Huawei S3700HI Скачать руководство пользователя страница 38 | Manualshive

Страница: 38 / 108

background image

1.5.3 Filtering the Traffic That Matches an ACL Rule

Context

By filtering the traffic that matches an ACL rule, the S3700 rejects or permits the packets that
match the ACL rule so that the traffic is controlled.

Procedure

l

Configuring traffic filtering globally
1.

Run:

system-view

The system view is displayed.

2.

Run:

traffic-filter

[

vlan

vlan-id

]

inbound

acl

{ [

ipv6

] {

bas-acl

|

adv-

acl

|

name

acl-name

} |

l2-acl

|

user-acl

} [

rule

rule-id

]

The incoming packets matching an ACL rule are filtered on an interface.

NOTE

If the value of

vlan

vlan-id

is specified, it indicates that VLAN-based traffic filtering is

configured and the traffic matching an ACL rule is filtered on all interfaces on the VLAN.

If the value of

vlan

vlan-id

is not specified, the statistics on the traffic matching an ACL rule

are collected on all interfaces of the device.

A Layer 2 ACL and a Layer 3 ACL can be set in the

traffic-filter

command simultaneously.

The Layer 3 ACL and its rules can be configured only after the Layer 2 ACL and its rules are
configured. The Layer 2 ACL number ranges from 4000 to 4999 and the Layer 3 ACL number
ranges from 2000 to 2999 or 3000 to 3999.

To configure both Layer 2 ACLs and Layer 3 ACLs on a switch interface, use the following
command:

traffic-filter

[

vlan

vlan-id

]

inbound

acl

{

l2-acl

|

name

acl-name

} [

rule

rule-id

]

acl

{

bas-

acl

|

adv-acl

|

name

acl-name

} [

rule

rule-id

]

l

Configuring traffic filtering on an interface
1.

Run:

system-view

The system view is displayed.

2.

Run:

interface

interface-type

interface-number

The interface view is displayed.

Or, run:

interface eth-trunk

trunk-id

The Eth-Trunk interface view is displayed.

3.

Run:

traffic-filter

inbound

acl

{ [

ipv6

] {

bas-acl

|

adv-acl

|

name

acl-name

}

|

l2-acl

|

user-acl

} [

rule

rule-id

]

The incoming packets matching an ACL rule are filtered on an interface.

S3700HI Ethernet Switches
Configuration Guide - QoS

1 Class-based QoS Configuration

Issue 01 (2012-03-15)

Huawei Proprietary and Confidential

Copyright © Huawei Technologies Co., Ltd.

31

«
...
36
37
38
39
40
...
»

Содержание S3700HI

Страница 1: ...S3700HI Ethernet Switches V200R001C00 Configuration Guide QoS Issue 01 Date 2012 03 15 HUAWEI TECHNOLOGIES CO LTD ...

Страница 2: ...be within the purchase scope or the usage scope Unless otherwise specified in the contract all statements information and recommendations in this document are provided AS IS without warranties guarantees or representations of any kind either express or implied The information in this document is subject to change without notice Every effort has been made in the preparation of this document to ensu...

Страница 3: ...icates a hazard with a high level of risk which if not avoided will result in death or serious injury WARNING Indicates a hazard with a medium or low level of risk which if not avoided could result in minor or moderate injury CAUTION Indicates a potentially hazardous situation which if not avoided could result in equipment damage data loss performance degradation or unexpected results TIP Indicate...

Страница 4: ... are grouped in braces and separated by vertical bars A minimum of one item or a maximum of all items can be selected x y Optional items are grouped in brackets and separated by vertical bars Several items or no item can be selected 1 n The parameter before the sign can be repeated 1 to n times A line starting with the sign is comments Change History Updates between document issues are cumulative ...

Страница 5: ...1 4 6 Checking the Configuration 26 1 5 Configuring a Traffic Policy by Using Simplified QoS Commands 27 1 5 1 Establishing the Configuration Task 27 1 5 2 Configuring Traffic Policing for the Traffic That Matches an ACL Rule 28 1 5 3 Filtering the Traffic That Matches an ACL Rule 31 1 5 4 Re marking the Traffic That Matches an ACL Rule 32 1 5 5 Collecting Statistics on the Traffic That Matches an...

Страница 6: ...Length of the Interface Queue 65 2 4 4 Configuring Traffic Shaping in an Interface Queue 65 2 4 5 Checking the Configuration 66 2 5 Maintaining Traffic Policing and Traffic Shaping 66 2 5 1 Displaying the Traffic Statistics 67 2 5 2 Checking the Usage of the Queue 67 2 5 3 Clearing the Traffic Statistics 67 2 6 Configuration Examples 68 2 6 1 Example for Configuring Traffic Policing Based on an In...

Страница 7: ...g the Scheduling Mode for an Interface Queue 94 3 3 5 Checking the Configuration 95 3 4 Maintaining Congestion Avoidance and Congestion Management 95 3 4 1 Displaying the Queue based Statistics 95 3 4 2 Clearing the Queue based Statistics 96 3 5 Configuration Examples 96 3 5 1 Example for Configuring Congestion Avoidance and Congestion Management on the S3700HI 96 S3700HI Ethernet Switches Configu...

Страница 8: ...ntiated services 1 4 Creating a Traffic Policy Based on Complex Traffic Classification After the traffic policy based on complex traffic classification is configured the S3700 classifies packets according to the priority of packets and quintuple information Then the S3700 takes different traffic actions for packets matching classification conditions such as permit deny re marking and redirection 1...

Страница 9: ... downstream device provides QoS services based on packet priorities Simple traffic classification is based on the following l DSCP priority of IP packets l 802 1p priority of packets in a VLAN Complex Traffic Classification Complex traffic classification is performed based on Layer 2 or Layer 3 information in packets or by using access control lists ACLs You can bind a traffic classifier to a traf...

Страница 10: ...ping congestion avoidance and queue scheduling In addition the S3700 can re mark priorities of outgoing packets so that the downstream device can provide differentiated QoS based on packet priorities Table 1 1 shows the mappings between internal priorities and queues Table 1 1 Mappings between internal priorities and queues Internal Priority Queue Index BE 0 AF1 1 AF2 2 AF3 3 AF4 4 EF 5 CS6 6 CS7 ...

Страница 11: ...nly incoming packets l Traffic policing This traffic control action limits the volume of traffic and the resources used by the traffic to monitor the traffic rate By using traffic policing the S3700 can discard and re mark the colors and CoS of packets whose rate exceeds the rate limit Here traffic policing based on traffic classification is implemented For details about traffic policing see 2 Tra...

Страница 12: ... After the DiffServ domain is bound to an inbound interface the QoS mechanism performs congestion management and congestion avoidance according to packet PHBs and colors on an inbound interface When packets are sent to a downstream device you can classify them based on packet PHBs and colors In a DiffServ domain define the mapping from packet PHBs and colors to priorities to classify packets After...

Страница 13: ...ities and marks internal priorities for the packets based on DSCP priorities of packets To set the same trust priority on multiple interfaces perform the configuration on the port group NOTE Internal priorities are represented by CoS and colors defined in the DiffServ model Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The interf...

Страница 14: ...ault the 802 1p priority of an interface is 0 End 1 3 4 Creating a DiffServ Domain and Configuring Priority Mapping When the S3700 functions as a border node between a DiffServ domain and other networks configure mappings between internal priorities PHBs and colors and external priorities such as 802 1p priorities DSCP priorities and EXP priorities Context A DiffServ domain is composed of a group ...

Страница 15: ...e phb service class color l To map PHBs and colors to DSCP priorities of IP packets run the following command on the outbound interface ip dscp outbound service class color map dscp value For details about the mapping see the following commands l 8021p inbound defines the mapping from the default 802 1p priorities to PHBs and colors l 8021p outbound defines the mapping from PHBs and colors to 802 ...

Страница 16: ... The interface is bound to a DiffServ domain If the trust upstream none command is run on an interface the S3700 does not perform priority mapping for incoming and outgoing packets on the interface To delete the DiffServ domain that is bound to an interface you must first run the undo trust upstream command to delete the bound DiffServ domain Then run the trust upstream command to reconfigure the ...

Страница 17: ...he applicable environment complete the pre configuration tasks and obtain the required data This helps you complete the configuration task quickly and accurately Applicable Environment At the ingress of a network the S3700 functions as a border node To limit the incoming traffic on a network the S3700 can provide differentiated services for various services according to the DSCP field protocol typ...

Страница 18: ...ssifier classifier name operator and or A traffic classifier based on Layer 2 information is created and the traffic classifier view is displayed The and parameter indicates that the relationship between rules in a traffic classifier is AND That is the packets match a traffic classifier only when the packets match all non ACL rules and an ACL rule in the traffic classifier The or parameter indicat...

Страница 19: ...p ip mpls rarp protocol value l To define matching rules based on all the packets run if match any End Creating a Traffic Classifier Based on Layer 3 Information After traffic classification based on Layer 3 information is configured the S3700 classifies packets according to Layer 3 information in packets Procedure Step 1 Run system view The system view is displayed Step 2 Run traffic classifier c...

Страница 20: ...ic ACLs Layer 2 ACLs user defined ACLs and advanced ACLs l Basic ACLs are used to classify data packets based on the source IP address fragmentation flag and time segment of packets l Advanced ACLs are used to classify and define data packets based on the source IP address destination IP address source port number destination port number fragmentation flag time segment and protocol type of packets...

Страница 21: ...parameter indicates that the relationship between rules in a traffic classifier is AND That is packets match a traffic classifier only when the packets match all non ACL rules and an ACL rule in the traffic classifier The or parameter indicates that the relationship between rules in a traffic classifier is OR That is packets match a traffic classifier when the packets match a rule in the traffic c...

Страница 22: ...stination destination address destination wildcard any destination port eq gt lt range port dscp dscp fragment logging precedence precedence source source address source wildcard any source port eq gt lt range port time range time name tos tos ttl expired When the parameter protocol is specified as another protocol rather than TCP UDP or ICMP the command format is as follows rule rule id deny perm...

Страница 23: ...ngth destination ipv6 address postfix postfix length any dscp dscp fragment logging precedence precedence source source ipv6 address prefix length source ipv6 address prefix length source ipv6 address postfix postfix length any time range time name tos tos 5 Run quit Return to the system view 6 Run traffic classifier classifier name operator and or A traffic classifier is created and the traffic c...

Страница 24: ...ship between rules in a traffic classifier is AND That is packets match a traffic classifier only when the packets match all non ACL rules and an ACL rule in the traffic classifier The or parameter indicates that the relationship between rules in a traffic classifier is OR That is packets match a traffic classifier when the packets match a rule in the traffic classifier By default the relationship...

Страница 25: ...only the if match acl user defined acl number command in a traffic classifier where the relationship between rules is OR or configure other matching rules When the if match acl user defined acl number command is used and other matching rules are configured the if match acl user defined acl number command can only be used with the if match vlan id or if match l2 protocol command Otherwise the traff...

Страница 26: ...ckets and DSCP value of IP packets Procedure Step 1 Run system view The system view is displayed Step 2 Run traffic behavior behavior name A traffic behavior is created and the traffic behavior view is displayed Step 3 Run the following commands as required l Run remark 8021p 8021p value inner 8021p The 802 1p priority of the packets matching the traffic classification is re marked NOTE If inner 8...

Страница 27: ...e packets matching the traffic classification is re marked NOTE The DSCP value and IP precedence of packets cannot be re marked at the same time End Configuring the Redirection Action The redirection action redirects packets matching the traffic classification rule to the CPU the specified interface the specified next hop address Procedure Step 1 Run system view The system view is displayed Step 2...

Страница 28: ...de That is the S3700 selects a next hop by using the Hash algorithm based on the source IP addresses of the packets regardless of the traffic volume If the source IP addresses of the packets are the same the S3700 forwards the packets to the same next hop regardless of the traffic volume When redirecting packets to multiple next hops the S3700 can quickly switch the link to an available outbound i...

Страница 29: ...s car command to configure a CAR profile End Configuring Flow Mirroring The flow mirroring action mirrors all the packets matching traffic classification rules to the observing interface Procedure Step 1 Run system view The system view is displayed Step 2 Run traffic behavior behavior name A traffic behavior is created and the traffic behavior view is displayed Step 3 Run mirroring to observe port...

Страница 30: ...hen a network is running stably and the MAC address of packets is fixed a device does not need to learn MAC addresses of other packets You can apply a traffic policy and disable MAC address learning in all the traffic classifiers bound to the traffic policy This saves MAC addresses are saved and improves device performance Unauthorized users may change MAC addresses frequently to attack a network ...

Страница 31: ...order and configuration order l If the automatic order is used traffic classifiers are matched based on their priorities The priority order is Layer 2 and Layer 3 information Layer 3 information Layer 2 information The traffic classifier with the highest priority is matched first l If the configuration order is used traffic classifiers are matched in the sequence in which they were bound to the tr...

Страница 32: ...traffic classification rules on all the member switches A traffic policy that is applied to a specified slot takes effect on all the interfaces and VLANs of the member switch with the specified stack ID The system then performs traffic policing for all the incoming and outgoing packets that match traffic classification rules on this member switch If a stack system is not established a traffic poli...

Страница 33: ...the inbound or outbound direction End 1 4 6 Checking the Configuration After a traffic policy based on complex traffic classification is configured you can view the configuration of the traffic classifier traffic behavior and traffic policy Prerequisites The configurations of the traffic policy based on complex traffic classification are complete Procedure l Run the display acl acl number all comm...

Страница 34: ...c entering the network you can use simplified QoS commands to configure a traffic policy on the S3700 Then the S3700 can provide differentiated services for different service flows based on the parameters of the packets such as the DSCP value protocol type IP address port number type of the fragmented packets and time range By using simplified QoS commands you can configure traffic monitoring traf...

Страница 35: ...rk dscp dscp value yellow drop pass remark 8021p 8021p value remark dscp dscp value red drop pass remark 8021p 8021p value remark dscp dscp value Traffic policing is performed for incoming packets based on the ACL rule Or run traffic limit vlan vlan id outbound acl ipv6 bas acl adv acl name acl name l2 acl rule rule id cir cir value pir pir value cbs cbs value pbs pbs value green drop pass remark ...

Страница 36: ... to 4999 and the Layer 3 ACL number ranges from 2000 to 2999 or 3000 to 3999 To configure both Layer 2 ACLs and Layer 3 ACLs on an inbound interface of a switch use the following command traffic limit vlan vlan id inbound acl l2 acl name acl name rule rule id acl bas acl adv acl name acl name rule rule id cir cir value pir pir value cbs cbs value pbs pbs value green drop pass remark 8021p 8021p va...

Страница 37: ...ction is configured in the ACL rule the traffic limit command does not take effect l If the permit action is configured in the ACL rule the traffic limit command takes effect A Layer 2 ACL and a Layer 3 ACL can be set in the traffic limit command simultaneously The Layer 3 ACL and its rules can be configured only after the Layer 2 ACL and its rules are configured The Layer 2 ACL number ranges from...

Страница 38: ...raffic filter command simultaneously The Layer 3 ACL and its rules can be configured only after the Layer 2 ACL and its rules are configured The Layer 2 ACL number ranges from 4000 to 4999 and the Layer 3 ACL number ranges from 2000 to 2999 or 3000 to 3999 To configure both Layer 2 ACLs and Layer 3 ACLs on a switch interface use the following command traffic filter vlan vlan id inbound acl l2 acl ...

Страница 39: ... marking action the S3700 re marks priorities of packets matching traffic classification rules such as 802 1p priorities of VLAN packets DSCP priorities of IP packets and EXP priorities of MPLS packets Procedure l Configuring re marking globally 1 Run system view The system view is displayed 2 Run traffic remark vlan vlan id inbound acl ipv6 bas acl adv acl name acl name l2 acl user acl rule rule ...

Страница 40: ...an vlan id inbound acl l2 acl name acl name rule rule id acl bas acl adv acl name acl name rule rule id 8021p 8021p value destination mac mac address dscp dscp name dscp value local precedence local precedence value ip precedence ip precedence value vlan id vlan id If you use the traffic remark vlan vlan id inbound acl acl number vlan vlan id command to re mark VLAN IDs on incoming packets the VLA...

Страница 41: ...istics on packets matching traffic classification rules Procedure l Configuring traffic statistics globally 1 Run system view The system view is displayed 2 Run traffic statistic vlan vlan id inbound acl ipv6 bas acl adv acl name acl name l2 acl user acl rule rule id by bytes The statistics on the incoming packets matching an ACL rule are collected on an interface NOTE If the value of vlan vlan id...

Страница 42: ...s from 2000 to 2999 or 3000 to 3999 To configure both Layer 2 ACLs and Layer 3 ACLs on an interface of a switch use the following command traffic statistic inbound acl l2 acl name acl name rule rule id acl bas acl adv acl name acl name rule rule id by bytes End 1 5 6 Mirroring Traffic That Matches an ACL Rule Context By configuring traffic mirroring you can mirror packets that match an ACL rule to...

Страница 43: ... the Eth Trunk interface view is displayed 3 Run traffic mirror inbound acl ipv6 bas acl adv acl name acl name l2 acl user acl rule rule id to observe port o index The incoming packets matching an ACL rule are mirrored on an interface NOTE A Layer 2 ACL and a Layer 3 ACL can be set in the traffic mirror command simultaneously The Layer 3 ACL and its rules can be configured only after the Layer 2 A...

Страница 44: ...3 ACLs on an interface of a switch use the following command traffic redirect vlan vlan id inbound acl l2 acl name acl name rule rule id acl bas acl adv acl name acl name rule rule id cpu interface interface type interface number ip nexthop ip nexthop ipv6 nexthop ipv6 nexthop l Configuring traffic redirection on an interface 1 Run system view The system view is displayed 2 Run interface interface...

Страница 45: ...se class classifier name command to check the flow based traffic statistics End 1 6 2 Clearing the Flow based Traffic Statistics You can use the reset command to clear the flow based traffic statistics Context CAUTION The flow based traffic statistics cannot be restored after being cleared Exercise caution when you run the command Procedure l Run the reset traffic policy statistics global slot slo...

Страница 46: ...s mapped to 2 By doing this Switch provides differentiated services Figure 1 1 Networking diagram of priority mapping based on simple traffic classification Core Network GE0 0 1 GE0 0 3 Switch Router GE0 0 2 VLAN 100 VLAN 200 Branch 1 of the enterprise branch 2 of the enterprise VLAN 300 Configuration Roadmap The configuration roadmap is as follows 1 Create VLANs and configure interfaces so that B...

Страница 47: ...ch GigabitEthernet0 0 3 quit Create VLANIF 300 and assign interface IP address uo192 168 1 1 24 to VLANIF 300 Switch interface vlanif 300 Switch Vlanif300 ip address 192 168 1 1 24 NOTE Assign IP address 192 168 1 2 24 to the interface connecting the router and the Switch Step 2 Create and configure DiffServ domains Create DiffServ domains ds1 and ds2 and map 802 1p priorities of packets from Bran...

Страница 48: ...rks different 802 1p priorities of packets with different VLAN IDs to provide differentiated services Networking Requirements The Switch is connected to the router through GE0 0 3 Branch 1 and Branch 2 of the enterprise can access the network through the Switch and router See Figure 1 2 Data services of Branch 1 and Branch 2 of the enterprise come from VLANs 100 and 200 When the data service packe...

Страница 49: ...c classifiers in the traffic policy and apply the traffic policy to the interface at the inbound direction Data Preparation To complete the configuration you need the following data l Re marked priorities of packets with different VLAN IDs in the inner VLAN tags l Type direction and number of the interface that a traffic policy needs to be applied to Procedure Step 1 Create VLANs and configure int...

Страница 50: ...ier c1 quit Switch traffic classifier c2 operator and Switch classifier c2 if match cvlan id 200 Switch classifier c2 quit Step 3 Create traffic behaviors Create traffic behaviors b1 to b2 on the Switch to re mark priorities of user packets Switch traffic behavior b1 Switch behavior b1 remark 8021p 4 Switch behavior b1 quit Switch traffic behavior b2 Switch behavior b2 remark 8021p 2 Switch behavi...

Страница 51: ...erator and if match cvlan id 100 traffic behavior b2 remark 8021p 2 traffic behavior b1 remark 8021p 4 traffic policy p1 classifier c1 behavior b1 classifier c2 behavior b2 interface Vlanif300 ip address 192 168 1 1 255 255 255 0 interface GigabitEthernet0 0 1 qinq vlan translation enable port hybrid pvid vlan 100 port hybrid untagged vlan 100 300 port vlan stacking vlan 100 stack vlan 300 traffic...

Страница 52: ...20 20 1 24 20 20 30 2 24 20 20 30 1 24 L2 Switch Switch Router Core network Configuration Roadmap The configuration roadmap is as follows 1 Create VLANs and configure interfaces so that the Switch can ping the ISP device 2 Create ACL rules to match the packets with priorities as 4 5 6 and 7 and priorities as 0 1 2 and 3 3 Create traffic classifiers to match the preceding ACL rules 4 Create traffic...

Страница 53: ...h Vlanif30 quit NOTE Assign network segment addresses 20 20 20 1 24 and 20 20 30 1 24 to the interfaces connecting the router and Switch The details are not mentioned here Step 2 Create ACL rules Create advanced ACL rules 3001 and 3002 on the Switch to permit the packets with priorities as 4 5 6 and 7 and priorities as 0 1 2 and 3 to pass through Switch acl 3001 Switch acl adv 3001 rule permit ip ...

Страница 54: ...ernet0 0 1 quit Step 6 Verify the configuration Check the configuration of ACL rules Switch display acl 3001 Advanced ACL 3001 4 rules Acl s step is 5 rule 5 permit ip precedence routine rule 10 permit ip precedence priority rule 15 permit ip precedence immediate rule 20 permit ip precedence flash Switch display acl 3002 Advanced ACL 3002 4 rules Acl s step is 5 rule 5 permit ip precedence flash o...

Страница 55: ...ier c1 operator and if match acl 3001 traffic classifier c2 operator and if match acl 3002 traffic behavior b1 redirect ip nexthop 20 20 20 1 traffic behavior b2 redirect ip nexthop 20 20 30 1 traffic policy p1 classifier c1 behavior b1 classifier c2 behavior b2 interface Vlanif20 ip address 20 20 20 2 255 255 255 0 interface Vlanif30 ip address 20 20 30 2 255 255 255 0 interface GigabitEthernet0 ...

Страница 56: ... 20 20 20 2 24 Configuration Roadmap The configuration roadmap is as follows 1 Configure interfaces so that the Switch is connected to PC1 and the router 2 Create an ACL to match the packets with the source MAC address as 0000 0000 0003 3 Create a traffic classifier to match the ACL 4 Create a traffic behavior to take the statistics on the matching packets 5 Create a traffic policy bind the traffi...

Страница 57: ...0000 0000 0003 Switch acl 4000 Switch acl L2 4000 rule permit source mac 0000 0000 0003 ffff ffff ffff Switch acl L2 4000 quit Step 3 Create a traffic classifier Create traffic classifier c1 on the Switch with ACL 4000 as the matching rule Switch traffic classifier c1 Switch classifier c1 if match acl 4000 Switch classifier c1 quit Step 4 Create a traffic behavior Create traffic behavior b1 on the...

Страница 58: ...icy p1 Classifier c1 Operator AND Behavior b1 Statistic enable End Configuration Files l Configuration file of the Switch sysname Switch vlan batch 20 acl number 4000 rule 5 permit source mac 0000 0000 0003 traffic classifier c1 operator and if match acl 4000 traffic behavior b1 statistic enable traffic policy p1 classifier c1 behavior b1 interface Vlanif20 ip address 20 20 20 1 255 255 255 0 inte...

Страница 59: ...affic on the interface 2 3 Configuring Traffic Policing Based on a Traffic Classifier After traffic policing based on a traffic classifier is configured the S3700 policies the traffic matching traffic classification rules 2 4 Configuring Traffic Shaping After traffic shaping is configured the S3700 shapes packets matching traffic classification rules so that packets are sent out at an even rate 2 ...

Страница 60: ... stores a certain number of tokens The S3700 puts tokens at the configured rate one token bucket can forward one bit of data in a token bucket When the token bucket is full the excess tokens overflow and the number of tokens no longer increases When measuring the traffic in a token bucket the S3700 forwards packets based on the number of tokens in the token bucket If there are sufficient tokens in...

Страница 61: ...l Interface based traffic policing Interface based traffic policing controls all incoming traffic on an interface regardless of packet types It discards the excess traffic limits traffic within a proper range and protects network resources and carriers interests l Traffic policing based on a traffic classifier Traffic policing based on a traffic classifier limits the rate of the traffic matching a...

Страница 62: ... that need to be sent from this interface Continue to send Token bucket Put tokens into the bucket at the set rate Classification Drop Queue The delay may be increased just because the traffic shaping technology puts the packets into a buffer or a queue The traffic policing technology however does not cause a delay Traffic Shaping Features Supported by the S3700 The S3700 supports the following tr...

Страница 63: ...ased traffic policing is applied to the interface the rate of all the user service traffic entering the interface is limited Pre configuration Tasks Before configuring a limit rate on the interface complete the following tasks l Setting physical parameters of interfaces l Setting link layer attributes of interfaces to ensure normal operation of these interfaces l Assigning IP addresses to the inte...

Страница 64: ... configured on the interface End 2 2 3 Displaying the Maximum Length of a Queue Traffic policing on the management interface limits the traffic received from the management interface to improve system performance Procedure Step 1 Run system view The system view is displayed Step 2 Run interface meth 0 0 1 The MEth interface view is displayed Step 3 Run qos lr pps packets The rate limit is set NOTE...

Страница 65: ...ment If the service traffic sent by users is not limited a network is congested because a large number of users send bursts of data in the same period To make full use of limited network resources and provide better services for more users limit user service traffic Traffic policing based on a traffic classifier can be used to control the service traffic of a certain type Pre configuration Tasks B...

Страница 66: ...tching the traffic classifier bound to the aggregate CAR action in the same traffic policy and applies the CAR to the flows This is also called hierarchical traffic policing Hierarchical traffic policing implements traffic statistics multiplexing and service control For example hierarchical traffic policing limits the services of level 1 and level 2 users It also limits the traffic of level 1 user...

Страница 67: ...created and the traffic behavior view is displayed 4 Run car car name share An aggregate CAR action is configured NOTE Aggregate CAR is valid for only incoming packets After aggregate CAR is configured the rules in a traffic classifier bound to a traffic behavior share a CAR index The system aggregates the traffic and implements the CAR for the traffic If the traffic classifier contains both Layer...

Страница 68: ...cy cannot be applied to the system and a slot simultaneously The system performs traffic policing as follows If a stack system is established a traffic policy that is applied to the system takes effect on all the interfaces and VLANs of all the member switches in the stack The system then performs traffic policing for all the incoming and outgoing packets that match traffic classification rules on...

Страница 69: ...und direction Only one traffic policy can be applied to a VLAN in the inbound or outbound direction After a traffic policy is applied the system performs traffic policing for the packets that belong to a VLAN and match a traffic classifier in the inbound or outbound direction End 2 3 6 Checking the Configuration After traffic policing based on a traffic classifier is configured you can view the tr...

Страница 70: ...m network In this manner the rate of packets sent to the downstream network meets the requirements of the bandwidth of the downstream network This can prevent congestion and packet loss on the network to a certain degree The S3700 supports traffic shaping on an interface and in an interface queue You can configure traffic shaping as required If traffic shaping of these two types is configured ensu...

Страница 71: ...erface Group in the S3700HI Ethernet Switches Configuration Guide Ethernet Step 3 Run qos lr inbound outbound cir cir value cbs cbs value The rate for traffic shaping on an interface is set By default the CIR for traffic shaping on an interface is the maximum bandwidth of the interface For example the CIR for traffic shaping on an Ethernet interface is 100000 kbit s the CIR for traffic shaping on ...

Страница 72: ...ic shaping for packets of a certain type of services on an interface Before configuring traffic shaping in an interface queue map priorities of packets to PHBs based on simple traffic classification or re mark the internal priorities based on complex traffic classification Different services can enter different interface queues To set the same queue shaping rate on multiple interfaces perform the ...

Страница 73: ...interface queue Context Before viewing the traffic shaping parameters of an interface queue run the qos queue statistics enable command to enable the traffic statistics function for the interface queue Procedure l Run the display qos lr inbound outbound interface interface type interface number command to check the rate limit on the specified interface l Run the display qos queue statistics interf...

Страница 74: ... You can use display commands to view the Usage of the Queue Context To obtain the usage of queues you can run the following command in any view Procedure l Run the display qos queue length interface interface type interface number command to view the usage of priority queues on the interface End 2 5 3 Clearing the Traffic Statistics You can use the reset commands to clear the traffic statistics C...

Страница 75: ... 2 3 the Switch is connected to GE 0 0 1 through the router branch 1 and branch 2 of the enterprise are connected to the Switch through Eth 0 0 1 and Eth 0 0 2 and access the network through the Switch and router Branch 1 and branch 2 of the enterprise require 8 Mbit s and 5 Mbit s bandwidth Figure 2 3 Networking diagram of traffic policing Core network Eth0 0 1 GE0 0 1 LSW1 Switch Router LSW2 Eth...

Страница 76: ...ch interface ethernet0 0 2 Switch Ethernet0 0 2 port link type trunk Switch Ethernet0 0 2 port trunk allow pass vlan 200 Switch Ethernet0 0 2 quit Switch interface gigabitethernet0 0 1 Switch GigabitEthernet0 0 1 port link type trunk Switch GigabitEthernet0 0 1 port trunk allow pass vlan 100 200 300 Switch GigabitEthernet0 0 1 quit Create VLANIF 300 and set its network segment address to 192 168 1...

Страница 77: ... policing based on a traffic classifier and setting different CAR parameters Networking Requirements The Switch is connected to the router by using GE 0 0 2 enterprise users can access the network by using the Switch and the router In Table 2 1 l Voice services belong to VLAN 120 l Video services belong to VLAN 110 l Data services belong to VLAN 100 On the Switch traffic policing needs to be perfo...

Страница 78: ...mit the traffic received from the enterprise and re mark DSCP priorities of packets 4 Create a traffic policy on the Switch bind traffic behaviors to traffic classifiers in the traffic policy and apply the traffic policy to the interface between the enterprise and the Switch Data Preparation To complete the configuration you need the following data l Names of traffic classifiers matching service f...

Страница 79: ...00 Switch classifier c3 quit Step 3 Create traffic behaviors Create traffic behaviors b1 to b3 on the Switch to limit different service flows and re mark priorities Switch traffic behavior b1 Switch behavior b1 car cir 2000 pir 10000 green pass Switch behavior b1 remark dscp 46 Switch behavior b1 statistic enable Switch behavior b1 quit Switch traffic behavior b2 Switch behavior b2 car cir 4000 pi...

Страница 80: ...tch display traffic policy user defined p1 User Defined Traffic Policy Information Policy p1 Classifier c1 Operator AND Behavior b1 Committed Access Rate CIR 2000 Kbps CBS 250000 Byte PIR 10000 Kbps PBS 1250000 Byte Green Action pass Yellow Action pass Red Action discard Marking Remark DSCP ef statistic enable Classifier c2 Operator AND Behavior b2 Committed Access Rate CIR 4000 Kbps CBS 500000 By...

Страница 81: ...d 100 traffic behavior b1 car cir 2000 pir 10000 cbs 250000 pbs 1250000 green pass yellow pass red discard remark dscp ef statistic enable traffic behavior b2 car cir 4000 pir 10000 cbs 500000 pbs 1250000 green pass yellow pass red discard remark dscp af33 statistic enable traffic behavior b3 car cir 4000 pir 10000 cbs 500000 pbs 1250000 green pass yellow pass red discard remark dscp af13 statisti...

Страница 82: ...ter to each city is 2 Mbit s l The Switch processes voice video and data services based on priorities It sends traffic with higher priorities first and allocates certain bandwidth to traffic with lower priorities l With bandwidth guarantee bandwidth is allocated randomly Table 2 2 Downstream traffic control on the Switch City EF Traffic AF31 Traffic AF11 Traffic BE Traffic City A 700 kbit s 400 kb...

Страница 83: ...traffic l CIR values l Traffic policy name and type and number of the interface to which the traffic policy is applied Procedure Step 1 Configure CAR profiles Create and configure a CAR profile to limit the traffic sent to city A within 2 Mbit s Quidway system view Quidway sysname Switch Switch qos car city_a cir 2000 Create and configure a CAR profile to limit the traffic sent to city B within 2 ...

Страница 84: ...sifier city_b_ef quit Switch traffic classifier city_b_af31 operator and Switch classifier city_b_af31 if match dscp af31 Switch classifier city_b_af31 if match acl 3001 Switch classifier city_b_af31 quit Switch traffic classifier city_b_af11 operator and Switch classifier city_b_af11 if match dscp af11 Switch classifier city_b_af11 if match acl 3001 Switch classifier city_b_af11 quit Switch traff...

Страница 85: ...ior city_b_be statistic enable Switch behavior city_b_be quit Switch traffic behavior city_b_default Switch behavior city_b_default car cir 64 pir 2000 Switch behavior city_b_default car city_b share Switch behavior city_b_default statistic enable Switch behavior city_b_default quit Step 5 Configure a traffic policy Create and configure a traffic policy city_control bind configured traffic classif...

Страница 86: ...3000 rule 5 permit tcp destination 10 1 0 0 0 0 255 255 acl number 3001 rule 5 permit tcp destination 10 2 0 0 0 0 255 255 traffic classifier city_a_af11 operator and if match acl 3000 if match dscp af11 traffic classifier city_a_af31 operator and if match dscp af31 if match acl 3000 traffic classifier city_a_be operator and if match dscp default if match acl 3000 traffic classifier city_a_default...

Страница 87: ...ity_b share statistic enable traffic behavior city_b_ef car cir 800 pir 2000 cbs 100000 pbs 250000 green pass yellow pass red discard car city_b share statistic enable traffic policy city_control classifier city_a_ef behavior city_a_ef classifier city_a_af31 behavior city_a_af31 classifier city_a_af11 behavior city_a_af11 classifier city_a_be behavior city_a_be classifier city_a_default behavior c...

Страница 88: ...3000 kbit s respectively Figure 2 6 Networking diagram for configuring traffic shaping GE0 0 1 GE0 0 2 Phone TV PC LSW Switch Router Core Network 802 1p 6 802 1p 2 802 1p 5 Residence Configuration Roadmap The configuration roadmap is as follows 1 Create VLANs and configure each interface so that the residential user can access the network through the Switch 2 Configure interfaces to trust 802 1p p...

Страница 89: ...fic shaping on an interface of the Switch and set the CIR to 20000 kbit s Switch interface gigabitethernet 0 0 1 Switch GigabitEthernet0 0 1 qos lr outbound cir 20000 Step 4 Configure traffic shaping in an interface queue Configure traffic shaping in the interface queues on the Switch and then set the CIR and PIR of the voice service to 3000 kbit s and 5000kbit s the CIR and PIR of the video servi...

Страница 90: ...d cir 20000 cbs 2500000 qos queue 2 shaping cir 2000 pir 3000 qos queue 5 shaping cir 5000 pir 8000 qos queue 6 shaping cir 3000 pir 5000 interface GigabitEthernet0 0 2 port link type trunk port trunk allow pass vlan 10 trust 8021p return S3700HI Ethernet Switches Configuration Guide QoS 2 Traffic Policing and Traffic Shaping Configuration Issue 01 2012 03 15 Huawei Proprietary and Confidential Co...

Страница 91: ...esses packets of different colors based on the WRED configuration 3 3 Configuring Congestion Management After congestion management is configured if congestion occurs on a network the S3700 determines the sequence of forwarding packets according to the defined scheduling policy 3 4 Maintaining Congestion Avoidance and Congestion Management This section describes how to maintain traffic avoidance a...

Страница 92: ...k traffic to change from heavy to light and affects the link usage RED The RED mechanism randomly discards packets so that the S3700 reduces the transmission speeds of multiple TCP connections at different periods of time This prevents global TCP synchronization RED sets the upper threshold and lower threshold for the length of each queue and processes packets as follows l When the queue length is...

Страница 93: ...ut into a low priority queue This ensures that core services are sent first The disadvantage of PQ scheduling is that the packets of lower priorities are not processed if there are a large number of packets of higher priorities when congestion occurs WRR Scheduling WRR refers to Weighted Round Robin WRR schedules packets of queues in a polling manner ensuring that packets in each queue are sent at...

Страница 94: ...n the bandwidth for a long time l If only WRR or DRR scheduling is used delay sensitive services such as voice service cannot be scheduled first l PQ WRR or PQ DRR scheduling can use the advantages of both PQ and WRR or DRR scheduling and offset their disadvantages Through PQ WRR or PQ DRR scheduling important protocol packets and delay sensitive service packets are put in a PQ queue and specified...

Страница 95: ...ptional Setting the Length of the Interface Queue You can set the maximum number of packets that can be buffered in the specified interface queue by setting the length of the interface queue Context You must run the shutdown interface view command to shut down the interface before running the qos queue max length command Otherwise traffic is interrupted and an alarm is generated Procedure Step 1 R...

Страница 96: ...Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The interface view is displayed Or run the port group port group name command to enter the port group view NOTE l The interface type can be Ethernet GE or Eth Trunk l Create a port group before performing this task For details on how to create a port group see Configuring the Interface Group in...

Страница 97: ... WRED drop profile is applied to the system and an interface simultaneously the WRED drop profile applied to the interface takes effect After a WRED drop profile is applied to the system it takes effect on all the interfaces l If WRED drop profiles are applied to an interface and an interface queue on the S3700 the S3700 matches packets with WRED drop profiles in the interface queue and the interf...

Страница 98: ...s applied to a port group l Applying a WRED drop profile to an interface queue 1 Run system view The system view is displayed 2 Run interface interface type interface number The interface view is displayed 3 Run qos queue queue index wred drop profile name The WRED drop profile is applied to an interface queue drop profile name specifies the name of a WRED drop profile and must be the same as the ...

Страница 99: ...following situations l The same delay and jitter are set for various types of packets and packets of core services such as video and voice services need to be processed first l Packets of non core services of the same priority such as email are processed in a fair manner and services of different priorities are processed according to the weights Pre configuration Tasks Before configuring congestio...

Страница 100: ...Run system view The system view is displayed l Run interface interface type interface number The interface view is displayed l Run qos queue queue index length length value The length of the interface priority queue is set End 3 3 3 Optional Setting the Minimum Size of the Static Buffer in an Interface Queue You can set the minimum size of the static buffer in an interface queue to ensure that the...

Страница 101: ...orkload Procedure Step 1 Run system view The system view is displayed Step 2 Run interface interface type interface number The interface view is displayed Or run the port group port group name command to enter the port group view NOTE Create a port group before performing this task For details about creating a port group see Optional Configuring a Port Group in the S3700HI Ethernet Switches Config...

Страница 102: ...rs of the queues on a specified interface Prerequisites The congestion management configurations are complete Procedure l Run the display qos local precedence queue map command to check the mappings between local precedences and queues l Run the display qos configuration interface interface type interface number command to check all the QoS configurations on the interface End 3 4 Maintaining Conge...

Страница 103: ...erface you can use the following command in the user view to clear the previous statistics CAUTION The queue based statistics cannot be restored after you clear them So confirm the action before you use the command Procedure l Run the reset qos queue statistics interface interface type interface number command to clear the queue based traffic statistics on the interface End 3 5 Configuration Examp...

Страница 104: ...nterfaces To reduce the effect caused by congestion and ensure that high priority and short delay services are processed first the requirements are as follows Table 3 1 Congestion avoidance parameters Types of Services Color Lower Threshold Upper Threshold Drop Percent Voice Green 80 100 10 Video Yellow 60 80 20 Data Red 40 60 40 Table 3 2 Congestion management parameters Type of Services CoS WRR ...

Страница 105: ... to an incoming interface on the Switch 3 Create a WRED drop profile on the Switch and apply the WRED drop profile on an outgoing interface 4 Set scheduling parameters of queues of different CoS on outgoing interfaces of the Switch Data Preparation To complete the configuration you need the following data l VLAN IDs of data packets video packets and voice packets namely 2 5 and 6 l PHBs mapped to ...

Страница 106: ... 3 trust upstream ds1 Switch GigabitEthernet0 0 3 trust 8021p inner Switch GigabitEthernet0 0 3 quit Step 3 Configure congestion avoidance Create drop profile wred1 on the Switch and set parameters of packets of three colors Switch drop profile wred1 Switch drop wred1 color green low limit 80 high limit 100 discard percentage 10 Switch drop wred1 color yellow low limit 60 high limit 80 discard per...

Страница 107: ...inbound 6 phb ef green 8021p inbound 7 phb cs7 green 8021p outbound be green map 0 Check the configuration of drop profile wred1 Switch display drop profile name wred1 Drop profile 3 wred1 Color Low limit High limit Discard percentage Green 80 100 10 Yellow 60 80 20 Red 40 60 40 Non tcp 100 100 100 End Configuration Files l Configuration file of the Switch sysname Switch vlan batch 2 5 6 diffserv ...

Страница 108: ...e 5 drr weight 0 qos wred wred1 qos queue 1 wred wred1 qos queue 3 wred wred1 qos queue 5 wred wred1 interface GigabitEthernet0 0 3 port link type trunk port trunk allow pass vlan 2 5 6 trust upstream ds1 trust 8021p inner return S3700HI Ethernet Switches Configuration Guide QoS 3 Congestion Avoidance and Congestion Management Configuration Issue 01 2012 03 15 Huawei Proprietary and Confidential C...

Отзывы:

Нет отзывов

Похожие инструкции для S3700HI

Бренд: 3Com Страницы: 2

CoreBuilder 5000

Бренд: 3Com Страницы: 16

CoreBuilder 9000

Бренд: 3Com Страницы: 24

Бренд: SMC Networks Страницы: 102

Бренд: H3C Страницы: 10

UHB-U3P1U2P3P-01

Бренд: Gembird Страницы: 2

Бренд: Milestone pro Страницы: 32

Smatrix Wave Plus Uahome Module R-167

Бренд: Uponor Страницы: 48

Бренд: Hama Страницы: 14

Бренд: W2IIHY Страницы: 28

Бренд: I-Tech Страницы: 123

Бренд: Bticino Страницы: 2

PowerGATE LELTS-1 Series

Бренд: Lex Страницы: 12

Бренд: JUKI Страницы: 2

Бренд: Xantech Страницы: 5

Бренд: Omega Страницы: 4

Бренд: N-Tron Страницы: 152

Atlona AT-HDR-SW-52ED

Бренд: Panduit Страницы: 81

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды