HP 6125G Configuration Manual

Hp 6125g & 6125g/xg blade switches acl and qos configuration guide-r2103.
Hide thumbs
HP 6125 Blade Switch Series
ACL and QoS
Part number: 5998-3159
Software version: Release 2103
Document version: 6W100-20120907

Advertising

   Related Manuals for HP 6125G

   Summary of Contents for HP 6125G

  • Page 1: Configuration Guide

    HP 6125 Blade Switch Series ACL and QoS Configuration Guide Part number: 5998-3159 Software version: Release 2103 Document version: 6W100-20120907...

  • Page 2

    HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.

  • Page 3: Table Of Contents

    Contents Configuring ACLs ························································································································································· 1   Overview ············································································································································································ 1   Applications on the switch ······································································································································ 1   ACL categories ························································································································································· 1   Numbering and naming ACLs ································································································································ 1   Match order ······························································································································································ 2   ACL rule comments and rule range remarks ········································································································· 3  ...

  • Page 4: Table Of Contents

    Configuration procedure ······································································································································ 19   Defining a traffic behavior ············································································································································ 20   Defining a policy ···························································································································································· 21   Configuration restrictions and guidelines ··········································································································· 21   Configuration procedure ······································································································································ 21   Applying the QoS policy ··············································································································································· 21   Applying the QoS policy to an interface ············································································································ 22  ...

  • Page 5: Table Of Contents

    Configuration example ········································································································································· 43   Configuring WRR queuing ············································································································································ 44   Configuration procedure ······································································································································ 44   Configuration example ········································································································································· 44   Configuring WFQ queuing ··········································································································································· 45   Configuration procedure ······································································································································ 45   Configuration example ········································································································································· 46   Configuring SP+WRR queuing ····································································································································· 46  ...

  • Page 6: Table Of Contents

    Class-based accounting configuration example ········································································································· 66   Network requirements ··········································································································································· 66   Configuration procedure ······································································································································ 66   Configuring burst ······················································································································································· 68   Configuration prerequisites ··········································································································································· 68   Configuration procedure ··············································································································································· 68   Burst configuration example ········································································································································· 68   Network requirements ··········································································································································· 68  ...

  • Page 7: Configuring Acls, Overview, Applications On The Switch, Acl Categories, Numbering And Naming Acls

    Configuring ACLs Unless otherwise stated, ACLs refer to both IPv4 and IPv6 ACLs throughout this document. Overview An access control list (ACL) is a set of rules (or permit or deny statements) for identifying traffic based on criteria such as source IP address, destination IP address, and port number. ACLs are primarily used for packet filtering.

  • Page 8: Match Order

    basic or advanced ACL, its ACL number and name must be unique among all IPv6 ACLs. You can assign an IPv4 ACL and an IPv6 ACL the same number and name. Match order The rules in an ACL are sorted in a specific order. When a packet matches a rule, the device stops the match process and performs the action defined in the rule.

  • Page 9: Acl Rule Comments And Rule Range Remarks, Acl Rule Numbering, Fragments Filtering With Acls

    ACL rule comments and rule range remarks You can add a comment about an ACL rule to make it easy to understand. The rule comment appears below the rule statement. You can also add a rule range remark to indicate the start or end of a range of rules created for the same purpose.

  • Page 10: Configuring A Time Range, Configuring A Basic Acl, Configuring An Ipv4 Basic Acl

    Task Remarks Optional Configuring a time range Applicable to IPv4 and IPv6 ACLs. Configuring a basic ACL Required Configuring an advanced ACL Configure at least one task. Applicable to IPv4 and IPv6. Configuring an Ethernet frame header ACL Optional Copying an ACL Applicable to IPv4 and IPv6.

  • Page 11: Configuring An Ipv6 Basic Acl

    Step Command Remarks Enter system view. system-view By default, no ACL exists. acl number acl-number Create an IPv4 IPv4 basic ACLs are numbered in the range of 2000 to [ name acl-name ] basic ACL and 2999. [ match-order { auto | enter its view.

  • Page 12: Configuring An Advanced Acl, Configuring An Ipv4 Advanced Acl

    Step Command Remarks rule [ rule-id ] { deny | By default, an IPv6 basic ACL does not contain any permit } [ counting | rule. fragment | routing [ type If the ACL is for QoS traffic classification or packet routing-type ] | source Create or edit a filtering, do not specify the fragment and routing...

  • Page 13: Configuring An Ipv6 Advanced Acl

    Step Command Remarks rule [ rule-id ] { deny | permit } protocol [ { { ack ack-value | fin fin-value | psh psh-value | rst rst-value | syn syn-value | urg urg-value } * | established } | counting | destination By default, an IPv4 advanced ACL does not { dest-addr dest-wildcard | any } contain any rule.

  • Page 14

    Step Command Remarks Enter system system-view view. By default, no ACL exists. Create an IPv6 acl ipv6 number acl6-number IPv6 advanced ACLs are numbered in the range of advanced ACL [ name acl6-name ] 3000 to 3999. and enter its [ match-order { auto | config } ] You can use the acl ipv6 name acl6-name command view.

  • Page 15: Configuring An Ethernet Frame Header Acl, Copying An Acl

    Configuring an Ethernet frame header ACL Ethernet frame header ACLs, also called "Layer 2 ACLs," match packets based on Layer 2 protocol header fields, such as source MAC address, destination MAC address, 802.1p priority (VLAN priority), and link layer protocol type. To configure an Ethernet frame header ACL: Step Command...

  • Page 16: Copying An Ipv4 Acl, Copying An Ipv6 Acl, Packet Filtering With Acls

    To successfully copy an ACL, make sure that: • The destination ACL number is from the same category as the source ACL number. The source ACL already exists but the destination ACL does not. • Copying an IPv4 ACL Step Command Enter system view.

  • Page 17: Displaying And Maintaining Acls, Configuration Example Of Using Acl For Device Management, Network Requirements

    Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Apply an IPv6 basic or IPv6 packet-filter ipv6 { acl6-number | By default, no IPv6 ACL is applied advanced ACL to the interface name acl6-name } { inbound | to the interface.

  • Page 18: Configuration Procedure

    As an FTP server, the switch accepts the login requests from only the NMS. • Figure 1 Network diagram Configuration procedure Limit the telnet login requests: # Create a time range named telnet to cover 8:30 to 18:00 of every working day. <Switch>...

  • Page 19: Ipv4 Packet Filtering Configuration Example, Network Requirements, Configuration Procedure

    # Create IPv4 basic ACL 2002, and configure a rule for the ACL to permit only the packets sourced from 10.1.3.1. [Switch] acl number 2002 [Switch-acl-basic-2001] rule permit source 10.1.3.1 0 [Switch-acl-basic-2001] quit # Enable the FTP server on the switch. [Switch] ftp server enable # Use ACL 2001 to control FTP clients' access to the FTP server.

  • Page 20: Ipv6 Packet Filtering Configuration Example, Network Requirements, Configuration Procedure

    IPv6 packet filtering configuration example Network requirements As shown in Figure 3, apply an IPv6 ACL to the incoming traffic of GigabitEthernet 1/0/1 on Device A so that every day from 08:00 to 18:00 the interface allows only packets from Host A to pass through. Figure 3 Network diagram Configuration procedure # Create a time range from 08:00 to 18:00 every day.

  • Page 21: Qos Overview, Qos Service Models, Best-effort Service Model, Intserv Model, Diffserv Model

    QoS overview In data communications, Quality of Service (QoS) is a network’s ability to provide differentiated service guarantees for diversified traffic in terms of bandwidth, delay, jitter, and drop rate. Network resources are scarce. The contention for resources requires that QoS prioritize important traffic flows over trivial ones.

  • Page 22: Qos Techniques

    QoS techniques The QoS techniques include traffic classification, traffic policing, traffic shaping, line rate, congestion management, and congestion avoidance. They address problems that arise at different positions of a network. Figure 4 Placement of the QoS techniques in a network As shown in Figure 4, traffic classification, traffic shaping, traffic policing, congestion management, and...

  • Page 23: Qos Configuration Approaches, Mqc Approach, Non-mqc Approach

    QoS configuration approaches You can configure QoS in these approaches: MQC approach • Non-MQC approach • Some features support both approaches, but some support only one. MQC approach In modular QoS configuration (MQC) approach, you configure QoS service parameters by using QoS policies (see "Configuring a QoS policy").

  • Page 24: Configuring A Qos Policy, Overview, Defining A Class

    Configuring a QoS policy Overview A QoS policy is a set of class-behavior associations and defines the shaping, policing, or other QoS actions to take on different classes of traffic. A class is a set of match criteria for identifying traffic and it uses the AND or OR operator: •...

  • Page 25: Configuration Restrictions And Guidelines, Configuration Procedure

    Configuration restrictions and guidelines If a class that uses the AND operator has multiple if-match acl, if-match acl ipv6, if-match • customer-vlan-id or if-match service-vlan-id clauses, a packet that matches any of the clauses matches the class. To successfully execute the traffic behavior associated with a traffic class that uses the AND operator, •...

  • Page 26: Defining A Traffic Behavior

    Option Description Matches DSCP values. dscp dscp-list The dscp-list argument is a list of up to eight DSCP values. A DSCP value can be a number from 0 to 63 or any keyword in Table destination-mac mac-address Matches a destination MAC address. Matches the 802.1p priority of the customer network.

  • Page 27: Defining A Policy, Configuration Restrictions And Guidelines, Configuration Procedure, Applying The Qos Policy

    Defining a policy You associate a behavior with a class in a QoS policy to perform the actions defined in the behavior for the class of packets. Configuration restrictions and guidelines If an ACL is referenced by a QoS policy for defining traffic match criteria, packets matching the ACL •...

  • Page 28: Applying The Qos Policy To An Interface, Applying The Qos Policy To Online Users

    If a QoS policy has been applied to an active user profile, you cannot modify classes, behaviors, and class-behavior associations of the QoS policy, or delete the QoS policy. Applying the QoS policy to an interface A policy can be applied to multiple interfaces, but only one policy can be applied in one direction (inbound or outbound) of an interface.

  • Page 29: Applying The Qos Policy To A Vlan, Applying The Qos Policy Globally

    Step Command Remarks Return to system quit view. Activate the user user-profile profile-name By default, a user profile is inactive. profile. enable Applying the QoS policy to a VLAN You can apply a QoS policy to a VLAN to regulate traffic of the VLAN. QoS policies cannot be applied to dynamic VLANs, such as VLANs created by GVRP.

  • Page 30

    display qos vlan-policy { name policy-name | vlan Display VLAN QoS policy Available in any vlan-id } [ slot slot-number ] [ inbound | outbound ] configuration. [ | { begin | exclude | include } view regular-expression ] display qos policy global [ slot slot-number ] Display information about QoS Available in any [ inbound | outbound ] [ | { begin | exclude |...

  • Page 31: Configuring Priority Mapping, Overview, Types Of Priorities, Priority Mapping Tables

    Configuring priority mapping Overview When a packet enters a device, depending on your configuration, the device assigns a set of QoS priority parameters to the packet based on either a certain priority field carried in the packet or the port priority of the incoming port.

  • Page 32: Priority Trust Mode On A Port, Priority Mapping Procedure

    Priority trust mode on a port The priority trust mode on a port decides which priority is used for priority mapping table lookup. Port priority was introduced to use for priority mapping in addition to priority fields carried in packets. The HP Blade 6125 Switch Series provides the following priority trust modes: Using the 802.1p priority carried in packets for priority mapping.

  • Page 33: Configuration Guidelines, Configuring A Priority Mapping Table

    priority for traffic scheduling depending on your configuration. Neither priority trust mode configuration on the port nor port priority configuration takes effect. Configuration guidelines You can modify priority mappings by modifying priority mapping tables, priority trust mode on a port, and port priority.

  • Page 34: Displaying Priority Mappings, Priority Trust Mode Configuration Example, Network Requirements

    Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Set the port priority of qos priority priority-value The default port priority is 0. the interface. Displaying priority mappings Task Command Remarks Display priority display qos map-table [ dot1p-dp | dot1p-lp | dscp-dot1p mapping table | dscp-dp | dscp-dscp ] [ | { begin | exclude | include } Available in any view...

  • Page 35: Priority Mapping Table And Priority Marking Configuration Example, Configuration Procedure, Network Requirements

    Configuration procedure # Assign port priority to GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2. Make sure that the priority of GigabitEthernet 1/0/1 is higher than that of GigabitEthernet 1/0/2, and no trusted packet priority type is configured on GigabitEthernet 1/0/1 or GigabitEthernet 1/0/2. <DeviceC>...

  • Page 36

    Figure 8 Network diagram Internet Host Host Server Server GE1/0/5 GE1/0/2 GE1/0/3 Management department R&D department GE1/0/4 GE1/0/1 Device Host Server Public servers Marketing department Configuration procedure Configure trusting port priority: # Set the port priority of GigabitEthernet 1/0/1 to 3. <Device>...

  • Page 37

    [Device-maptbl-dot1p-lp] import 5 export 4 [Device-maptbl-dot1p-lp] quit Configure priority marking: # Mark the HTTP traffic of the management department, marketing department, and R&D department to the Internet with 802.1p priorities 4, 5, and 3, respectively. Use the priority mapping table you have configured to map the 802.1p priorities to local precedence values 6, 4, and 2, respectively, for differentiated traffic treatment.

  • Page 38: Configuring Traffic Policing, Traffic Shaping, And Line Rate, Overview, Traffic Evaluation And Token Buckets

    Configuring traffic policing, traffic shaping, and line rate Overview Traffic policing, traffic shaping, and rate limit are QoS technologies that help assign network resources, such as assign bandwidth. They increase network performance and user satisfaction. For example, you can configure a flow to use only the resources committed to it in a certain time range. This avoids network congestion caused by burst traffic.

  • Page 39: Traffic Policing

    Peak information rate (PIR)—Rate at which tokens are put into bucket E, which specifies the average • packet transmission or forwarding rate allowed by bucket E. Excess burst size (EBS)—Size of bucket E, which specifies the transient burst of traffic that bucket E •...

  • Page 40: Traffic Shaping, Line Rate

    Traffic shaping IMPORTANT: Traffic shaping shapes the outbound traffic. Traffic shaping limits the outbound traffic rate by buffering exceeding traffic. You can use traffic shaping to adapt the traffic output rate on a device to the input traffic rate of its connected device to avoid packet loss.

  • Page 41: Configuring Traffic Policing, Configuration Restrictions And Guidelines, Configuration Procedure

    The line rate of a physical interface specifies the maximum rate for forwarding packets (including critical packets). Line rate also uses token buckets for traffic control. With line rate configured on an interface, all packets to be sent through the interface are handled by the token bucket at line rate. If enough tokens are in the token bucket, packets can be forwarded.

  • Page 42: Configuring Gts, Configuring The Line Rate

    Step Command Remarks Return to system view. quit Create a behavior and enter traffic behavior behavior-name behavior view. car cir committed-information-rate [ cbs committed-burst-size [ ebs Configure a traffic policing excess-burst-size ] ] [ pir N/A. action. peak-information-rate ] [ green action ] [ yellow action ] [ red action ] Return to system view.

  • Page 43: Displaying And Maintaining Traffic Policing, Gts, And Line Rate, Traffic Policing Configuration Example, Network Requirements

    interface interface-type Enter interface view. interface-number qos lr { inbound | outbound } Configure the line cir committed-information-rate rate for the interface. [ cbs committed-burst-size ] Displaying and maintaining traffic policing, GTS, and line rate On the HP Blade 6125 Switch Series, you can configure traffic policing in MQC approach. For more information about the displaying and maintaining commands, see "Displaying and maintaining QoS policies."...

  • Page 44: Configuration Procedures

    Figure 13 Network diagram Configuration procedures Configure Device A: # Configure ACL 2001 and ACL 2002 to match traffic from Server and Host A, respectively. <DeviceA> system-view [DeviceA] acl number 2001 [DeviceA-acl-basic-2001] rule permit source 1.1.1.1 0 [DeviceA-acl-basic-2001] quit [DeviceA] acl number 2002 [DeviceA-acl-basic-2002] rule permit source 1.1.1.2 0 [DeviceA-acl-basic-2002] quit # Create a class named server, and use ACL 2001 as the match criterion.

  • Page 45

    [DeviceA-qospolicy-car] quit # Apply QoS policy car to the incoming traffic of port GigabitEthernet 1/0/1. [DeviceA] interface GigabitEthernet 1/0/1 [DeviceA-GigabitEthernet1/0/1] qos apply policy car inbound Configure Device B: # Configure advanced ACL 3001 to match HTTP traffic. <DeviceB> system-view [DeviceB] acl number 3001 [DeviceB-acl-adv-3001] rule permit tcp destination-port eq 80 [DeviceB-acl-adv-3001] quit # Create a class named http, and use ACL 3001 as the match criterion.

  • Page 46: Configuring Congestion Management, Overview, Congestion Management Techniques, Sp Queuing

    Configuring congestion management Overview Network congestion degrades service quality on a traditional network. Congestion is a situation where the forwarding rate decreases due to insufficient resources, resulting in extra delay. Congestion is more likely to occur in complex packet switching circumstances. Figure 14 shows two common cases:...

  • Page 47: Wrr Queuing

    Figure 15 SP queuing Queue 7 High priority Packets to be sent through this port Queue 6 Sent packets Interface …… Queue 1 Sending queue Packet Queue classification scheduling Queue 0 Low priority Figure 15, SP queuing classifies eight queues on a port into eight classes, numbered 7 to 0 in descending priority order.

  • Page 48: Wfq Queuing

    Assume a port provides eight output queues. WRR assigns each queue a weight value (represented by w7, w6, w5, w4, w3, w2, w1, or w0) to decide the proportion of resources assigned to the queue. The Switch Series supports byte-count weight (which determines the weight by the number of bytes scheduled in a cycle) or packet-based weight (which determines the weight by the number of packets scheduled in a cycle).

  • Page 49: Sp+wrr Queuing, Sp+wfq Queuing, Configuring Sp Queuing, Configuration Procedure, Configuration Example

    The bandwidth percentage assigned to each flow is (precedence value of the flow + 1)/total • assignable bandwidth quota. The bandwidth percentages for the flows are 1/15, 2/15, 3/15, 4/15, and 5/15, respectively. • The bandwidth assigned to a queue = the minimum guaranteed bandwidth + the bandwidth allocated to the queue from the assignable bandwidth.

  • Page 50: Configuring Wrr Queuing, Configuration Procedure, Configuration Example

    Configuration procedure # Enter system view <Sysname> system-view # Configure GigabitEthernet1/0/1 to use SP queuing. [Sysname] interface gigabitethernet 1/0/1 [Sysname-GigabitEthernet1/0/1] qos sp Configuring WRR queuing Configuration procedure To configure WRR queuing: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view.

  • Page 51: Configuring Wfq Queuing, Configuration Procedure

    Configuration procedure # Enter system view. <Sysname> system-view # Configure WRR queuing on port GigabitEthernet 1/0/1. [Sysname] interface GigabitEthernet 1/0/1 [Sysname-GigabitEthernet1/0/1] qos wrr weight [Sysname-GigabitEthernet1/0/1] qos wrr 0 group 1 weight 1 [Sysname-GigabitEthernet1/0/1] qos wrr 1 group 1 weight 2 [Sysname-GigabitEthernet1/0/1] qos wrr 2 group 1 weight 4 [Sysname-GigabitEthernet1/0/1] qos wrr 3 group 1 weight 6 [Sysname-GigabitEthernet1/0/1] qos wrr 4 group 1 weight 8...

  • Page 52: Configuration Example, Configuring Sp+wrr Queuing, Configuration Procedure

    Configuration example Network requirements Configure WFQ queues on an interface and assign the scheduling weight 2, 5, 10, 10, and 10 to queue 1, queue 3, queue 4, queue 5, and queue 6, respectively. Configuration procedure # Enter system view. <Sysname>...

  • Page 53: Configuring Sp+wfq Queuing, Configuration Example, Configuration Procedure

    Configuration example Network requirements • Configure SP+WRR queue scheduling algorithm on GigabitEthernet 1/0/1, and use packet-based WRR. Configure queue 0, queue 1, queue 2, and queue 3 on GigabitEthernet 1/0/1 to be in SP queue • scheduling group. • Configure queue 4, queue 5, queue 6, and queue 7 on GigabitEthernet 1/0/1 to use WRR queuing, with the weight 2, 4, 6, and 8, respectively.

  • Page 54

    Step Command Remarks Configure the minimum Optional. qos bandwidth queue queue-id guaranteed bandwidth for a min bandwidth-value 64 kbps for each queue by default. queue. NOTE: To guarantee successful WFQ configuration, make sure that the scheduling weight type (byte-count or packet-based) is the same as the WFQ queuing type (byte-count or packet-based) when you configure the scheduling weight for a WFQ queue.

  • Page 55: Configuring Congestion Avoidance, Overview, Tail Drop, Red And Wred, Introduction To Wred Configuration

    Configuring congestion avoidance Overview Avoiding congestion before it occurs is a proactive approach to improving network performance. As a flow control mechanism, congestion avoidance actively monitors network resources (such as queues and memory buffers), and drops packets when congestion is expected to occur or deteriorate. Compared with end-to-end flow control, this flow control mechanism controls the load of more flows in a device.

  • Page 56: Configuring Wred, Configuration Procedure, Configuration Examples

    is below the upper threshold, the switch drops packets at the user-configured drop probability. When the queue size reaches the upper threshold, all subsequent packets are dropped. Drop precedence—A parameter used in packet drop. Value 0 represents green packets, 1 •...

  • Page 57: Displaying And Maintaining Wred

    Displaying and maintaining WRED Task Command Remarks Display WRED configuration display qos wred interface [ interface-type information on the interface or all interface-number ] [ | { begin | exclude | Available in any view interfaces. include } regular-expression ] Display configuration information display qos wred table [ table-name ] [ | about a WRED table or all WRED...

  • Page 58: Configuring Traffic Filtering, Configuration Procedure

    Configuring traffic filtering Traffic filtering filters traffic matching certain criteria. For example, you can filter packets sourced from a specific IP address according to network status. Configuration procedure To configure traffic filtering: Step Command Remarks Enter system view. system-view Create a class and enter traffic classifier tcl-name [ operator { and class view.

  • Page 59: Traffic Filtering Configuration Example, Network Requirements, Configuration Procedure

    Traffic filtering configuration example Network requirements As shown in Figure 18, Host is connected to GigabitEthernet 1/0/1 of Device. Configure traffic filtering to filter the packets with source port being 21, and received on GigabitEthernet 1/0/1. Figure 18 Network diagram Host Device GE1/0/1...

  • Page 60: Configuring Priority Marking, Configuration Procedure

    Configuring priority marking Priority marking sets the priority fields or flag bits of packets to modify the priority of traffic. For example, you can use priority marking to set IP precedence or DSCP for a class of IP traffic to change its transmission priority in the network.

  • Page 61: Local Precedence Re-marking Configuration Example, Network Requirements

    Step Command Remarks Create a policy and qos policy policy-name enter policy view. Associate the class with the traffic behavior in the classifier tcl-name behavior behavior-name QoS policy. Return to system view. quit • Applying the QoS policy to an interface •...

  • Page 62

    Figure 19 Network diagram Configuration procedure # Create advanced ACL 3000, and configure a rule to match packets with destination IP address 192.168.0.1. <Device> system-view [Device] acl number 3000 [Device-acl-adv-3000] rule permit ip destination 192.168.0.1 0 [Device-acl-adv-3000] quit # Create advanced ACL 3001, and configure a rule to match packets with destination IP address 192.168.0.2.

  • Page 63: Local Qos Id Marking Configuration Example

    # Create a behavior named behavior_dbserver, and configure the action of setting the local precedence value to 4. [Device] traffic behavior behavior_dbserver [Device-behavior-behavior_dbserver] remark local-precedence 4 [Device-behavior-behavior_dbserver] quit # Create a behavior named behavior_mserver, and configure the action of setting the local precedence value to 3.

  • Page 64

    # Create a class class_a to match both packets with source MAC address 0001-0001-0001 and packets with source IP 1.1.1.1. <Sysname> system-view [Sysname] traffic classifier class_a operator or [Sysname-classifier-class_a] if-match source-mac 1-1-1 [Sysname-classifier-class_a] if-match acl 2000 [Sysname-classifier-class_a] quit # Create a behavior behavior_a, and configure the action of marking packets with local QoS ID 100 for the behavior.

  • Page 65: Configuring Traffic Redirecting, Configuration Restrictions And Guidelines, Configuration Procedure

    Configuring traffic redirecting Traffic redirecting is the action of redirecting the packets matching the specific match criteria to a certain location for processing. The following redirect actions are supported: Redirecting traffic to the CPU—redirects packets that require processing by the CPU to the CPU. •...

  • Page 66: Redirect-to-next Hop Configuration Example, Network Requirements, Configuration Procedure

    Step Command Remarks Associate the class with the traffic behavior in the QoS classifier tcl-name behavior behavior-name policy. Return to system view. quit Choose one • Applying the QoS policy to an interface application Apply the QoS policy. • Applying the QoS policy to a VLAN destination as •...

  • Page 67

    [DeviceA-acl-basic-2000] rule permit source 2.1.1.1 0 [DeviceA-acl-basic-2000] quit # Create basic ACL 2001, and configure a rule to match packets with source IP address 2.1.1.2. [DeviceA] acl number 2001 [DeviceA-acl-basic-2001] rule permit source 2.1.1.2 0 [DeviceA-acl-basic-2001] quit # Create a class named classifier_1, and use ACL 2000 as the match criterion in the class. [DeviceA] traffic classifier classifier_1 [DeviceA-classifier-classifier_1] if-match acl 2000 [DeviceA-classifier-classifier_1] quit...

  • Page 68: Configuring Aggregate Car, Overview, Configuration Restrictions And Guidelines, Configuration Procedure

    Configuring aggregate CAR Overview An aggregate CAR action is created globally and can be directly applied to interfaces or referenced in the traffic behaviors associated with different traffic classes to police multiple traffic flows as a whole. The total rate of the traffic flows must conform to the traffic policing specifications set in the aggregate CAR action.

  • Page 69: Displaying And Maintaining Aggregate Car Configuration, Aggregate Car Configuration Example, Network Requirements, Configuration Procedure

    Displaying and maintaining aggregate CAR configuration Task Command Remarks display qos car name [ car-name ] Display statistics for aggregate [ | { begin | exclude | include } Available in any view CAR actions. regular-expression ] Clear statistics for aggregate CAR reset qos car name [ car-name ] Available in user view actions.

  • Page 70

    [Sysname] traffic classifier 1 [Sysname-classifier-1] if-match service-vlan-id 10 [Sysname-classifier-1] quit [Sysname] traffic behavior 1 [Sysname-behavior-1] car name aggcar-1 [Sysname-behavior-1] quit # Create class 2 to match traffic of VLAN 100; create behavior 2, and reference the aggregate CAR in the behavior. [Sysname] traffic classifier 2 [Sysname-classifier-2] if-match service-vlan-id 100 [Sysname-classifier-2] quit...

  • Page 71: Configuring Class-based Accounting, Configuration Procedure, Displaying And Maintaining Traffic Accounting

    Configuring class-based accounting Class-based accounting collects statistics (in packets or bytes) on a per-traffic class basis. For example, you can define the action to collect statistics for traffic sourced from a certain IP address. By analyzing the statistics, you can determine whether anomalies have occurred and what action to take. Configuration procedure To configure class-based accounting: Step...

  • Page 72: Class-based Accounting Configuration Example, Network Requirements, Configuration Procedure

    Class-based accounting configuration example Network requirements As shown in Figure 22, Host is connected to GigabitEthernet 1/0/1 of Device A. Configure class-based accounting to collect statistics for traffic sourced from 1.1.1.1/24 and received on GigabitEthernet 1/0/1. Figure 22 Network diagram Configuration procedure # Create basic ACL 2000, and configure a rule to match packets with source IP address 1.1.1.1.

  • Page 73

    Operator: AND Rule(s) : If-match acl 2000 Behavior: behavior_1 Accounting Enable: 28529 (Packets)

  • Page 74: Configuring Burst, Configuration Prerequisites, Configuration Procedure, Burst Configuration Example, Network Requirements

    Configuring burst The burst function improves packet buffering and forwarding performance in the following scenarios: Dense broadcast or multicast traffic and massive burst traffic are present. • High-speed traffic is forwarded over a low-speed link or traffic received from multiple interfaces at •...

  • Page 75

    Figure 23 Network diagram for burst configuration Configuration procedure # Enter system view. <Switch> system-view # Enable the burst function. [Switch] burst-mode enable...

  • Page 76: Appendix A Default Priority Mapping Tables, Uncolored Priority Mapping Tables

    Appendix A Default priority mapping tables Uncolored priority mapping tables For the default dscp-dscp mapping table, an input value yields a target value equal to it. Table 5 Default dot1p-lp and dot1p-dp priority mapping tables Input priority value dot1p-lp mapping dot1p-dp mapping 802.1p priority (dot1p) Local precedence (lp)

  • Page 77: Appendix B Packet Precedences, Ip Precedence And Dscp Values

    Appendix B Packet precedences IP precedence and DSCP values Figure 24 ToS and DS fields As shown in Figure 24, the ToS field in the IPv4 header contains eight bits, where the first three bits (0 to 2) represent IP precedence from 0 to 7; the Traffic Classes field in the IPv6 header contains eight bits, where the first three bits (0 to 2) represent IP precedence from 0 to 7.

  • Page 78: P Priority

    DSCP value (decimal) DSCP value (binary) Description 010100 af22 010110 af23 011010 af31 011100 af32 011110 af33 100010 af41 100100 af42 100110 af43 001000 010000 011000 100000 101000 110000 111000 000000 be (default) 802.1p priority 802.1p priority lies in the Layer 2 header and applies to occasions where Layer 3 header analysis is not needed and QoS must be assured at Layer 2.

  • Page 79

    Figure 26 802.1Q tag header Table 9 Description on 802.1p priority 802.1p priority (decimal) 802.1p priority (binary) Description best-effort background spare excellent-effort controlled-load video voice network-management...

  • Page 80: Support And Other Resources, Contacting Hp, Subscription Service, Related Information, Documents, Websites

    Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.com/support Before contacting HP, collect the following information: Product model names and numbers • • Technical support registration number (if applicable) Product serial numbers •...

  • Page 81: Conventions

    Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional. Braces enclose a set of required syntax choices separated by vertical bars, from which { x | y | ...

  • Page 82

    Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.

  • Page 83: Index

    Index A B C D I L M N O P Q R T U Contacting HP,74 Conventions,75 ACL configuration task list,3 Copying an ACL,9 Aggregate CAR configuration example,63 Applying the QoS policy,21 Defining a class,18 Defining a policy,21 Burst configuration example,68 Defining a traffic behavior,20...

  • Page 84

    Overview,62 Overview,25 Redirect-to-next hop configuration example,60 Related information,74 Packet filtering with ACLs,10 Priority mapping table and priority marking Traffic filtering configuration example,53 configuration example,29 Traffic policing configuration example,37 Priority trust mode configuration example,28 Uncolored priority mapping tables,70 QoS service models,15 techniques,16...

This manual also for:

3600 v2 series

Comments to this Manuals

Symbols: 0
Latest comments: