H3C S5820X Series Acl And Qos Command Reference
  1. Manuals
  2. Brands
  3. H3C Manuals
  4. Switch
  5. s5820x series
  6. Acl and qos command reference
H3C S5820X Series Acl And Qos Command Reference

H3C S5820X Series Acl And Qos Command Reference

Hide thumbs Also See for S5820X Series:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Troubleshooting Manual, Configuration Manual
H3C S5820X&S5800 Switch Series
ACL and QoS Command Reference
Hangzhou H3C Technologies Co., Ltd.
http://www.h3c.com
Software version: Release 1211
Document version: 6W100-20110415

Advertisement

Table of Contents
loading

Related Manuals for H3C S5820X Series

Summary of Contents for H3C S5820X Series

  • Page 1 H3C S5820X&S5800 Switch Series ACL and QoS Command Reference Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 1211 Document version: 6W100-20110415...
  • Page 2 SecPro, SecPoint, SecEngine, SecPath, Comware, Secware, Storware, NQA, VVG, V G, V G, PSPT, XGbus, N-Bus, TiGem, InnoVision and HUASAN are trademarks of Hangzhou H3C Technologies Co., Ltd. All other trademarks that may be mentioned in this manual are the property of their respective owners Notice The information in this document is subject to change without notice.
  • Page 3 Preface The H3C S5800&S5820X documentation set includes 12 command references, which describe the commands and command syntax options for the S5800&S5820X Release 1211. The ACL and QoS Command Reference describes ACL and QoS configuration commands. It covers the commands for creating ACLs, using ACLs for packet filtering, configuring QoS policies, and configuring common QoS techniques, such as traffic policing, traffic shaping, congestion management, and congestion avoidance.
  • Page 4 Added commands: • control-plane • display qos policy control-plane • reset qos policy control-plane Modified commands: • if-mtach—Added support for the system-index keyword • remark dot1p—Added support for the green, red and yellow QoS policy keywords • remark dscp—Added support for the green, red and yellow keywords •...
  • Page 5 An alert that calls attention to essential information. IMPORTANT An alert that contains additional or supplementary information. NOTE An alert that provides helpful information. About the H3C S5800&S5820X documentation set The H3C S5800&S5820X documentation set includes: Category Documents Purposes Marketing brochures Describe product specifications and benefits.
  • Page 6 Interface Cards User available for the products. Manual Describes the benefits, features, hardware H3C OAP Cards User specifications, installation, and removal of the OAP Manual cards available for the products. H3C Low End Series...
  • Page 7 Guides you through installing SFP/SFP+/XFP Transceiver Modules transceiver modules. Installation Guide • S5800-60C-PWR Switch Video Installation Guide Shows how to install the H3C S5800-60C-PWR and • H3C S5820X-28C Ethernet switches. S5820X-28C Switch Video Installation Guide Describe software features and configuration Configuration guide procedures.

  • Page 8: Obtaining Documentation

    Obtaining documentation You can access the most up-to-date H3C product documentation on the World Wide Web at http://www.h3c.com. Click the links on the top navigation bar to obtain different categories of product documentation: [Technical Support & Documents > Technical Documents] –...

  • Page 9: Table Of Contents

    Contents ACL configuration commands ····································································································································· 1 acl ··············································································································································································1 acl copy·····································································································································································2 acl ipv6······································································································································································3 acl ipv6 copy ····························································································································································4 acl ipv6 logging frequence ·····································································································································4 acl ipv6 name···························································································································································5 acl logging frequence ··············································································································································6 acl name····································································································································································6 description·································································································································································7 display acl·································································································································································7 display acl ipv6 ························································································································································9 display acl resource ·············································································································································· 11 display packet-filter ···············································································································································...
  • Page 10 classifier behavior ················································································································································· 52 control-plane ·························································································································································· 53 display qos policy ················································································································································· 54 display qos policy control-plane ·························································································································· 55 display qos policy control-plane pre-defined ····································································································· 57 display qos policy global ····································································································································· 58 display qos policy interface ································································································································· 60 display qos vlan-policy ········································································································································· 61 qos apply policy (interface view, port group view, control plane view)·························································...
  • Page 11 qos wred apply ····················································································································································· 92 qos wred queue table ··········································································································································· 93 queue ······································································································································································ 93 queue weighting-constant ····································································································································· 94 Global CAR configuration commands······················································································································96 car name ································································································································································ 96 display qos car name ··········································································································································· 97 qos car aggregative·············································································································································· 98 qos car hierarchy ·················································································································································· 99 reset qos car name··············································································································································100 Data buffer configuration commands ····················································································································...

  • Page 12: Acl Configuration Commands

    ACL configuration commands NOTE: The Layer 3 Ethernet interface in this document refers to the Ethernet port that can perform IP routing and inter-VLAN routing. You can set an Ethernet port as a Layer 3 Ethernet interface by using the port Layer 2—LAN Switching Configuration Guide link-mode route command (see the Syntax...

  • Page 13: Acl Copy

    You can change match order only for ACLs that do not contain any rules. To display any ACLs you have created, use the display acl command. Examples # Create IPv4 basic ACL 2000, and enter its view. <Sysname> system-view [Sysname] acl number 2000 [Sysname-acl-basic-2000] # Create IPv4 basic ACL 2001 with the name flow, and enter its view.

  • Page 14: Acl Ipv6

    Examples # Create IPv4 basic ACL 2002 by copying IPv4 basic ACL 2001. <Sysname> system-view [Sysname] acl copy 2001 to 2002 acl ipv6 Syntax acl ipv6 number acl6-number [ name acl6-name ] [ match-order { auto | config } ] undo acl ipv6 { all | name acl6-name | number acl6-number } View System view...

  • Page 15: Acl Ipv6 Copy

    # Create IPv6 basic ACL 2001 with the name flow, and enter its view. <Sysname> system-view [Sysname] acl ipv6 number 2001 name flow [Sysname-acl6-basic-2001-flow] acl ipv6 copy Syntax acl ipv6 copy { source-acl6-number | name source-acl6-name } to { dest-acl6-number | name dest-acl6-name } View System view...

  • Page 16: Acl Ipv6 Name

    undo acl ipv6 logging frequence View System view Default level 2: System level Parameters frequence: Specifies the interval in minutes at which IPv6 packet filtering logs are generated and output. It must be a multiple of 5, in the range 0 to 1440. To disable generating IPv6 logs, assign 0 for the argument.

  • Page 17: Acl Logging Frequence

    acl logging frequence Syntax acl logging frequence frequence undo acl logging frequence View System view Default level 2: System level Parameters frequence: Specifies the interval in minutes at which IPv4 packet filtering logs are generated and output. It must be a multiple of 5, in the range 0 to 1440. To disable generating IPv4 logs, assign 0 for the argument.

  • Page 18: Description

    Examples # Enter the view of IPv4 ACL flow. <Sysname> system-view [Sysname] acl name flow [Sysname-acl-basic-2001-flow] description Syntax description text undo description View IPv4 basic/advanced ACL view, IPv6 basic/advanced ACL view, Ethernet frame header ACL view Default level 2: System level Parameters text: ACL description, a case sensitive string of 1 to 127 characters.
  • Page 19 Parameters acl-number: Specifies an IPv4 ACL by its number: 2000 to 2999 for basic ACLs • • 3000 to 3999 for advanced ACLs 4000 to 4999 for Ethernet frame header ACLs • all: Displays information for all IPv4 ACLs. name acl-name: Specifies an IPv4 ACL by its name. The acl-name argument takes a case insensitive string of 1 to 63 characters.

  • Page 20: Display Acl Ipv6

    Field Description named flow The name of the ACL is flow. "-none-" means the ACL is not named. 3 rules The ACL contains three rules. The match order for the ACL is auto, which sorts ACL rules in depth-first match-order is auto order.
  • Page 21 regular-expression: Specifies a regular expression, which is a case sensitive string of 1 to 256 characters. Description Use the display acl ipv6 command to display the configuration and match statistics for the specified IPv6 ACL or all IPv6 ACLs. This command displays ACL rules in config or depth-first order, whichever is configured. Examples # Display the configuration and match statistics for all IPv6 ACLs.

  • Page 22: Display Acl Resource

    display acl resource Syntax display acl resource [ slot slot-number ] [ | { begin | exclude | include } regular-expression ] View Any view Default level 1: Monitor level Parameters slot slot-number: Displays the usage of ACL rules on an IRF member switch. The slot-number argument represents the member ID of the device in the IRF virtual device.

  • Page 23: Display Packet-Filter

    VFP ACL 2048 2048 IFP ACL 8192 2048 6144 IFP Meter 4096 1024 3072 IFP Counter 4096 1024 3072 EFP ACL 1024 1024 EFP Meter EFP Counter 512 Table 3 Output description Field Description Interface Interface indicated by its type and number Rule types, including: •...

  • Page 24: Display Time-Range

    assigned in the IRF virtual device. You can use the display irf command to display information about member switches in an IRF virtual device. If no IRF member switch is specified, the command display application status of packet filtering ACL on all member switches. |: Filters command output by specifying a regular expression.

  • Page 25: Hardware-Count Enable

    Parameters time-range-name: Specifies a time range name, which is a case insensitive string of 1 to 32 characters. It must start with an English letter. all: Displays the configuration and status of all existing time ranges. |: Filters command output by specifying a regular expression. For more information about regular expressions, see the Fundamentals Configuration Guide.

  • Page 26: Packet-Filter

    Description Use the hardware-count enable command to enable counting ACL rule matches performed in hardware. The switch automatically counts the rule match counting performed in software. Use the undo hardware-count enable command to disable counting ACL rule matches performed in hardware.

  • Page 27: Packet-Filter Ipv6

    outbound: Filters outgoing IPv4 packets. Description Use the packet-filter command to apply an IPv4 ACL to an interface to filter IPv4 packets. Use the undo packet-filter command to restore the default. By default, an interface does not filter IPv4 packets. Related commands: display packet-filter.

  • Page 28: Reset Acl Counter

    reset acl counter Syntax reset acl counter { acl-number | all | name acl-name } View User view Default level 2: System level Parameters acl-number: Specifies an IPv4 ACL by its number: 2000 to 2999 for IPv4 basic ACLs • 3000 to 3999 for IPv4 advanced ACLs •...

  • Page 29: Rule (Ethernet Frame Header Acl View)

    name acl6-name: Specifies an IPv6 ACL by its name. The acl6-name argument takes a case insensitive string of 1 to 63 characters. It must start with an English letter. Description Use the reset acl ipv6 counter command to clear statistics for the specified IPv6 ACL or all IPv6 basic and IPv6 advanced ACLs.

  • Page 30: Rule (Ipv4 Advanced Acl View)

    Ethernet_SNAP frames. The protocol-type-mask argument is a 16-bit hexadecimal number that represents a protocol type mask. source-mac sour-addr source-mask: Matches a source MAC address range. The sour-addr argument represents a source MAC address, and the sour-mask argument represents a mask in H-H-H format. time-range time-range-name: Specifies a time range for the rule.
  • Page 31 numbering step to the current highest rule ID, starting from 0. For example, if the rule numbering step is 5 and the current highest rule ID is 28, the rule is numbered 30. deny: Denies matching packets. permit: Allows matching packets to pass. protocol: Protocol carried by IPv4.
  • Page 32 Parameters Function Description Applies the rule to only Without this keyword, the rule applies to all fragment non-first fragments fragments and non-fragments. The time-range-name argument takes a case Specifies a time range for the time-range time-range-name insensitive string of 1 to 32 characters. It must rule start with an English letter.
  • Page 33 Table 8 ICMP-specific parameters for IPv4 advanced ACL rules Parameters Function Description The icmp-type argument ranges from 0 to 255. The icmp-code argument ranges from 0 to 255. icmp-type { icmp-type Specifies the ICMP message The icmp-message argument specifies a icmp-code | icmp-message } type and code message name.

  • Page 34: Rule (Ipv4 Basic Acl View)

    By default, an IPv4 advanced ACL does not contain any rule. Within an ACL, the permit or deny statement of each rule must be unique. If the ACL rule you are creating or editing has the same deny or permit statement as another rule in the ACL, your creation or editing attempt will fail.

  • Page 35: Rule (Ipv6 Advanced Acl View)

    source { sour-addr sour-wildcard | any }: Matches a source address. The sour-addr sour-wildcard arguments represent a source IP address and wildcard mask in dotted decimal notation. A wildcard mask of zeros specifies a host address. The any keyword represents any source IP address. time-range time-range-name: Specifies a time range for the rule.
  • Page 36 View IPv6 advanced ACL view Default level 2: System level Parameters rule-id: Specifies a rule ID, which ranges from 0 to 65534. If no rule ID is provided when you create an ACL rule, the system automatically assigns it a rule ID. This rule ID takes the nearest higher multiple of the numbering step to the current highest rule ID, starting from 0.
  • Page 37 Parameters Function Description The time-range-name argument takes a case time-range Specifies a time range for the insensitive string of 1 to 32 characters. It must time-range-name rule start with an English letter. If the protocol argument takes tcp (6) or udp (17), you can set the parameters shown in Table 1 Table 11 TCP/UDP-specific parameters for IPv6 advanced ACL rules Parameters...
  • Page 38 Table 12 ICMPv6-specific parameters for IPv6 advanced ACL rules Parameters Function Description The icmp6-type argument ranges from 0 to 255. The icmp6-code argument ranges from 0 to icmp6-type { icmp6-type Specifies the ICMPv6 message 255. icmp6-code | type and code The icmp6-message argument specifies a icmp6-message } message name.

  • Page 39: Rule (Ipv6 Basic Acl View)

    To view rules in an ACL and their rule IDs, use the display acl ipv6 all command. Related commands: acl ipv6, display ipv6 acl, and step. NOTE: If an IPv6 advanced ACL is for packet filtering, the operator cannot be neq. If an IPv6 advanced ACL is for QoS traffic classification: operator Do not specify the fragment keyword or specify neq for the...

  • Page 40: Rule Comment

    time-range time-range-name: Specifies a time range for the rule. The time-range-name argument takes a case insensitive string of 1 to 32 characters. It must start with an English letter. vpn-instance vpn-instance-name: Applies the rule to packets in a VPN instance. The vpn-instance-name argument takes a case sensitive string of 1 to 31 characters.

  • Page 41: Rule Remark

    Description Use the rule comment command to configure a description for an existing ACL rule or edit its description for easy identification. Use the undo rule comment command to delete the ACL rule description. By default, an IPv4 ACL rule has no rule description. Related commands: display acl and display acl ipv6.

  • Page 42: Step

    [Sysname] acl number 2000 [Sysname-acl-basic-2000] display this acl number 2000 rule 0 permit source 14.1.1.0 0.0.0.255 rule 5 permit source 10.1.1.1 0 time-range work-time rule 10 permit source 192.168.0.0 0.0.0.255 rule 15 permit source 1.1.1.1 0 rule 20 permit source 10.1.1.1 0 rule 25 permit counting return # To identify rules 10, 15, 20, and 25, add a start remark with rule ID 7, and an end remark with rule ID...

  • Page 43: Time-Range

    Description Use the step command to set a rule numbering step for an ACL. The rule numbering step sets the increment by which the system numbers rules automatically. For example, the default ACL rule numbering step is 5. If you do not assign IDs to rules you are creating, they are numbered 0, 5, 10, 15, and so on. The wider the numbering step, the more rules you can insert between two rules.
  • Page 44 A day of a week in words, sun, mon, tue, wed, thu, fri, and sat. • • working-day for Monday through Friday. off-day for Saturday and Sunday. • daily for the whole week. • from time1 date1: Specifies the start time and date of an absolute statement. The time1 argument specifies the time of the day in hh:mm format (24-hour clock).
  • Page 45 # Create a compound time range t3, setting it to be active from 08:00 to 12:00 on Saturdays and Sundays of the year 2010. <Sysname> system-view [Sysname] time-range t3 8:0 to 12:0 off-day from 0:0 1/1/2010 to 23:59 12/31/2010 # Create a compound time range t4, setting it to be active from 10:00 to 12:00 on Mondays and from 14:00 to 16:00 on Wednesdays in the period of January through June of the year 2010.

  • Page 46: Qos Policy Configuration Commands

    QoS policy configuration commands NOTE: The Layer 3 Ethernet interface in this chapter refers to the Ethernet port that can perform IP routing and inter-VLAN routing. You can set an Ethernet port as a Layer 3 Ethernet interface by using the port Layer 2—LAN Switching Configuration Guide link-mode route command (see the Class configuration commands...

  • Page 47: If-Match

    Classifier: database Operator: AND Rule(s) : if-match acl 3131 Table 14 Output description Field Description Classifier Class name and its match criteria The match operator you set for the class. If the operator is AND, the class Operator matches the packets that match all its match criteria. If the operator is OR, the class matches the packets that match any of its match criteria.
  • Page 48 Keyword and argument combination Description Matches DSCP values. The dscp-list argument is a list of up to 8 DSCP values. dscp dscp-list A DSCP value can be a number from 0 to 63 or any keyword in Table Matches IP precedence. The ip-precedence-list argument is a list of up to eight ip-precedence ip-precedence-list IP precedence values.
  • Page 49 NOTE: The following match criteria must be unique in a traffic class with the operator being AND. Although you list can define multiple if-match clauses for these match criteria or input multiple values for a argument 8021p-list (such as the argument) listed below in a traffic class, avoid doing that.
  • Page 50 You can configure up to eight 802.1p priority values in one command line. If the same 802.1p • priority value is specified multiple times, the system considers them as one. If a packet matches one of the defined 802.1p priority values, it matches the if-match clause. •...
  • Page 51 # Define a match criterion for class class1 to match the packets with the customer network 802.1p priority value 3. <Sysname> system-view [Sysname] traffic classifier class1 [Sysname-classifier-class1] if-match customer-dot1p 3 # Define a match criterion for class class1 to match the packets with the service provider network 802.1p priority value 5.

  • Page 52: Traffic Classifier

    [Sysname-classifier-class1] if-match protocol ip # Define a match criterion for class class1 to match the packets with a customer network VLAN ID of 1, 6, or 9. <Sysname> system-view [Sysname] traffic classifier class1 [Sysname-classifier-class1] if-match customer-vlan-id 1 6 9 # Define a match criterion for class class1 to match packets with the local QoS ID 3. <Sysname>...

  • Page 53: Traffic Behavior Configuration Commands

    Traffic behavior configuration commands accounting Syntax accounting { byte | packet } undo accounting View Traffic behavior view Default level 2: System level Parameters byte: Counts traffic in bytes. packets: Counts traffic in packets. Description Use the accounting command to configure the traffic accounting action in the traffic behavior. By referencing the traffic behavior in a QoS policy, you can achieve class-based accounting, with which statistics are collected on a per-traffic class basis.
  • Page 54 Parameters cir committed-information-rate: Committed information rate (CIR) in kbps. The committed-information-rate argument ranges from 8 to 32000000 and must be a multiple of 8. cbs committed-burst-size: Committed burst size (CBS) in bytes. If you do not specify the cbs keyword, the CBS is 62.5 × committed-information-rate by default and •...

  • Page 55: Display Traffic Behavior

    A QoS policy that references the behavior can be applied in either the inbound direction or outbound direction of an interface. A traffic behavior can contain only one CAR action. If you configure the car command multiple times in the same traffic behavior, the last configuration takes effect. Related commands: qos policy, traffic behavior, and classifier behavior.
  • Page 56 regular-expression: Specifies a regular expression, which is a case sensitive string of 1 to 256 characters. Description Use the display traffic behavior command to display traffic behavior information. Examples # Display user-defined traffic behaviors. <Sysname> display traffic behavior user-defined User Defined Behavior Information: Behavior: 2 Accounting enable: byte Committed Access Rate:...

  • Page 57: Filter

    filter Syntax filter { deny | permit } undo filter View Traffic behavior view Default level 2: System level Parameters deny: Drops packets. permit: Permits packet to pass through. Description Use the filter command to configure a traffic filtering action in a traffic behavior. Use the undo filter command to delete the traffic filtering action.

  • Page 58: Remark Dot1P

    ipv4-add1/ipv4-add2: IPv4 address of the next hop. The ipv4-add2 argument backs up ipv4-add1. If redirecting traffic to ipv4-add1 fails, the device redirects the traffic to ipv4-add2. ipv6-add1/ipv6-add2: IPv6 address of the next hop. The ipv6-add2 argument backs up ipv6-add1. If redirecting traffic to ipv6-add1 fails, the device redirects the traffic to ipv6-add2.

  • Page 59: Remark Drop-Precedence

    Description Use the remark dot1p command to configure an 802.1p priority marking action or configure the inner-to-outer tag priority copying action. Use the undo remark dot1p command to delete the action. The remark dot1p 8021p command and the remark dot1p customer-dot1p-trust command override each other, whichever is configured the last.

  • Page 60: Remark Dscp

    remark dscp Syntax remark [ green | red | yellow ] dscp dscp-value undo remark [ green | red | yellow ] dscp View Traffic behavior view Default level 2: System level Parameters green: Specifies green packets. red: Specifies red packets. yellow: Specifies yellow packets.

  • Page 61: Remark Ip-Precedence

    Keyword DSCP value (binary) DSCP value (decimal) 111000 101110 Description Use the remark dscp command to configure a DSCP marking action. Use the undo remark dscp command to delete the action. Related commands: qos policy, traffic behavior, and classifier behavior. Examples # Configure traffic behavior database to mark matching traffic with DSCP 6.

  • Page 62: Remark Qos-Local-Id

    View Traffic behavior view Default level 2: System level Parameters green: Specifies green packets. red: Specifies red packets. yellow: Specifies yellow packets. local-precedence: Sets the local precedence to be marked for packets, which ranges from 0 to 7. Description Use the remark local-precedence command to configure a local precedence marking action. Use the undo remark local-precedence command to delete the action.

  • Page 63: Traffic Behavior

    [Sysname] traffic behavior database [Sysname-behavior-database] remark qos-local-id 2 traffic behavior Syntax traffic behavior behavior-name undo traffic behavior behavior-name View System view Default level 2: System level Parameters behavior-name: Sets a behavior name, a string of 1 to 31 characters. Description Use the traffic behavior command to create a traffic behavior and enter traffic behavior view.

  • Page 64: Control-Plane

    Parameters tcl-name: Class name, a string of 1 to 31 characters. behavior-name: Behavior name, a string of 1 to 31 characters. mode dcbx: Specifies that the class-behavior association is for the Data Center Bridging Capabilities Exchange Protocol (DCBX) purposes. For more information about DCBX, see the Layer 2—LAN Switching Configuration Guide.

  • Page 65: Display Qos Policy

    [Sysname] control-plane 2 [Sysname-cp-slot2] display qos policy Syntax display qos policy user-defined [ policy-name [ classifier tcl-name ] ] [ | { begin | exclude | include } regular-expression ] View Any view Default level 1: Monitor level Parameters user-defined: Displays user-defined QoS policies. policy-name: QoS policy name, a string of 1 to 31 characters.

  • Page 66: Display Qos Policy Control-Plane

    Table 18 Output description Field Description Policy Policy name Class name A policy can contain multiple classes, and each class is associated with a traffic behavior. Classifier A class can be configured with multiple match criteria. For more information, see the traffic classifier command.
  • Page 67 Direction: Inbound Policy: 1 Classifier: 2 Operator: AND Rule(s) : If-match system-index 10 Behavior: 2 Committed Access Rate: CIR 128 (kbps), CBS 8000 (byte), EBS 0 (byte) Red Action: discard Green : 12928(Bytes) Yellow: 7936(Bytes) : 43904(Bytes) Filter Enable: deny Table 19 Output description Field Description...

  • Page 68: Display Qos Policy Control-Plane Pre-Defined

    Field Description Information about packet filtering (deny indicates dropping packets, and Filter Enable permit indicates forwarding packets) none Indicates no other behavior is configured. display qos policy control-plane pre-defined Syntax display qos policy control-plane pre-defined [ slot slot-number ] [ | { begin | exclude | include } regular-expression ] View Any view...

  • Page 69: Display Qos Policy Global

    LACP GVRP ICMP LLDP DLDP ================================================================ Table 20 Output description Field Description Pre-defined Control-plane Policy Contents of the pre-defined control plane QoS policy Index The pre-defined system index Packet-type Matched criterion display qos policy global Syntax display qos policy global [ slot slot-number ] [ inbound | outbound ] [ | { begin | exclude | include } regular-expression ] View Any view...
  • Page 70 If the slot-number argument is not specified, the global QoS policy configuration of all devices in the • IRF virtual device is displayed. Examples # Display information about the inbound global QoS policy. <Sysname> display qos policy global Direction: Inbound Policy: 1 Classifier: 2 Operator: AND...

  • Page 71: Display Qos Policy Interface

    Field Description Mode Mode that the association between the class and the traffic behavior supports Operator Logical relationship between match criteria Rule(s) Match criteria Behavior Name of the traffic behavior, and the actions in the traffic behavior Accounting Class-based accounting action and the collected statistics Committed Access Rate Information about traffic rate limiting Committed information rate (CIR) in kbps...

  • Page 72: Display Qos Vlan-Policy

    Description Use the display qos policy interface command to display information about the QoS policy or policies applied to an interface or all interfaces. Examples # Display information about the QoS policy or policies applied to GigabitEthernet1/0/1. <Sysname> display qos policy interface gigabitethernet 1/0/1 Interface: GigabitEthernet1/0/1 Direction: Inbound Policy: 1...
  • Page 73 Parameters name policy-name: Displays information about the VLAN QoS policy specified by its name, a string of 1 to 31 characters. vlan vlan-id: Displays information about the QoS policy or policies applied to the VLAN specified by its inbound: Displays information about the QoS policy applied to the inbound direction of the specified VLAN.
  • Page 74 Direction: Inbound Policy: 1 Classifier: 2 Operator: AND Rule(s) : If-match acl 2000 Behavior: 2 Accounting Enable 163 (Packets) Committed Access Rate: CIR 128 (kbps), CBS 8000 (byte), EBS 0 (byte) Red Action: discard Green : 12928(Bytes) Yellow: 7936(Bytes) : 43904(Bytes) Direction: Outbound Policy: 2 Classifier: 3 (Failed)

  • Page 75: Qos Apply Policy (Interface View, Port Group View, Control Plane View)

    Field Description Committed Access Rate CAR information Committed information rate (CIR) in kbps Committed burst size (CBS) in bytes, which specifies the depth of the token bucket for holding traffic bursts Excessive burst size (EBS) in bytes, which specifies the amount of traffic beyond the CBS when two token buckets are used Red Action Action on red packets...

  • Page 76: Qos Apply Policy (User-Profile View)

    [Sysname-cp-slot3] qos apply policy aaa inbound qos apply policy (user-profile view) Syntax qos apply policy policy-name { inbound | outbound } undo qos apply policy [ policy-name ] { inbound | outbound } View User profile view Default level 2: System level Parameters inbound: Applies the QoS policy to the incoming traffic of the switch (traffic sent by the online users).

  • Page 77: Qos Policy

    Default level 2: System level Parameters policy-name: Policy name, a string of 1 to 31 characters. inbound: Applies the QoS policy to the incoming packets on all ports. outbound: Applies the QoS policy to the outgoing packets on all ports. Description Use the qos apply policy global command to apply a QoS policy globally.

  • Page 78: Qos Vlan-Policy

    qos vlan-policy Syntax qos vlan-policy policy-name vlan vlan-id-list { inbound | outbound } undo qos vlan-policy [ policy-name ] vlan vlan-id-list { inbound | outbound } View System view Default level 2: System level Parameters policy-name: QoS policy name, a string of 1 to 31 characters. vlan-id-list: Specifies a list of up to eight VLAN IDs.

  • Page 79: Reset Qos Policy Global

    Description Use the reset qos policy control-plane command to clear the statistics of the QoS policy applied in a certain direction of a control plane. Examples # Clear the statistics of the QoS policy applied in each direction of the control plane on the device numbered 3 in the IRF virtual device.
  • Page 80 Description Use the reset qos vlan-policy command to clear the statistics of the QoS policy applied in a certain direction of a VLAN. If no direction is specified, the statistics of the QoS policies in both directions of the VLAN are cleared. Examples # Clear the statistics of QoS policies applied to VLAN 2.

  • Page 81: Priority Mapping Configuration Commands

    Priority mapping configuration commands NOTE: The Layer 3 Ethernet interface in this chapter refers to the Ethernet port that can perform IP routing and inter-VLAN routing. You can set an Ethernet port as a Layer 3 Ethernet interface by using the port Layer 2—LAN Switching Configuration Guide link-mode route command (see the Priority mapping table configuration commands...

  • Page 82: Import

    If no priority mapping table is specified, this command displays the configuration information of all priority mapping tables. Related commands: qos map-table. Examples # Display the configuration of the 802.1p-to-local priority mapping table. <Sysname> display qos map-table dot1p-lp MAP-TABLE NAME: dot1p-lp TYPE: pre-define IMPORT EXPORT...

  • Page 83: Qos Map-Table

    Default level 2: System level Parameters import-value-list: List of input values. export-value: Output value. all: Deletes all the mappings in the priority mapping table. Description Use the import command to configure a mapping from one or multiple input values to an output value. Use the undo import command to restore the specified or all mappings to the default mappings.

  • Page 84: Port Priority Configuration Commands

    Examples # Enter the inbound 802.1p-to-drop priority mapping table view. <Sysname> system-view [Sysname] qos map-table dot1p-dp [Sysname-maptbl-dot1p-dp] Port priority configuration commands qos priority Syntax qos priority priority-value undo qos priority View Layer 2 Ethernet interface view, Layer 3 Ethernet interface view, port group view Default level 2: System level Parameters...

  • Page 85: Qos Trust

    Default level 1: Monitor level Parameters interface-type interface-number: Specifies an interface by its type and number. |: Filters command output by specifying a regular expression. For more information about regular expressions, see the Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression.
  • Page 86 Default level 2: System level Parameters dot1p: Uses the 802.1p priority in incoming packets for priority mapping. dscp: Uses the DSCP value in incoming packets for priority mapping. Description Use the qos trust command to configure an interface to use a particular priority field carried in packets for priority mapping.

  • Page 87: Gts And Line Rate Configuration Commands

    GTS and line rate configuration commands NOTE: The Layer 3 Ethernet interface in this chapter refers to the Ethernet port that can perform IP routing and inter-VLAN routing. You can set an Ethernet port as a Layer 3 Ethernet interface by using the port Layer 2—LAN Switching Configuration Guide link-mode route command (see the GTS configuration commands...

  • Page 88: Qos Gts

    Table 27 Output description Field Description Interface Interface type and interface number Rule(s) Match criteria Committed information rate (CIR) in kbps Committed burst size in bytes, which specifies the depth of the token bucket for holding traffic bursts qos gts Syntax qos gts queue queue-number cir committed-information-rate [ cbs committed-burst-size ] undo qos gts queue queue-number...

  • Page 89: Line Rate Configuration Commands

    [Sysname-GigabitEthernet1/0/1] qos gts queue 2 cir 640 Line rate configuration commands display qos lr interface Syntax display qos lr interface [ interface-type interface-number ] [ | { begin | exclude | include } regular-expression ] View Any view Default level 1: Monitor level Parameters interface-type interface-number: Specifies an interface by its type and number.

  • Page 90: Qos Lr

    Field Description Committed burst size (CBS) in bytes, which specifies the depth of the token bucket for holding traffic bursts qos lr Syntax qos lr outbound cir committed-information-rate [ cbs committed-burst-size ] undo qos lr outbound View Layer 2 Ethernet interface view, Layer 3 Ethernet interface view, port group view Default level 2: System level Parameters...

  • Page 91: Congestion Management Configuration Commands

    Congestion management configuration commands NOTE: The Layer 3 Ethernet interface in this chapter refers to the Ethernet port that can perform IP routing and inter-VLAN routing. You can set an Ethernet port as a Layer 3 Ethernet interface by using the port Layer 2—LAN Switching Configuration Guide link-mode route command (see the SP queuing configuration commands...

  • Page 92: Qos Sp

    Output queue: Strict-priority queue Table 29 Output description Field Description Interface Interface type and interface number Output queue Pattern of the current output queue Strict-priority queue SP queuing is used for queue scheduling qos sp Syntax qos sp undo qos sp View Layer 2 Ethernet interface view, Layer 3 Ethernet interface view, port group view Default level...
  • Page 93 View Any view Default level 1: Monitor level Parameters interface-type interface-number: Specifies an interface by its type and number. |: Filters command output by specifying a regular expression. For more information about regular expressions, see the Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression.

  • Page 94: Qos Wrr

    Field Description Number of the group a queue is assigned to. By default, all queues Group belong to group 1. Queue weight based on which queues are scheduled. N/A indicates that Weight the queue uses the SP queue scheduling algorithm. qos wrr Syntax qos wrr [ byte-count | weight ]...

  • Page 95: Qos Wrr Group Sp

    undo qos wrr queue-id group 1 byte-count View Interface view, port group view Default level 2: System level Parameters queue-id: Queue ID, which ranges from 0 to 7. 1: Specifies a group the queue belongs to group 1. byte-count schedule-value: Specifies a scheduling weight for the specified queue in byte-count WRR queuing.

  • Page 96: Qos Wrr Weight

    Description Use the qos wrr group sp command to configure SP queuing on the interface. Use the undo qos wrr group sp command to delete the SP queuing algorithm from the interface. Before configuring this command on an interface, make sure that WRR queue scheduling is enabled on the interface.

  • Page 97: Wfq Configuration Commands

    Related commands: display qos wrr interface. Examples # Enable packet-based WRR queuing on interface GigabitEthernet 1/0/1, and set the weight of queue 0 to 10. <Sysname> system-view [Sysname] interface gigabitethernet 1/0/1 [Sysname-GigabitEthernet1/0/1] qos wrr weight [Sysname-GigabitEthernet1/0/1] qos wrr 0 group 1 weight 10 WFQ configuration commands display qos wfq interface Syntax...

  • Page 98: Qos Bandwidth Queue

    Table 31 Output description Field Description Interface Interface type and interface number Output queue Pattern of the current output queue Queue ID ID of a queue Weight Queue scheduling weight Min-Bandwidth Minimum guaranteed bandwidth qos bandwidth queue Syntax qos bandwidth queue queue-id min bandwidth-value undo qos bandwidth queue queue-id [ min bandwidth-value ] View Layer 2 Ethernet interface view, Layer 3 Ethernet interface view, port group view...

  • Page 99: Qos Wfq

    [Sysname-GigabitEthernet1/0/1] qos bandwidth queue 0 min 100 qos wfq Syntax qos wfq undo qos wfq View Layer 2 Ethernet interface view, Layer 3 Ethernet interface view, port group view Default level 2: System level Parameters None Description Use the qos wfq command to enable WFQ on an interface. Use the undo qos wfq command to restore default queuing algorithm on an interface.
  • Page 100 Description Use the qos wfq weight command to configure a scheduling weight for a WFQ queue on the interface. Use the undo qos wfq weight command to restore the default scheduling weight for a WFQ queue on the interface. By default, the scheduling weight of each WFQ queue is 1. Settings in interface view take effect on the current interface.

  • Page 101: Congestion Avoidance Configuration Commands

    Congestion avoidance configuration commands NOTE: The Layer 3 Ethernet interface in this chapter refers to the Ethernet port that can perform IP routing and inter-VLAN routing. You can set an Ethernet port as a Layer 3 Ethernet interface by using the port Layer 2—LAN Switching Configuration Guide link-mode route command (see the display qos wred interface...

  • Page 102: Display Qos Wred Table

    display qos wred table Syntax display qos wred table [ table-name ] [ | { begin | exclude | include } regular-expression ] View Any view Default level 1: Monitor level Parameters table-name: Name of the WRED table to be displayed. |: Filters command output by specifying a regular expression.

  • Page 103: Qos Wred Apply

    Field Description Lower threshold configured for green packets, whose drop precedence is gmin Upper threshold configured for green packets, whose drop precedence is gmax Drop probability slope configured for green packets, whose drop gprob precedence is 0 Lower threshold configured for yellow packets, whose drop precedence is ymin Upper threshold configured for yellow packets, whose drop precedence ymax...

  • Page 104: Qos Wred Queue Table

    [Sysname-GigabitEthernet1/0/1] qos wred apply queue-table1 qos wred queue table Syntax qos wred queue table table-name undo qos wred table table-name View System view Default level 2: System level Parameters table table-name: Specifies a name for the table. Description Use the qos wred queue table command to create a queue-based WRED table and enter WRED table view.

  • Page 105: Queue Weighting-Constant

    low-limit low-limit: Lower limit, which is 100 by default. The range for the low-limit argument is from 0 to 8000. high-limit high-limit: Upper limit, which is 1000 by default. The range for the high-limit argument is from 0 to 8000. discard-probability discard-prob: Specifies the drop probability in percentage, in the range of 0 to 100.
  • Page 106 The average queue length is calculated using the formula: average queue length = previous average queue length × (1-2 ) + current queue length × 2 , where n is specified by the exponent argument in the queue weighting-constant command. Related commands: qos wred queue table.

  • Page 107: Global Car Configuration Commands

    Global CAR configuration commands car name Syntax car name car-name [ hierarchy-car hierarchy-car-name [ mode { and | or } ] ] undo car View Traffic behavior view Default level 2: System level Parameters car-name: Name of an aggregation CAR action. hierarchy-car-name: Name of the referenced hierarchical CAR.

  • Page 108: Display Qos Car Name

    [Sysname-behavior-be1] car name aggcar-1 hierarchy-car hcar mode or display qos car name Syntax display qos car name [ car-name ] [ | { begin | exclude | include } regular-expression ] View Any view Default level 1: Monitor level Parameters car-name: Name of a global CAR action, which can be an aggregation CAR action or a hierarchical CAR action.

  • Page 109: Qos Car Aggregative

    Table 33 Output description Field Description Name Name of the CAR action Type of the CAR action, which can be: • Mode aggregative: Aggregation CAR • hierarchy: Hierarchical CAR CIR CBS EBS PIR Parameters for the aggregation CAR policy Action to take on packets, which can be: •...

  • Page 110: Qos Car Hierarchy

    ebs excess-burst-size: Excess burst size (EBS) in bytes. The excess-burst-size argument ranges from 0 to 16000000 and defaults to 512. pir peak-information-rate: Peak information rate (PIR) in kbps. The peak-information-rate argument ranges from 8 to 32000000 and must be a multiple of 8. green action: Action to take on packets that conform to CIR.

  • Page 111: Reset Qos Car Name

    cbs committed-burst-size: Specifies the committed burst size (CBS) in bytes, the allowed traffic burst size when the actual average rate is no greater than CIR. CBS ranges from 4096 to 16000000 and defaults to 4096. Description Use the qos car hierarchy command to configure a hierarchical CAR action. Use the undo qos car command to remove a hierarchical CAR action.

  • Page 112: Data Buffer Configuration Commands

    Data buffer configuration commands Automatic data buffer configuration commands burst-mode enable Syntax burst-mode enable undo burst-mode enable View System view Default level 2: System level Parameters None Description Use the burst-mode enable command to enable the burst function. Use the undo burst-mode enable command to disable the burst function. By default, the burst function is disabled.

  • Page 113: Buffer Apply

    NOTE: Data buffer configuration is complicated and has significant impacts on the forwarding performance of • a device. Do not modify the data buffer parameters unless you are sure that your device will benefit from the change. If a larger buffer is needed, enable the burst function to allocate buffer automatically. The commands in this section are mutually exclusive with the burst-mode enable command.

  • Page 114: Buffer Egress Queue Guaranteed

    buffer egress queue guaranteed Syntax buffer egress [ slot slot-number ] { cell | packet } queue queue-id guaranteed ratio ratio undo buffer egress [ slot slot-number ] { cell | packet } queue queue-id guaranteed View System view Default level 2: System level Parameters slot slot-number: Specifies an IRF member switch number.

  • Page 115: Buffer Egress Queue Shared

    buffer egress queue shared Syntax buffer egress [ slot slot-number ] { cell | packet } queue queue-id shared ratio ratio undo buffer egress [ slot slot-number ] { cell | packet } queue queue-id shared View System view Default level 2: System level Parameters slot slot-number: Specifies an IRF member switch number.

  • Page 116: Buffer Egress Shared

    buffer egress shared Syntax buffer egress [ slot slot-number ] { cell | packet } shared ratio ratio undo buffer egress [ slot slot-number ] { cell | packet } shared View System view Default level 2: System level Parameters slot slot-number: Specifies an IRF member switch number.
  • Page 117 Default level 2: System level Parameters slot slot-number: Specifies an IRF member switch number. For a standalone device, the slot-number argument can only be 1. In an IRF, with slot-number specified, this command configures the buffer resource of the member switch specified by slot-number; without slot-number specified, this command configures the buffer resource of all the member switches in the IRF virtual device.

  • Page 118: Hqos Configuration Commands

    HQoS configuration commands NOTE: Hierarchical QoS (HQoS) is available on the S5800 Switch Series but not the S5820X Switch Series. bandwidth Syntax bandwidth bandwidth-value undo bandwidth [ bandwidth-value ] View Forwarding profile view Default level 2: System level Parameters bandwidth-value: Minimum guaranteed bandwidth (in kbps), which ranges from 8 to 10000000. Description Use the bandwidth command to set the minimum guaranteed bandwidth for the forwarding profile.

  • Page 119: Display Qos Forwarding-Profile

    |: Filters command output by specifying a regular expression. For more information about regular expressions, see the Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

  • Page 120: Display Qos Scheduler-Policy Diagnosis Interface

    regular-expression: Specifies a regular expression, which is a case sensitive string of 1 to 256 characters. Description Use the display qos forwarding-profile command to display information about a forwarding profile. If no forwarding profile is specified, this command displays information about all forwarding profiles. Examples # Display information about all forwarding profiles.
  • Page 121 If no interface is specified, this command displays scheduler policy diagnosis information for all interfaces. Examples # Display scheduler policy diagnosis information for Ten-GigabitEthernet 1/0/25. <Sysname> display qos scheduler-policy diagnosis interface ten-gigabitethernet 1/0/25 SP -- scheduler policy FG -- forwarding group FC -- forwarding class FP -- forwarding profile -------------------------------------------------------------------------------...

  • Page 122: Display Qos Scheduler-Policy Interface

    Field Description The issuing status of a forwarding profile: Success indicates all contents have been issued successfully: If a forwarding profile has failed to be issued, the reason is displayed. The reason can be: • GTS Failed—The GTS parameters have failed to be issued to a forwarding group.

  • Page 123: Display Qos Scheduler-Policy

    Interface: Ten-GigabitEthernet1/0/25 Direction: Outbound SP: 1 FG: 1 FP: 1 Rule: group FG: 1 Rule: group FG: 1_1 FP: 1_1 Rule: match service-vlan-id 100 FG: 2 FP: 2 Rule: match local-precedence 1 FG: 3 FP: 3 Rule: match local-precedence 2 Table 37 Output description Field Description...
  • Page 124 include: Displays all lines that match the specified regular expression. regular-expression: Specifies a regular expression, which is a case sensitive string of 1 to 256 characters. Description Use the display qos scheduler-policy name command to display scheduler policy information. If no scheduler policy name is specified, this command displays information about all scheduler policies.

  • Page 125: Forwarding-Group Group

    forwarding-group group Syntax forwarding-group fg-name group undo forwarding-group fg-name group View Scheduling layer 1 view Default level 2: System level Parameters fg-name: Forwarding group name, a case-sensitive string of 1 to 31 characters. Description Use the forwarding-group group command to instantiate a parent forwarding group. Use the undo forwarding-group group command to remove the instantiation of a parent forwarding group.
  • Page 126 NOTE: A forwarding group can match traffic from only one VLAN. Even though you can specify multiple VLAN IDs in the command, only the first one applies. For example, if you specify service-vlan-id 100 200 300 in the command, the match criterion is VLAN 100. Description Use the forwarding-group match command to instantiate a forwarding group in match mode.

  • Page 127: Forwarding-Group Profile (Forwarding-Group View)

    Examples # Configure layer-2 forwarding group testfg in scheduler policy testsp to match traffic with service VLAN ID 10. <Sysname> system-view [Sysname] qos scheduler-policy testsp [Sysname-hqos-sp-testsp] layer 2 [Sysname-hqos-sp-testsp-layer2] forwarding-group testfg match service-vlan-id 10 forwarding-group profile (forwarding-group view) Syntax forwarding-group sub-fg-name profile fp-name undo forwarding-group sub-fg-name View Forwarding group view...

  • Page 128: Gts Cir

    View Scheduler policy view Default level 2: System level Parameters fg-name: Specifies a forwarding group name, which is a case-sensitive string of 1 to 31 characters. fp-name: Specifies a forwarding profile name, which is a case-sensitive string of 1 to 31 characters. Description Use the forwarding-group profile command to nest a forwarding group in a scheduler policy and specify a forwarding profile for this forwarding group.

  • Page 129: Layer

    Examples # Configure GTS parameters for forwarding profile testfp: set the CIR to 16000 kbps and CBS to 2400000 bytes. <Sysname> system-view [Sysname] qos forwarding-profile testfp [Sysname-hqos-fp-testfp] gts cir 16000 cbs 2400000 layer Syntax layer { 1 | 2 } View Scheduler policy view, scheduler policy layer view Default level...

  • Page 130: Qos Copy Forwarding-Group

    outbound: Applies a scheduler policy in the outbound direction of the current interfaces. Description Use the qos apply scheduler-policy command to apply a scheduler policy in the outbound direction of an interface or port group. Use the undo qos apply scheduler-policy command to remove the scheduler policy applied in the outbound direction of the interface or port group.

  • Page 131: Qos Copy Scheduler-Policy

    Default level 2: System level Parameters fg-source: Specifies a source forwarding group name, which is a case-sensitive string of 1 to 31 characters. The forwarding group identified by this argument must already exist. fg-dest: Specifies a destination forwarding group name, which is a case-sensitive string of 1 to 31 characters.

  • Page 132: Qos Forwarding-Group

    qos forwarding-group Syntax qos forwarding-group fg-name [ id fg-id ] undo qos forwarding-group fg-name View System view Default level 2: System level Parameters fg-name: User-defined forwarding group name, a case-sensitive string of 1 to 31 characters. id fg-id: Specifies a user-defined forwarding group ID, which ranges from 0 to 89. If no ID is specified, the system assigns the lowest free ID to the forwarding group.

  • Page 133: Qos Scheduler-Policy

    Description Use the qos forwarding-profile command to create a forwarding profile and enter forwarding profile view. Use the undo qos forwarding-profile command to remove a forwarding profile. An S5800 switch supports up to 180 forwarding profiles. You cannot remove a forwarding profile used in a scheduler policy. Examples # Create a forwarding profile testfp.

  • Page 134: Wrr

    View Forwarding profile view Default level 2: System level Parameters None Description Use the sp command to specify strict priority (SP) queuing in a forwarding profile. Use the undo sp command to disable SP queuing in the forwarding profile. Examples # Configure forwarding profile testfp to use SP queuing.

  • Page 135: Index

    Index A B C D F G H I L P Q R S T W display qos policy control-plane,55 display qos policy control-plane pre-defined,57 accounting,42 display qos policy global,58 acl,1 display qos policy interface,60 copy,2 display qos scheduler-policy,1 12 ipv6,3 display qos scheduler-policy diagnosis interface,109...
  • Page 136 qos apply policy (interface view, port group view, redirect,46 control plane view),64 remark dot1p,47 qos apply policy (user-profile view),65 remark drop-precedence,48 qos apply policy global,65 remark dscp,49 qos apply scheduler-policy,1 18 remark ip-precedence,50 qos bandwidth queue,87 remark local-precedence,50 qos car aggregative,98 remark qos-local-id,51...

This manual is also suitable for:

S5800 series

Table of Contents