp-dot1p | dscp-dp | dscp-dscp ] Display the trusted packet priority display qos trust interface Available in any view type on a port [ interface-type interface-number ]...
  • Page 44 Queuing plan Traffic Traffic Priority order Output Queue destination Traffic source queue priority R&D department management department > Internet Management marketing department > R&D High through HTTP department department Marketing department Medium Figure 4-2 Network diagram for priority mapping table and priority marking configuration Internet Host Host...
  • Page 45 [Device-GigabitEthernet1/3] qos priority 5 [Device-GigabitEthernet1/3] quit Configure the priority mapping table # Configure the 802.1p-to-local priority mapping table to map 802.1p priority values 3, 4, and 5 to local precedence values 2, 6, and 4. [Device] qos map-table dot1p-lp [Device-maptbl-dot1p-lp] import 3 export 2 [Device-maptbl-dot1p-lp] import 4 export 6 [Device-maptbl-dot1p-lp] import 5 export 4 [Device-maptbl-dot1p-lp] quit...
  • Page 46 [Device] qos policy rd [Device-qospolicy-rd] classifier http behavior rd [Device-qospolicy-rd] quit [Device] interface gigabitethernet 1/0/2 [Device-GigabitEthernet1/0/2] qos apply policy rd inbound...

  • Page 47: Traffic Policing And Line Rate Overview

    Traffic Policing, Traffic Shaping, and Line Rate Configuration When configuring traffic policing and line rate, go to these sections for information you are interested Traffic Policing and Line Rate Overview Configuring Traffic Policing Configuring GTS Configuring the Line Rate Displaying and Maintaining Traffic Policing, GTS, and Line Rate Traffic Policing and Line Rate Overview Without limits on user traffic, a network can be overwhelmed very easily.

  • Page 48: Traffic Policing

    Evaluation is performed for each arriving packet. In each evaluation, if the number of tokens in the bucket is enough, the traffic conforms to the specification and the tokens for forwarding the packet are taken away; if the number of tokens in the bucket is not enough, the traffic is excessive. Complicated evaluation You can set two token buckets, the C bucket and the E bucket, to evaluate traffic in a more complicated environment and achieve more policing flexibility.

  • Page 49: Traffic Shaping

    Traffic policing is widely used in policing traffic entering the networks of internet service providers (ISPs). It can classify the policed traffic and take pre-defined policing actions on each packet depending on the evaluation result: Forwarding the traffic if the evaluation result is “conforming.” Dropping the traffic if the evaluation result is “excess.”...

  • Page 50: Line Rate

    released, traffic shaping takes out the cached packets and sends them out. In this way, all the traffic sent to Switch B conforms to the traffic specification defined in Switch B. Line Rate The line rate of a physical interface specifies the maximum rate for forwarding packets (including critical packets).

  • Page 51: Configuration Example

    To do… Use the command… Remarks Exit class view quit — Create a behavior and enter traffic behavior behavior-name — behavior view car cir committed-information-rate [ cbs committed-burst-size [ ebs Configure a traffic policing excess-burst-size ] ] [ pir Required action peak-information-rate ] [ green action ] [ red action ] [ yellow action ]...

  • Page 52: Configuring Gts

    [Sysname-GigabitEthernet1/0/1] qos apply policy http inbound Configuring GTS Configuration Procedure On the S5120-EI series, traffic shaping is implemented as queue-based GTS, that is, configuring GTS parameters for packets of a certain queue. Follow these steps to configure queue-based GTS: To do…...

  • Page 53: Configuration Example

    # Limit the outbound line rate of GigabitEthernet 1/0/1 to 512 kbps. [Sysname-GigabitEthernet1/0/1] qos lr outbound cir 512 Displaying and Maintaining Traffic Policing, GTS, and Line Rate On the S5120-EI series switches, you can configure traffic policing in policy-based approach. For related displaying and maintaining commands, see Displaying and Maintaining QoS Policies.

  • Page 54: Congestion Management Configuration

    Congestion Management Configuration When configuring hardware congestion management, go to these sections for information you are interested in: Congestion Management Overview Congestion Management Configuration Approaches Configuring Congestion Management Displaying and Maintaining Congestion Management Congestion Management Overview Causes, Impacts, and Countermeasures of Congestion Network congestion is a major factor contributed to service quality degrading on a traditional network.

  • Page 55: Congestion Management Policies

    Each queuing algorithm addresses a particular network traffic problem and which algorithm is used affects bandwidth resource assignment, delay, and jitter significantly. The S5120-EI series support the following four queue scheduling methods: Scheduling all queues with the strict priority (SP) algorithm.
  • Page 56 Figure 6-3 Schematic diagram for WRR queuing Queue 0 Weight 1 Packets to be sent through this port Queue 1 Weight 2 Sent packets Interface …… Queue N-2 Weight N-1 Queue Sending queue Packet scheduling classification Queue N-1 Weight N Assume there are eight output queues on a port.

  • Page 57: Congestion Management Configuration Approaches

    Short packets and long packets are fairly scheduled: if there are both long packets and short packets in queues, statistically the short packets should be scheduled preferentially to reduce the jitter between packets as a whole. Compared with FQ, WFQ takes weights into account when determining the queue scheduling order. Statistically, WFQ gives high priority traffic more scheduling opportunities than low priority traffic.

  • Page 58: Configuring Congestion Management

    Task Remarks Configuring SP Queuing Optional Configure WRR Queuing Optional Configuring WFQ Queuing Optional Configuring SP+WRR Queues Optional Configuring Congestion Management Configuring SP Queuing Configuration procedure Follow these steps to configure SP queuing: To do… Use the command… Remarks Enter system view system-view —...

  • Page 59: Configure Wrr Queuing

    Configure WRR Queuing Configuration procedure Follow these steps to configure group-based WRR queuing: To do… Use the command… Remarks Enter system view system-view — Enter Use either command interface interface-type Enter interface Settings in interface view take interface-number interface view effect on the current interface;...

  • Page 60: Configuring Wfq Queuing

    Configuring WFQ Queuing Configuration procedure Follow these steps to configure a WFQ queue: To do… Use the command… Remarks Enter system view system-view — Enter Use either command interface interface-type Enter interface Settings in interface view take interface-number interface view effect on the current interface;...

  • Page 61: Configuring Sp+Wrr Queues

    [Sysname-GigabitEthernet1/0/1] qos wfq 6 weight 12 [Sysname-GigabitEthernet1/0/1] qos wfq 7 weight 14 # Set the minimum guaranteed bandwidth of queue 0 to 128 kbps. [Sysname-GigabitEthernet1/0/1] qos bandwidth queue 0 min 128 Configuring SP+WRR Queues Configuration Procedure Follow these steps to configure SP + WRR queues: To do…...

  • Page 62: Displaying And Maintaining Congestion Management

    Configuration procedure # Enter system view. <Sysname> system-view # Enable the SP+WRR queue scheduling algorithm on GigabitEthernet1/0/1. [Sysname] interface GigabitEthernet 1/0/1 [Sysname-GigabitEthernet1/0/1] qos wrr [Sysname-GigabitEthernet1/0/1] qos wrr 0 group sp [Sysname-GigabitEthernet1/0/1] qos wrr 1 group sp [Sysname-GigabitEthernet1/0/1] qos wrr 2 group sp [Sysname-GigabitEthernet1/0/1] qos wrr 3 group sp [Sysname-GigabitEthernet1/0/1] qos wrr 4 group 1 weight 2 [Sysname-GigabitEthernet1/0/1] qos wrr 5 group 1 weight 4...

  • Page 63: Traffic Filtering Configuration

    Traffic Filtering Configuration When configuring traffic filtering, go to these sections for information you are interested in: Traffic Filtering Overview Configuring Traffic Filtering Traffic Filtering Configuration Example Traffic Filtering Overview You can filter in or filter out a class of traffic by associating the class with a traffic filtering action. For example, you can filter packets sourced from a specific IP address according to network status.

  • Page 64: Traffic Filtering Configuration Example

    To do… Use the command… Remarks Exit behavior view quit — Create a policy and enter policy — qos policy policy-name view Associate the class with the classifier tcl-name behavior traffic behavior in the QoS — behavior-name policy Exit policy view quit —...
  • Page 65 [DeviceA-acl-basic-3000] quit # Create a class named classifier_1, and reference ACL 3000 in the class. [DeviceA] traffic classifier classifier_1 [DeviceA-classifier-classifier_1] if-match acl 3000 [DeviceA-classifier-classifier_1] quit # Create a behavior named behavior_1, and configure the traffic filtering action for the behavior to drop packets.

  • Page 66: Priority Marking Configuration

    Priority Marking Configuration When configuring priority marking, go to these sections for information you are interested in: Priority Marking Overview Configuring Priority Marking Priority Marking Configuration Example Priority Marking Overview Priority marking can be used together with priority mapping. For details, see Priority Mapping Table and Priority Marking Configuration Example.

  • Page 67: Priority Marking Configuration Example

    To do… Use the command… Remarks Set the drop precedence for remark drop-precedence Optional packets drop-precedence-value Set the IP precedence for remark ip-precedence Optional packets ip-precedence-value Set the local precedence for remark local-precedence Optional packets local-precedence Exit behavior view quit —...
  • Page 68 Figure 8-1 Network diagram for priority marking configuration Internet Host A Data server 192.168.0.1/24 GE1/0/1 GE1/0/2 Mail server 192.168.0.2/24 Host B Device File server 192.168.0.3/24 Configuration procedure # Create advanced ACL 3000, and configure a rule to match packets with destination IP address 192.168.0.1.
  • Page 69 [Device-behavior-behavior_dbserver] quit # Create a behavior named behavior_mserver, and configure the action of setting the local precedence value to 3 for the behavior. [Device] traffic behavior behavior_mserver [Device-behavior-behavior_mserver] remark local-precedence 3 [Device-behavior-behavior_mserver] quit # Create a behavior named behavior_fserver, and configure the action of setting the local precedence value to 2 for the behavior.

  • Page 70: Traffic Redirecting Configuration

    Traffic Redirecting Configuration When configuring traffic redirecting, go to these sections for information you are interested in: Traffic Redirecting Overview Configuring Traffic Redirecting Traffic Redirecting Overview Traffic Redirecting Traffic redirecting is the action of redirecting the packets matching the specific match criteria to a certain location for processing.
  • Page 71 To do… Use the command… Remarks Exit policy view quit — To an interface Applying the QoS policy to an interface — Apply the To a VLAN Applying the QoS policy to a VLAN — policy Globally Applying the QoS policy globally —...

  • Page 72: Class-Based Accounting Configuration

    Create a behavior and enter traffic behavior behavior-name Required behavior view Optional The class-based accounting Configure the accounting accounting function on S5120-EI series action switches counts traffic in the number of packets. Exit behavior view quit — Create a policy and enter policy qos policy policy-name —...

  • Page 73: Displaying And Maintaining Traffic Accounting

    To do… Use the command… Remarks Exit policy view quit — To an interface Applying the QoS policy to an interface — Apply the To a VLAN Applying the QoS policy to a VLAN — policy Globally Applying the QoS policy globally —...
  • Page 74 [DeviceA] qos policy policy [DeviceA-qospolicy-policy] classifier classifier_1 behavior behavior_1 [DeviceA-qospolicy-policy] quit # Apply the policy named policy to the incoming traffic of GigabitEthernet 1/0/1. [DeviceA] interface gigabitethernet 1/0/1 [DeviceA-GigabitEthernet1/0/1] qos apply policy policy inbound [DeviceA-GigabitEthernet1/0/1] quit # Display traffic statistics to verify the configuration. [DeviceA] display qos policy interface gigabitethernet 1/0/1 Interface: GigabitEthernet1/0/1 Direction: Inbound...

  • Page 75: Appendix A Default Priority Mapping Tables

    Appendix A Default Priority Mapping Tables For the default dscp-dscp priority mapping table, an input value yields a target value that is equal to it. Table 11-1 The default dot1p-lp and dot1p-dp priority mapping tables Input priority value dot1p-lp mapping dot1p-dp mapping Local precedence 802.1p priority (dot1p)
  • Page 76 Input priority value dscp-dp mapping dscp-dot1p mapping 48 to 55 56 to 63 11-2...

  • Page 77: Appendix B Introduction To Packet Precedences

    Appendix B Introduction to Packet Precedences IP Precedence and DSCP Values Figure 12-1 ToS and DS fields As shown in Figure 12-1, the ToS field of the IP header contains eight bits, and the first three bits (0 to 2) represent IP precedence from 0 to 7. According to RFC 2474, the ToS field of the IP header is redefined as the differentiated services (DS) field, where a DSCP value is represented by the first six bits (0 to 5) and is in the range 0 to 63.

  • Page 78: 802.1P Priority

    DSCP value (decimal) DSCP value (binary) Description 001100 af12 001110 af13 010010 af21 010100 af22 010110 af23 011010 af31 011100 af32 011110 af33 100010 af41 100100 af42 100110 af43 001000 010000 011000 100000 101000 110000 111000 000000 be (default) 802.1p Priority 802.1p priority lies in Layer 2 packet headers and is applicable to occasions where Layer 3 header analysis is not needed and QoS must be assured at Layer 2.
  • Page 79 As shown in Figure 12-2, the 4-byte 802.1Q tag header consists of the tag protocol identifier (TPID, two bytes in length), whose value is 0x8100, and the tag control information (TCI, two bytes in length). Figure 12-3 presents the format of the 802.1Q tag header. The Priority field in the 802.1Q tag header is called the 802.1p priority, because its use is defined in IEEE 802.1p.

  • Page 80: Index

    Index Displaying and Maintaining QoS Policies ACL Classification ACL Numbering and Naming Application of ACLs on the Switch Implementing Time-Based ACL Rules Applying an ACL for Packet Filtering 1-14 Introduction to ACL Applying the QoS Policy Introduction to Priority Mapping IntServ Service Model IPv4 ACL Application Configuration Example Best-Effort Service Model...
  • Page 81 Traffic Shaping 13-2...

Table of Contents