26-QoS-QoS Profile Command
Table of Contents
1 QoS Commands·········································································································································1-1
QoS Commands······································································································································1-1
burst-mode enable···························································································································1-1
display protocol-priority····················································································································1-2
display qos cos-local-precedence-map ···························································································1-3
display qos-interface all ···················································································································1-4
display qos-interface line-rate ·········································································································1-6
display qos-interface mirrored-to·····································································································1-7
display qos-interface traffic-limit ······································································································1-7
display qos-interface traffic-priority··································································································1-8
display qos-interface traffic-redirect ································································································1-9
display qos-interface traffic-remark-vlanid·······················································································1-9
display qos-interface traffic-statistic ······························································································1-10
display queue-scheduler ···············································································································1-11
line-rate··········································································································································1-11
mirrored-to ·····································································································································1-12
priority ············································································································································1-14
priority trust····································································································································1-15
protocol-priority protocol-type········································································································1-16
qos cos-local-precedence-map ·····································································································1-18
queue-scheduler····························································································································1-19
reset traffic-statistic························································································································1-21
traffic-limit ······································································································································1-22
traffic-priority··································································································································1-25
traffic-priority vlan ··························································································································1-27
traffic-redirect·································································································································1-28
traffic-remark-vlanid·······················································································································1-29
traffic-statistic·································································································································1-30
wred ···············································································································································1-31
2 QoS Profile Configuration Commands····································································································2-1
QoS Profile Configuration Commands····································································································2-1
apply qos-profile ······························································································································2-1
display qos-profile····························································································································2-2
packet-filter ······································································································································2-3
qos-profile········································································································································2-4
qos-profile port-based······················································································································2-5
traffic-limit ········································································································································2-5
traffic-priority····································································································································2-7
i
1
QoS Commands
The following commands were added:
z
VLAN mapping related commands: display qos-interface traffic-remark-vlanid and section
traffic-remark-vlanid.
z
Commands related to port rate limiting and traffic policing: line-rate and section traffic-limit.
z
VLAN-based priority marking command: traffic-priority vlan.
z
The command for redirecting traffic to an aggregation group and removing outer VLAN tags when
redirecting traffic to the specified port/aggregation group. Refer to traffic-redirect.
z
The command enabling the burst function. Refer to burst-mode enable.
QoS Commands
burst-mode enable
Syntax
burst-mode enable
undo burst-mode enable
View
System view
Parameters
None
Description
Use the burst-mode enable command to enable the burst function.
Use the undo burst-mode enable command to disable the burst function.
By default, the burst function is disabled.
The burst function improves packet buffering and forwarding performance in the following scenarios:
z
Dense broadcast or multicast traffic and massive burst traffic are present.
z
High-speed traffic is forwarded over a low-speed link or traffic received from multiple interfaces at
the same speed is forwarded through an interface at the same speed.
By enabling the burst function on your switch, you can improve the processing performance of the
switch operating in the above scenarios and thus drop packet loss rate.
1-1
For packets to be forwarded properly, you must not enable the burst function when the IRF function
z
is enabled. Refer to IRF Fabric Operation for detailed information about IRF.
Because the burst function may affect the QoS performance of your switch, you must make sure
z
that you are fully aware of the impacts when enabling the burst function.
Examples
# Enable the burst function.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] burst-mode enable
display protocol-priority
Syntax
display protocol-priority
View
Any view
Parameters
None
Description
Use the display protocol-priority command to display the list of protocol priorities you assigned with
the protocol-priority command.
An S3600 series switch supports setting priorities for certain protocol packets generated by it. The
supported protocols are Telnet, SNMP, ICMP, and OSPF. Depending on your configuration, the IP or
DSCP precedence is displayed for a specified protocol.
Related commands: protocol-priority.
Examples
# Display the list of protocol priorities manually specified.
<Sysname> display protocol-priority
Protocol: ospf
IP-Precedence: routine(0)
Protocol: telnet
DSCP: be(0)
1-2
Table 1-1 Description on the fields of the display protocol-priority command
Field
Description
Indicate that a priority has been set for OSPF packets with the
protocol-priority command.
Protocol: ospf
IP-Precedence: routine(0)
An IP precedence has been assigned to OSPF packets. The assigned
IP precedence is 0, that is, routine in words.
For information about the IP precedence range, refer to Table 1-6.
Protocol: telnet
Indicate that a priority has been set for Telnet packets with the
protocol-priority command.
A DSCP precedence has been assigned to Telnet packets. The
assigned value is 0, that is, be in words.
DSCP: be(0)
For information about the DSCP precedence range, refer to Table 1-7.
display qos cos-local-precedence-map
Syntax
display qos cos-local-precedence-map
View
Any view
Parameters
None
Description
Use the display qos cos-local-precedence-map command to display the 802.1p priority-to-local
precedence mapping, illustrated by an 802.1p priority-to-local precedence mapping table as shown in
the following example.
After a packet enters a switch, the switch sets the 802.1p priority and local precedence for the packet
according to its own capability and the corresponding rules. The local precedence is locally significant
precedence that the switch assigns to the packet. It corresponds to an output queue. Packets with
higher local precedence values take precedence over those with lower precedence values and will be
processed preferentially.
Related commands: qos cos-local-precedence-map.
Examples
# Display the 802.1p priority-to-local precedence mapping.
<Sysname> display qos cos-local-precedence-map
cos-local-precedence-map:
cos(802.1p) :
0
1
2
3
4
5
6
7
-----------------------------------------------------------------------local precedence(queue) :
2
0
1
1-3
3
4
5
6
7
display qos-interface all
Syntax
display qos-interface { interface-type interface-number | unit-id } all
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of a port, for which QoS configuration
information is to be displayed.
unit-id: Unit ID of the switch whose QoS-related configuration is to be displayed. Table 1-2 shows the
value range for the unit-id argument.
Table 1-2 The value range for the unit-id argument
For a switch not in a fabric
For a switch in a fabric
The unit ID ranges from 1 to 8, depending on the unit ID of the
switch in the fabric. For example, if two switches form a fabric,
with the unit IDs being 3 and 5 respectively, the unit IDs of the
two switches can only be 3 and 5.
Always 1
Description
Use the display qos-interface all command to display all the QoS-related configuration settings of a
port or a unit.
Examples
# Display all the QoS-related configuration of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet 1/0/1 all
Ethernet1/0/1: traffic-limit
Inbound:
Matches: Acl 2000 rule 0
running
Effect mode: Union effect
Egress port: Ethernet1/0/2
Target rate: 64 Kbps
Burst bucket size: 16 Kbyte
Exceed action: remark-dscp cs7
Ethernet1/0/1: traffic-priority
Inbound:
Matches: Acl 2000 rule 0
running
Priority action: dscp cs6
Ethernet1/0/1: traffic-redirect
Inbound:
Matches: Acl 2000 rule 0
running
Redirected to: interface Ethernet1/0/2
Ethernet1/0/1: traffic-statistic
1-4
Inbound:
Matches: Acl 2000 rule 0
running
6 packets inprofile
0 packet outprofile
Ethernet1/0/1: mirrored-to
Inbound:
Matches: Acl 2000 rule 0
running
Mirrored to: monitor interface
Ethernet1/0/1: line-rate
Inbound: 64 Kbps
Burst bucket size: 16 Kbyte
Ethernet1/0/1:
Queue scheduling mode: weighted round robin
weight of queue 0: 1
weight of queue 1: 2
weight of queue 2: 3
weight of queue 3: 4
weight of queue 4: 5
weight of queue 5: 9
weight of queue 6: 13
weight of queue 7: 15
Ethernet1/0/1: traffic-remark-vlanid
Inbound:
Matches: Acl 2000 rule 0
running
Remark vlan: 2
Table 1-3 Description on the fields of the display qos-interface all command
Field
Description
QoS functions configured on a port, including
z
z
Ethernet1/0/1
z
z
z
z
z
traffic-limit, traffic policing configuration
traffic-priority, priority marking configuration
traffic-redirect, traffic redirecting configuration
traffic-statistic, traffic accounting configuration
mirrored-to, traffic mirroring configuration
line-rate, port speed limit configuration
traffic-remark-vlanid, VLAN mapping configuration
Inbound
Packet direction
Matches
ACL rules for traffic classifying
Effect mode
Union effect, indicating that the ACL referenced in the traffic-limit
command takes effect together with the other ACLs applied to the
port.
Egress port
The specified egress port
Target rate
Traffic policing target rate, in kbps
Bucket burst size
Maximum burst traffic size allowed, in KB
1-5
Field
Description
Action to take for exceeding packets:
Exceed action
z
z
drop: Drops the packets.
remark-dscp: Re-marks the DSCP precedence of the packets
and forwards the packets.
Priority marking action, which can be:
z
Priority action
z
z
z
z
Redirected to
z
z
cos: Sets 802.1p precedence for packets.
dscp: Sets DSCP precedence for packets.
ip-precedence: Sets IP precedence for packets.
local-precedence: Sets local precedence for packets.
“interface” indicates that the packets are redirected to the port.
“cpu” indicates that the packets are redirected to the CPU.
“link-aggregation-group” indicates that the packets are redirected
to the aggregation group.
inprofile
Statistics about the packets within the traffic limit
outprofile
Statistics about the packets beyond the traffic limit
z
Mirrored to
z
“monitor interface” indicates that the packets are duplicated to a
port.
“cpu” indicates that the packets are duplicated to the CPU.
Queue scheduling algorithm, which can be:
Queue scheduling mode
z
z
z
Remark vlan
strict priority
weighted round robin (WRR)
weighted fair queuing (WFQ)
Target VLAN ID used in VLAN mapping
display qos-interface line-rate
Syntax
display qos-interface { interface-type interface-number | unit-id } line-rate
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of the port, of which the line rate
configuration is to be displayed.
unit-id: Unit ID of the switch for which line rate configuration is to be displayed. For the value range for
the unit-id argument, refer to Table 1-2.
Description
Use the display qos-interface line-rate command to display the line rate configuration of a port or the
ports on a unit.
Related commands: line-rate.
Examples
# Display the line rate configuration of Ethernet 1/0/1.
1-6
<Sysname> display qos-interface Ethernet 1/0/1 line-rate
Ethernet1/0/1: line-rate
Inbound: 128 Kbps
Burst bucket size: 16 Kbyte
Refer to Table 1-3 for the description on the output fields.
display qos-interface mirrored-to
Syntax
display qos-interface { interface-type interface-number | unit-id } mirrored-to
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of a port for which traffic mirroring
configuration is to be displayed.
unit-id: Unit ID of the switch for which traffic mirroring configuration is to be displayed. For the value
range for the unit-id argument, refer to Table 1-2.
Description
Use the display qos-interface mirrored-to command to display the traffic mirroring configuration of a
port or a unit.
Related commands: mirrored-to.
Examples
# Display the traffic mirroring configuration of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet1/0/1 mirrored-to
Ethernet1/0/1: mirrored-to
Inbound:
Matches: Acl 2000 rule 0
running
Mirrored to: monitor interface
Refer to Table 1-3 for the description on the output fields.
display qos-interface traffic-limit
Syntax
display qos-interface { interface-type interface-number | unit-id } traffic-limit
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of a port for which traffic policing
configuration is to be displayed.
1-7
unit-id: Unit ID of the switch whose traffic policing configuration is to be displayed. For the value range
for the unit-id argument, refer to Table 1-2.
Description
Use the display qos-interface traffic-limit command to display the traffic policing configuration of a
port or a unit.
Related commands: traffic-limit.
Examples
# Display the traffic policing configuration of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet1/0/1 traffic-limit
Ethernet1/0/1: traffic-limit
Inbound:
Matches: Acl 3000 rule 1
running
Effect mode: Union effect
Egress port: Ethernet1/0/2
Target rate: 640 Kbps
Burst bucket size: 16 Kbyte
Exceed action: remark-dscp cs7
Refer to Table 1-3 for the description on the output fields.
display qos-interface traffic-priority
Syntax
display qos-interface { interface-type interface-number | unit-id } traffic-priority
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of a port for which priority marking
configuration is to be displayed.
unit-id: Unit ID of the switch whose priority marking configuration is to be displayed. For the value range
for the unit-id argument, refer to Table 1-2.
Description
Use the display qos-interface traffic-priority command to display the priority marking configuration of
a port or a unit.
Related commands: traffic-priority.
Examples
# Display the priority marking configuration of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet1/0/1 traffic-priority
Ethernet1/0/1: traffic-priority
Inbound:
1-8
Matches: Acl 2000 rule 0
running
Priority action: dscp ef
Refer to Table 1-3 for the description on the output fields.
display qos-interface traffic-redirect
Syntax
display qos-interface { interface-type interface-number | unit-id } traffic-redirect
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of a port for which traffic redirecting
configuration is to be displayed.
unit-id: Unit ID of the switch whose traffic redirecting configuration is to be displayed. For the value
range for the unit-id argument, refer to Table 1-2.
Description
Use the display qos-interface traffic-redirect command to display the traffic redirecting configuration
of a port or a unit.
Related commands: traffic-redirect.
Examples
# Display the traffic redirecting configuration of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet1/0/1 traffic-redirect
Ethernet1/0/1: traffic-redirect
Inbound:
Matches: Acl 3000 rule 0
running
Redirected to: interface Ethernet1/0/2
Refer to Table 1-3 for the description on the output fields.
display qos-interface traffic-remark-vlanid
Syntax
display qos-interface { interface-type interface-number | unit-id } traffic-remark-vlanid
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of a port for which VLAN mapping
configuration is to be displayed.
unit-id: Unit ID of the switch whose VLAN mapping configuration is to be displayed. For the value range
for the unit-id argument, refer to Table 1-2.
1-9
Description
Use the display qos-interface traffic-remark-vlanid command to display the VLAN mapping
configuration of a port or a unit.
Related commands: traffic-remark-vlanid.
Examples
# Display the VLAN mapping configuration of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet1/0/1 traffic-remark-vlanid
Ethernet1/0/1: traffic-remark-vlanid
Inbound:
Matches: Acl 4000 rule 0
running
Remark vlan: 101
Refer to Table 1-3 for the description on the output fields.
display qos-interface traffic-statistic
Syntax
display qos-interface { interface-type interface-number | unit-id } traffic-statistic
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of a port for which traffic accounting
configuration is to be displayed.
unit-id: Unit ID of the switch for which traffic accounting configuration and traffic statistics are to be
displayed. For the value range for the unit-id argument, refer to Table 1-2.
Description
Use the display qos-interface traffic-statistic command to display the traffic accounting configuration
and traffic statistics of a port or a unit.
Related commands: traffic-statistic.
Examples
# Display the traffic accounting configuration and traffic statistics of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet1/0/1 traffic-statistic
Ethernet1/0/1: traffic-statistic
Inbound:
Matches: Acl 2000 rule 2
running
6 packets inprofile
0 packet outprofile
Refer to Table 1-3 for the description on the output fields.
1-10
display queue-scheduler
Syntax
display queue-scheduler
View
Any view
Parameters
None
Description
Use the display queue-scheduler command to display the global queue scheduling configuration.
This command does not display the weight or bandwidth set for a queue in port view. To display the
setting, you can perform the display this command in port view.
Related commands: queue-scheduler.
Examples
# Display the global queue scheduling configuration.
<Sysname> display queue-scheduler
Queue scheduling mode: weighted round robin
weight of queue 0: 1
weight of queue 1: 2
weight of queue 2: 3
weight of queue 3: 4
weight of queue 4: 5
weight of queue 5: 9
weight of queue 6: 13
weight of queue 7: 15
Refer to Table 1-3 for the description of the output fields.
line-rate
Syntax
line-rate { inbound | outbound } target-rate [ burst-bucket burst-bucket-size ]
undo line-rate{ inbound | outbound }
View
Ethernet port view
Parameters
inbound: Limits the inbound packet rate.
outbound: Limits the outbound packet rate.
target-rate: Total target rate (in kbps). The range of this argument varies with port type as follows:
z
Fast Ethernet port: 64 to 99,968;
1-11
GigabitEthernet port: 64 to 1,000,000.
z
The granularity of port rate limit is 64 kbps. Assume that the value you provide for the target-rate
argument is in the range N*64 to (N+1)*64 (N is a natural number), it will be rounded off to (N+1)*64.
burst-bucket burst-bucket-size: Specifies the maximum burst traffic size (in KB). This is the buffer size
provided for burst traffic while traffic is being forwarding or received at the rate of target-rate. The
burst-bucket-size argument must be an integer power of 2, in the range of 4 to 512. If it is not specified,
512 KB applies by default.
Description
Use the line-rate command to limit the rate of the inbound or outbound packets on a port.
Use the undo line-rate command to cancel the line rate configuration.
Compared to traffic policing, line rate applies to all the inbound or outbound packets passing through a
port and thus a simpler solution when you only want to limit the rate of all the inbound or outbound
packets passing through a port as a whole.
Related commands: display qos-interface line-rate.
Examples
# Limit the inbound packet rate to 128 kbps on Ethernet 1/0/1 and provide 32 KB of buffer for burst
traffic.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] interface Ethernet1/0/1
[Sysname-Ethernet1/0/1] line-rate inbound 128 burst-bucket 32
# Display the line rate configuration of Ethernet 1/0/1.
[Sysname-Ethernet1/0/1] display qos-interface Ethernet 1/0/1 line-rate
Ethernet1/0/1: line-rate
Inbound: 128 Kbps
Burst bucket size: 32 Kbyte
mirrored-to
Syntax
mirrored-to { inbound | outbound } acl-rule { monitor-interface | cpu }
undo mirrored-to { inbound | outbound } acl-rule
View
Ethernet port view
Parameters
inbound: Duplicates inbound packets.
outbound: Duplicates outbound packets.
acl-rule: ACL rules to be used for traffic classification. This argument can be a combination of multiple
ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the ACL
rules referenced must be those defined with the permit keyword.
1-12
Table 1-4 Ways of applying combined ACL rules
ACL combination
Form of the acl-rule argument
Apply a basic or advanced Layer 3 ACL
ip-group acl-number
Apply a rule in an Layer 3 ACL
ip-group acl-number rule rule-id
Apply all the rules in a Layer 2 ACL
link-group acl-number
Apply a rule in a Layer 2 ACL
link-group acl-number rule rule-id
Apply all the rules in a user-defined ACL
user-group acl-number
Apply a rule in a user-defined ACL
user-group acl-number rule rule-id
Apply a rule in an Layer 3 ACL and a rule in a
Layer 2 ACL
ip-group acl-number rule rule-id link-group
acl-number rule rule-id
Table 1-5 Description on the parameters used in Table 1-4
Parameter
Description
ip-group acl-number
Specifies the number of a basic or advanced
ACL, in the range 2000 to 3999.
link-group acl-number
Specifies the number of a Layer 2 ACL, in the
range 4000 to 4999.
User-group acl-number
Specifies the number of a user-defined ACL, in
the range 5000 to 5999.
Rule-id
ACL rule number, in the range 0 to 65534. If this
argument is not provided, all the rules in the ACL
are specified.
monitor-interface: Duplicates packets to the specified destination port (the monitor port).
cpu: Duplicates packets to the CPU.
Description
Use the mirrored-to command to configure traffic mirroring.
Use the undo mirrored-to command to cancel the configuration.
Traffic monitoring provides a finer mirroring granularity than port mirroring, which mirrors all traffic
passing through a port. For detailed information about port mirroring, refer to the part talking about
mirroring.
Note that:
z
If you mirror traffic to the CPU, you do not need to configure a monitor port.
z
If you mirror traffic to a port, you must configure a monitor port with the mirroring-group
monitor-port command or the monitor-port command. For information about the two commands,
refer to the part talking about mirroring.
z
Traffic mirroring and local port mirroring share the same monitor port.
Related commands: display qos-interface mirrored-to.
1-13
Examples
# Configure traffic mirroring on Ethernet 1/0/1, duplicating the inbound packets sourced from IP address
1.1.1.1 to Ethernet 1/0/4.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 1.1.1.1 0
[Sysname-acl-basic-2000] quit
[Sysname] interface Ethernet 1/0/4
[Sysname-Ethernet1/0/4] monitor-port
[Sysname-Ethernet1/0/4] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] mirrored-to inbound ip-group 2000 monitor-interface
[Sysname-Ethernet1/0/1] quit
# Configure traffic mirroring on Ethernet 1/0/2, duplicating the inbound packets matching ACL 2000 to
the CPU.
[Sysname] interface Ethernet 1/0/2
[Sysname-Ethernet1/0/2] mirrored-to inbound ip-group 2000 cpu
[Sysname-Ethernet1/0/2] return
# Display the traffic mirroring configuration of Ethernet 1/0/1 and Ethernet 1/0/2.
<Sysname> display qos-interface Ethernet 1/0/1 mirrored-to
Ethernet1/0/1: mirrored-to
Inbound:
Matches: Acl 2000 rule 0
running
Mirrored to: monitor interface
<Sysname> display qos-interface Ethernet 1/0/2 mirrored-to
Ethernet1/0/2: mirrored-to
Inbound:
Matches: Acl 2000 rule 0
running
Mirrored to: cpu
priority
Syntax
priority priority-level
undo priority
View
Ethernet port view
Parameters
priority-level: Port priority, ranging from 0 to 7.
Description
Use the priority command to configure trusting port priority and set the priority of the port.
1-14
Use the undo priority command to restore the default.
By default, port priority is trusted and the priority of an Ethernet port is 0.
After you execute the priority command on a port, the port priority rather than the 802.1p priority of
each inbound 802.1q-tagged packet is used to identify the matching local precedence for the packet (in
the 802.1p-precedence-to-local precedence mapping table). Then, the packet is assigned to the output
queue corresponding to the local precedence.
If the priority command, the priority trust command, and the undo priority command are configured
on the same port, the command configured the last applies.
Related commands: priority trust.
Examples
# Configure Ethernet 1/0/1 to trust its port priority and set the priority of Ethernet 1/0/1 to 6.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] interface Ethernet1/0/1
[Sysname-Ethernet1/0/1] priority 6
priority trust
Syntax
priority trust
undo priority
View
Ethernet port view
Parameters
None
Description
Use the priority trust command to configure the switch to trust the 802.1p priority of an inbound packet.
Use the undo priority command to restore the default settings.
By default, port priority is trusted and the priority of a port is 0.
After you execute the priority trust command on a port, the 802.1p priority of each inbound
802.1q-tagged packet is used to identify the matching local precedence for the packet (in the
802.1p-precedence-to-local precedence mapping table). Then, the packet is assigned to the output
queue corresponding to the local precedence.
If the priority command, the priority trust command, and the undo priority command are configured
on the same port, the command configured the last applies.
Related commands: priority.
Examples
# Configure the switch to trust the 802.1p priority of 802.1q-tagged packets on Ethernet 1/0/1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
1-15
[Sysname] interface Ethernet1/0/1
[Sysname-Ethernet1/0/1] priority trust
protocol-priority protocol-type
Syntax
protocol-priority protocol-type protocol-type { ip-precedence ip-precedence | dscp dscp-value }
undo protocol-priority protocol-type protocol-type
View
System view
Parameters
protocol-type protocol-type: Specifies the protocol type, which could be Telnet, SNMP, ICMP, or OSPF.
ip-precedence ip-precedence: Specifies an IP precedence in digits for the specified protocol, in the
range 0 to 7. Alternatively, you can specify the IP precedence in words; available keywords are listed in
Table 1-6.
Table 1-6 IP precedence values in words and in digits
IP precedence (in words)
IP precedence (in digits)
routine
0
priority
1
immediate
2
flash
3
flash-override
4
critical
5
internet
6
network
7
dscp dscp-value: Specifies an DSCP precedence in digits for the specified protocol, in the range of 0 to
63. Alternatively, you can specify the DSCP precedence in words; available keywords are listed in Table
1-7.
Table 1-7 DSCP precedence values in words and in digits
DSCP precedence (in words)
DSCP precedence (in digits)
af11
10
af12
12
af13
14
af21
18
af22
20
af23
22
af31
26
1-16
DSCP precedence (in words)
DSCP precedence (in digits)
af32
28
af33
30
af41
34
af42
36
af43
38
be (the default)
0
cs1
8
cs2
16
cs3
24
cs4
32
cs5
40
cs6
48
cs7
56
ef
46
Description
Use the protocol-priority command to set the global IP precedence or DSCP precedence for the
specified type of protocol packets generated by the current switch.
Use the undo protocol-priority command to cancel the configuration.
By default, the IP precedence and the DSCP precedence are 0 for all protocol packets generated by the
current switch.
Related commands: display protocol-priority.
z
On an S3600-EI switch, you can set priority for protocol packets of Telnet, OSPF, SNMP, and
ICMP.
z
On an S3600-SI switch, you can set priority for protocol packets of Telnet, SNMP, and ICMP.
Examples
# Set the IP precedence to 3 for SNMP protocol packets.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] protocol-priority protocol-type snmp ip-precedence 3
# Set the DSCP precedence of Telnet packets to 30, corresponding to the keyword af33.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
1-17
[Sysname] protocol-priority protocol-type telnet dscp af33
qos cos-local-precedence-map
Syntax
qos cos-local-precedence-map cos0-map-local-prec cos1-map-local-prec cos2-map-local-prec
cos3-map-local-prec
cos4-map-local-prec
cos5-map-local-prec
cos6-map-local-prec
cos7-map-local-prec
undo qos cos-local-precedence-map
View
System view
Parameters
cos0-map-local-prec: Local precedence to which 802.1p 0 is to be mapped, in the range 0 to 7.
cos1-map-local-prec: Local precedence to which 802.1p 1 is to be mapped, in the range 0 to 7.
cos2-map-local-prec: Local precedence to which 802.1p 2 is to be mapped, in the range 0 to 7.
cos3-map-local-prec: Local precedence to which 802.1p 3 is to be mapped, in the range 0 to 7.
cos4-map-local-prec: Local precedence to which 802.1p 4 is to be mapped, in the range 0 to 7.
cos5-map-local-prec: Local precedence to which 802.1p 5 is to be mapped, in the range 0 to 7.
cos6-map-local-prec: Local precedence to which 802.1p 6 is to be mapped, in the range 0 to 7.
cos7-map-local-prec: Local precedence to which 802.1p 7 is to be mapped, in the range 0 to 7.
Description
Use the qos cos-local-precedence-map command to configure the 802.1p priority-to-local
precedence mapping.
Use the undo qos cos-local-precedence-map command to restore the default settings.
Table 1-8 lists the default 802.1p priority-to-local precedence mapping.
Table 1-8 The default 802.1p priority-to-local precedence mapping
802.1p priority
Local precedence
0
2
1
0
2
1
3
3
4
4
5
5
6
6
7
7
Related commands: display qos cos-local-precedence-map.
1-18
Examples
# Configure the 802.1p priority-to-local precedence mapping table as follows: 0 to 0, 1 to 1, 2 to 2, 3 to
3, 4 to 4, 5 to 5, 6 to 6, and 7 to 7.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] qos cos-local-precedence-map 0 1 2 3 4 5 6 7
# Display the current 802.1p priority-to-local precedence mapping table.
[Sysname] display qos cos-local-precedence-map
cos-local-precedence-map:
cos(802.1p) :
0
1
2
3
4
5
6
7
-------------------------------------------------------------------------local precedence(queue) :
0
1
2
3
4
5
6
7
queue-scheduler
Syntax
In system view
queue-scheduler { strict-priority | wfq queue0-width queue1-width queue2-width queue3-width
queue4-width queue5-width queue6-width queue7-width | wrr queue0-weight queue1-weight
queue2-weight queue3-weight queue4-weight queue5-weight queue6-weight queue7-weight }
undo queue-scheduler
In Ethernet port view
queue-scheduler { wfq queue0-width queue1-width queue2-width queue3-width queue4-width
queue5-width queue6-width queue7-width | wrr queue0-weight queue1-weight queue2-weight
queue3-weight queue4-weight queue5-weight queue6-weight queue7-weight }
undo queue-scheduler
View
System view, Ethernet port view
Parameters
strict-priority: Uses the Strict Priority (SP) algorithm for queue scheduling.
wfq: Uses the Weighted Fair Queuing (WFQ) algorithm for queue scheduling.
queue0-width queue1-width queue2-width queue3-width queue4-width queue5-width queue6-width
queue7-width: Customizes the bandwidth values to be allocated for queues 0 through 7, in kbps. In
system view, the bandwidth ranges from 0 to 99968. The bandwidth varies with the port type as follows.
z
Fast Ethernet port: 0 to 99968;
z
Gigabit Ethernet port: 0 to 1000000.
Bandwidth granularity is 64 kbps. Assume that the value provided is in the range N*64 to (N+1)*64 (N is
a natural number), it will be round off to (N+1)*64 automatically. A value of 0 means the corresponding
queue adopts the SP algorithm for queue scheduling.
wrr: Uses the Weighted Round Robin (WRR) algorithm for queue scheduling.
1-19
queue0-weight
queue1-weight
queue2-weight
queue3-weight
queue4-weight
queue5-weight
queue6-weight queue7-weight: Customizes the weights to be assigned to queues 0 through 7. The
value ranges from 0 to 15 in both system view and Ethernet port view. A value of 0 means the
corresponding queue adopts the SP algorithm for queue scheduling.
Description
Use the queue-scheduler command to configure the queue scheduling algorithm and the related
parameters.
Use the undo queue-scheduler command to restore the default.
By default, the WRR algorithm is used for all the output queues of a port. The default weights of queues
0 through 7 are 1, 2, 3, 4, 5, 9, 13, and 15, as shown in Table 1-9.
Table 1-9 The default weights for queues
Queue ID
Weight
0
1
1
2
2
3
3
4
4
5
5
9
6
13
7
15
A port of an S3600 Ethernet switch supports eight output queues, to which these queue scheduling
algorithms are applicable: SP, WRR, and WFQ. With WRR (or WFQ) adopted, if you set the weight or
the bandwidth of one or multiple queues to 0, the device will add the queue or these queues to the SP
group, where SP is adopted. For other queues, WRR (or WFQ) still applies. In this case, both SP and
WRR (or WFQ) are adopted.
Note that:
z
The queue scheduling algorithm specified by executing the queue-scheduler command in system
view takes effect on all the ports. The queue scheduling algorithm configured in port view must be
the same as that configured in system view. Otherwise, the system will prompt configuration errors.
For example, if you configure queues 0 and 2 to adopt SP and queues 3 through 7 to adopt WRR in
system view, you can modify the weights of queues 3 through 7 in port view but cannot modify the
queue scheduling algorithm of any queue in port view.
z
If the weight (or bandwidth value) specified in system view for a queue of WRR queuing or WFQ
queuing cannot meet the requirement of a port, you can modify the weight (or bandwidth value) for
this port in the corresponding Ethernet port view. The new weight (or bandwidth value) takes effect
only on the port while the weights on the other ports remain as set in system view.
z
If the weight (or bandwidth value) specified in system view for a queue of SP-WRR queuing or
SP-WFQ queuing in the command cannot meet the requirement of a port, you can modify the
weight (or bandwidth value) for this port in the corresponding Ethernet port view. The new weight
(or bandwidth value) takes effect only on the port.
1-20
The display queue-scheduler command cannot display the queue weights (or bandwidth values)
z
specified in Ethernet port view. To do that, use the display this command in the corresponding
port view or the display current-configuration interface command in any view. Note that the two
commands display the queue scheduling configuration only when the configuration of a port is
different from the global configuration.
Related commands: display queue-scheduler.
Examples
# Configure WRR as the queuing algorithm and set the weights of queues 0 through 7 to 2, 2, 4, 4, 6, 6,
8, and 8 globally in system view.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] queue-scheduler wrr 2 2 4 4 6 6 8 8
# Configure Ethernet 1/0/1 to adopt the WRR queue scheduling algorithm, setting the weights of queue
0 through queue 7 to 1, 2, 3, 4, 5, 6, 7, and 8.
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] queue-scheduler wrr 1 2 3 4 5 6 7 8
# Display the global queue scheduling configuration.
[Sysname-Ethernet1/0/1] display queue-scheduler
Queue scheduling mode: weighted round robin
weight of queue 0: 2
weight of queue 1: 2
weight of queue 2: 4
weight of queue 3: 4
weight of queue 4: 6
weight of queue 5: 6
weight of queue 6: 8
weight of queue 7: 8
# Display the queue scheduling configuration on Ethernet 1/0/1.
[Sysname-Ethernet1/0/1] display this
#
interface Ethernet1/0/1
queue-scheduler wrr 1 2 3 4 5 6 7 8
#
return
reset traffic-statistic
Syntax
reset traffic-statistic inbound acl-rule
View
Ethernet port view
Parameters
inbound: Specifies to clear the statistics of the inbound packets on the port.
1-21
acl-rule: ACL rules to be applied. This argument can be the combination of multiple ACLs. For more
information about this argument, refer to Table 1-4 and Table 1-5.
Description
Use the reset traffic-statistic command to clear the statistics on packets matching specific ACL rules.
Related commands: traffic-statistic, display qos-interface traffic-statistic.
Examples
# Display the current traffic statistics of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet 1/0/1 traffic-statistic
Ethernet1/0/1: traffic-statistic
Inbound:
Matches: Acl 2008 rule 0
running
13775 packets inprofile
2061 packets outprofile
Matches: Acl 4008 rule 0
running
2606 packets inprofile
0 packet outprofile
# Clear the statistics about inbound packets matching ACL 2008 on Ethernet 1/0/1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] reset traffic-statistic inbound ip-group 2008
# Display the current traffic statistics of Ethernet 1/0/1.
[Sysname-Ethernet1/0/1] display qos-interface Ethernet 1/0/1 traffic-statistic
Ethernet1/0/1: traffic-statistic
Inbound:
Matches: Acl 2008 rule 0
running
0 packets inprofile
0 packet outprofile
Matches: Acl 4008 rule 0
running
2606 packets inprofile
0 packet outprofile
The output fields above show that the statistics about packets matching ACL 2008 have been cleared.
traffic-limit
Syntax
traffic-limit inbound acl-rule [ union-effect ] [ egress-port interface-type interface-number ]
target-rate [ burst-bucket burst-bucket-size ] [ exceed action ]
undo traffic-limit inbound acl-rule
View
Ethernet port view
1-22
Parameters
inbound: Imposes traffic limit on the packets received through the interface.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of
multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the
ACL rules referenced must be those defined with the permit keyword.
union-effect: Specifies that all the ACL rules, including those identified by the acl-rule argument in this
command and those applied previously, are valid. If this keyword is not specified, traffic policing issues
both the rate limiting action and the permit action at the same time, that is, traffic policing permits the
conforming traffic to pass through. If this keyword is specified, traffic policing issues only the rate limiting
action but not the permit action. In this case, if a packet matches both an ACL rule specified in the
traffic-limit command and another previously applied ACL rule with the deny keyword specified, the
packet will be dropped.
On Ethernet 1/0/1, assume that the filter command is configured to filter packets destined to IP address
2.2.2.2 and the traffic-limit command is configured to limit the rate of packets sourced from IP address
1.1.1.1 within 128 kbps. Whether packets conforming to the rate limit of 128 kbps, sourced from IP
address 1.1.1.1, and destined to IP address 2.2.2.2 (referred to as packets A later) will be dropped
depends on the union-effect keyword of the traffic-limit command.
z
If the union-effect keyword is not specified, the traffic-limit command issues both the rate limiting
action and the permit action. Whether packets A can pass through depends on the configuration
order of the filter command and the traffic-limit command. If the traffic-limit command is
configured after the filter command is configured, packets A can pass through; otherwise, packets
A are dropped.
z
If the union-effect keyword is specified, the traffic-limit command issues only the rate limiting
action. Whether packets A can pass through depends on the filter command. As for this example,
packets A are dropped.
egress-port interface-type interface-number: Enables traffic policing for the outbound packets of the
port identified by interface-type interface-number. The interface-type interface-number argument refers
to the port type and port number. If you specify this keyword-argument combination, this command
applies to the outbound unicast packets that pass the port and match the ACL rules.
1-23
z
When you configure the traffic policing on a port, an ACL rule can only be applied to one egress
port. If you configure the same ACL rule for different egress ports, only the last configuration takes
effect. To apply the same ACL rule to multiple egress ports, you need to specify different ACL
numbers or rule numbers for the ACL rule.
z
If the IRF function is enabled, the egress port can only be a port of the local unit. For information
about IRF, refer to IRF Fabric module of this manual.
z
Do not specify the egress-port keyword when configuring traffic policing on ports in an
aggregation group spanning multiple units. Refer to Link Aggregation Operation for detailed
information about link aggregation.
target-rate: Target packet rate (in kbps) to be set. The range of this argument varies with the port type as
follows.
z
Fast Ethernet port: 64 to 99,968
z
Gigabit Ethernet port: 64 to 1,000,000
The granularity of rate limit is 64 kbps. If the number you input is in the range N*64 to (N+1)*64 (N is a
natural number), it will be rounded off to (N+1)*64.
burst-bucket burst-bucket-size: Specifies the maximum burst traffic size (in KB) allowed. The
burst-bucket-size argument ranges from 4 to 512 and defaults to 512. Note that it must be an integer
power of 2.
exceed action: Specifies the action to be taken when the traffic rate exceeds the threshold. The action
argument can be:
z
drop: Drops the packets.
z
remark-dscp value: Sets a new DSCP value for the packets and then forwards the packets.
Description
Use the traffic-limit command to enable traffic policing and set the related settings.
Use the undo traffic-limit command to disable traffic policing for packets matching specific ACL rules.
Related commands: display qos-interface traffic-limit.
Examples
# Configure traffic policing for inbound packets sourced from VLAN 200 on Ethernet 1/0/1, setting the
target packet rate to 128 kbps, burst bucket size to 64 KB, and configuring to drop the packets
exceeding the rate limit.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 4000
[Sysname-acl-ethernetframe-4000] rule permit source 200
[Sysname-acl-ethernetframe-4000] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] traffic-limit inbound link-group 4000 128 burst-bucket 64 exceed
drop
1-24
traffic-priority
Syntax
traffic-priority { inbound | outbound } acl-rule { { dscp dscp-value | ip-precedence { pre-value |
from-cos } } | cos { pre-value | from-ipprec } | local-precedence pre-value }*
undo traffic-priority { inbound | outbound } acl-rule
View
Ethernet port view
Parameters
inbound: Performs priority marking on the inbound packets.
outbound: Performs priority marking on the outbound packets.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of
multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the
ACL rules referenced must be those defined with the permit keyword.
dscp dscp-value: Sets the DSCP precedence, ranging from 0 to 63. You can also provide one of the
keywords listed in Table 1-7 for the dscp-value argument.
ip-precedence { pre-value | from-cos }: Sets the IP precedence. You can assign a value in digits in the
range of 0 to 7 for the pre-value argument or in words as shown in Table 1-6. Alternatively, you can
specify the from-cos keyword for the switch to extract the 802.1p priority for the IP precedence.
cos { pre-value | from-ipprec }: Sets the 802.1p priority. You can assign a value in digits in the range of
0 to 7 for the pre-value argument or in words as shown in Table 1-10. Alternatively, you can specify the
from-ipprec keyword for the switch to extract the IP precedence for the 802.1p priority.
Table 1-10 802.1p priority values in words and in digits
802.1p priority (in words)
802.1p priority (in digits)
best-effort
0
background
1
spare
2
excellent-effort
3
controlled-load
4
video
5
voice
6
network-management
7
local-precedence pre-value: Sets the local precedence. The pre-value argument ranges from 0 to 7.
Description
Use the traffic-priority command to configure priority marking on a port.
Use the undo traffic-priority command to remove the priority marking configuration.
This command is used to set precedence for traffic matching a specified ACL rule:
1-25
z
If 802.1p priority marking is configured, the traffic will be mapped to the local precedence
corresponding to the re-marked 802.1p priority and assigned to the output queue corresponding to
the local precedence.
z
If local precedence marking is configured, the traffic will be assigned to the output queue
corresponding to the re-marked local precedence.
z
If IP precedence or DSCP marking is configured, the traffic will be marked with new IP precedence
or DSCP precedence.
Do not configure 802.1p priority marking and local precedence marking for the same traffic. With 802.1p
priority marking, the new 802.1p priority will be mapped to a local precedence automatically. If local
precedence marking is also configured, there will be two local precedence values for the traffic,
resulting in conflict. In this case, the device will display an error prompt.
Related commands: display qos-interface traffic-priority.
Examples
# Set the 802.1p priority of the inbound packets with 802.1p priority 5 to 1 on Ethernet 1/0/1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 4000
[Sysname-acl-ethernetframe-4000] rule permit cos 5
[Sysname-acl-ethernetframe-4000] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] traffic-priority inbound link-group 4000 cos 1
# Set the DSCP precedence of inbound DNS protocol packets to 16 (corresponding to the cs2 keyword)
on Ethernet 1/0/1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 3000
[Sysname-acl-adv-3000] rule permit udp source-port eq dns
[Sysname-acl-adv-3000] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] traffic-priority inbound ip-group 3000 dscp cs2
# Set the 802.1p priority of inbound packets sourced from IP address 1.1.1.1 to the value of their IP
precedence on Ethernet 1/0/1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 1.1.1.1 0
[Sysname-acl-basic-2000] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] traffic-priority outbound ip-group 2000 cos from-ipprec
1-26
traffic-priority vlan
Syntax
traffic-priority vlan vlan-id { inbound | outbound } acl-rule { { dscp dscp-value | ip-precedence
{ pre-value | from-cos } } | cos { pre-value | from-ipprec } | local-precedence pre-value }*
undo traffic-priority vlan vlan-id { inbound | outbound } acl-rule
View
System view
Parameters
vlan-id: VLAN ID, in the range of 1 to 4094.
inbound: Re-marks priority for the packets received on any ports in the specified VLAN.
outbound: Re-marks priority for the packets to be transmitted by any ports in the specified VLAN.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of
multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the
ACL rules referenced must be those defined with the permit keyword.
dscp dscp-value: Sets the DSCP precedence, which is in the range 0 to 63. You can also provide one of
the keywords listed in Table 1-7 for the dscp-value argument.
ip-precedence { pre-value | from-cos }: Sets the IP precedence. You can assign a value in digits in the
range of 0 to 7 for the pre-value argument or in words as shown in Table 1-6. Alternatively, you can
specify the from-cos keyword for the switch to extract the 802.1p priority for the IP precedence.
cos { pre-value | from-ipprec }: Sets the 802.1p priority. You can assign a value in digits in the range of
0 to 7 for the pre-value argument or in words as shown in Table 1-10. Alternatively, you can specify the
from-ipprec keyword for the switch to extract the IP precedence for the 802.1p priority.
local-precedence pre-value: Sets the local precedence, which is in the range 0 to 7.
Description
Use the traffic-priority vlan command to configure priority marking for the packets received or
transmitted by any ports in the specified VLAN.
Use the undo traffic-priority vlan command to cancel the configuration.
Related commands: traffic-priority, display qos-interface traffic-priority.
Do not configure 802.1p priority marking and local precedence marking for the same traffic. With 802.1p
priority marking, the new 802.1p priority will be mapped to a local precedence automatically. If local
precedence marking is also configured, there will be two local precedence values for the traffic,
resulting in conflict. In this case, the device will display an error prompt.
1-27
Examples
# Set the 802.1p priority to 1 for the packets received on any ports in VLAN 2 and destined to MAC
address 000F-E200-1234.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 4000
[Sysname-acl-ethernetframe-4000] rule permit cos 3 dest 000f-e200-1234 ffff-ffff-ffff
[Sysname-acl-ethernetframe-4000] quit
[Sysname] traffic-priority vlan 2 inbound link-group 4000 cos 1
traffic-redirect
Syntax
traffic-redirect { inbound | outbound } acl-rule { cpu | { interface interface-type interface-number |
link-aggregation-group agg-id } [ untagged ] }
undo traffic-redirect { inbound | outbound } acl-rule
View
Ethernet port view
Parameters
inbound: Redirects inbound packets.
outbound: Redirects outbound packets.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of
multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the
ACL rules referenced must be those defined with the permit keyword.
cpu: Redirects the packets to the CPU.
interface interface-type interface-number: Specifies the target port, to which the packets are to be
redirected. The interface-type interface-number argument refers to the port type and port number.
link-aggregation-group agg-id: Specifies the aggregation group the traffic is to be redirected to. The
agg-id argument is the ID of an aggregation group, in the range 1 to 416.
untagged: Specifies to remove the outer VLAN tag of a packet after the packet is redirected to a port or
an aggregation group.
Description
Use the traffic-redirect command to configure traffic redirecting on a port.
Use the undo traffic-redirect command to remove the configuration from the port.
You can configure to redirect inbound or outbound packets matching a specified ACL rule on a port to
the CPU, the specified port, or the specified aggregation group.
Related commands: display qos-interface traffic-redirect.
1-28
z
Packets redirected to the CPU are not forwarded.
z
If the traffic is redirected to a Combo port in down state, the system automatically redirects the
traffic to the port corresponding to the Combo port in up state. Refer to Port Basic Configuration
module of this manual for information about Combo ports.
z
If the traffic is configured to be redirected to an aggregation group, the traffic is redirected to the
master port of the aggregation group. Refer to Link Aggregation module of this manual for
information about aggregation group.
z
When the traffic redirecting function is used in conjunction with the selective QinQ function, you can
specify the untagged keyword as required (that is, remove the outer VLAN tag of a packet after the
packet is redirected to the uplink port) in a tree network with a single uplink port (or an aggregation
group). Do not specify the untagged keyword in a ring network or a network with multiple uplink
ports. Refer to VLAN-VPN module of this manual for information about selective QinQ.
Examples
# Redirect the inbound packets sourced from the IP network segment 1.1.1.0/24 to Ethernet 1/0/7 on
Ethernet 1/0/1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 1.1.1.0 0.0.0.255
[Sysname-acl-basic-2000] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] traffic-redirect inbound ip-group 2000 interface Ethernet 1/0/7
traffic-remark-vlanid
Syntax
traffic-remark-vlanid inbound acl-rule remark-vlan remark-vlanid
undo traffic-remark-vlanid inbound acl-rule
View
Ethernet port view
Parameters
inbound: Maps the VLAN IDs carried in the inbound packets to a specified VLAN ID.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of
multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the
ACL rules referenced must be those defined with the permit keyword.
remark-vlan remark-vlanid: Specified the target VLAN ID, to which the VLAN IDs of the packets
matching specific ACL rules are to be mapped.
1-29
Description
Use the traffic-remark-vlanid command to enable VLAN mapping and set the target VLAN ID for
packets matching specific ACL rules.
Use the undo traffic-remark-vlanid command to disable VLAN mapping for packets matching specific
ACL rules.
Related commands: display qos-interface traffic-remark-vlanid.
Examples
# Enable VLAN mapping on Ethernet 1/0/1 to map the VLAN IDs of the inbound packets sourced from
VLAN 5 to VLAN ID 1001.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 4000
[Sysname-acl-ethernetframe-4000] rule permit source 5
[Sysname-acl-ethernetframe-4000] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] traffic-remark-vlanid inbound link-group 4000 remark-vlan 1001
traffic-statistic
Syntax
traffic-statistic inbound acl-rule
undo traffic-statistic inbound acl-rule
View
Ethernet port view
Parameters
inbound: Enables traffic accounting for the inbound packets.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of
multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the
ACL rules referenced must be those defined with the permit keyword.
Description
Use the traffic-statistic command to enable traffic accounting for packets matching specific ACL rules.
Use the undo traffic-statistic command to disable traffic accounting.
Related commands: display qos-interface traffic-statistic, reset traffic-statistic.
Examples
# Enable traffic accounting on Ethernet 1/0/1 for the inbound packets sourced from the IP network
segment 1.1.1.0/24.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 1.1.1.0 0.0.0.255
1-30
[Sysname-acl-basic-2000] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] traffic-statistic inbound ip-group 2000
# Display traffic statistics of Ethernet 1/0/1.
[Sysname-Ethernet1/0/1] display qos-interface Ethernet 1/0/1 traffic-statistic
Ethernet1/0/1: traffic-statistic
Inbound:
Matches: Acl 2000 rule 0
running
20787 packets inprofile
11464 packets outprofile
wred
Syntax
wred queue-index qstart probability
undo wred queue-index
View
Ethernet port view
Parameters
queue-index: Queue number in the range of 0 to 7.
qstart: Number of the packets contained in the queue, in the range 1 to 128.
probability: Dropping probability in the range of 0 to 92 (in percentage).
Description
Use the wred command to enable the WRED function.
Use the undo wred command to restore the default.
By default, the WRED function is disabled.
Examples
# Enable the WRED function for queue 2 on Ethernet 1/0/1, specifying to drop packets at random when
the number of packets in queue 2 exceeds 64 and setting the dropping probability to 20%.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] interface Ethernet1/0/1
[Sysname-Ethernet1/0/1] wred 2 64 20
1-31
2
QoS Profile Configuration Commands
QoS Profile Configuration Commands
apply qos-profile
Syntax
In system view
apply qos-profile profile-name interface interface-list
undo apply qos-profile profile-name interface interface-list
In Ethernet port view
apply qos-profile profile-name
undo apply qos-profile profile-name
View
System view, Ethernet port view
Parameters
profile-name: QoS profile name, a case-insensitive string of 1 to 32 characters and starting with English
letters [a-z, A-Z].
interface-list: List of Ethernet ports. You can specify multiple Ethernet ports by providing this argument
in the form of interface-type interface-number [ to interface-type interface-number ].
Description
Use the apply qos-profile command to apply a QoS profile to a port in Ethernet port view or multiple
ports in system view.
Use the undo apply qos-profile command to remove a QoS profile from a port in Ethernet port view or
multiple ports in system view.
Examples
# Apply the QoS profile named a123 to Ethernet 1/0/1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] interface Ethernet1/0/1
[Sysname-Ethernet1/0/1] apply qos-profile a123
# Apply the QoS profile named a123 to Ethernet 1/0/1 through Ethernet 1/0/4.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] apply qos-profile a123 interface Ethernet1/0/1 to Ethernet1/0/4
2-1
display qos-profile
Syntax
display qos-profile { all | name profile-name | interface interface-type interface-number | user
user-name }
View
Any view
Parameters
all: Specifies all the QoS profiles.
name profile-name: Specifies a QoS profile by its name, for which information is to be displayed. The
profile-name argument is a case-insensitive string of 1 to 32 characters and must begin with an English
letter (a to z, and A to Z).
interface interface-type interface-number: Specifies the type and number of a port to display the QoS
profile applied on the port.
user user-name: Specifies the name of an 802.1x authentication user. The user-name argument is a
string of 1 to 184 characters and in the form of aa@cc, with aa for user name and cc for domain name.
Description
Use the display qos-profile command to display the configuration of a QoS profile or all the QoS
profiles.
Examples
# Display the configuration of the QoS profile named test.
<Sysname> display qos-profile name test
qos-profile: test, 3 actions
packet-filter inbound ip-group 2000 rule 0
traffic-limit inbound ip-group 3000 rule 0 64
traffic-priority inbound ip-group 4000 rule 0 cos controlled-load
# Display the configuration of the QoS profile applied to the 802.1x user abc@net.
<Sysname> display qos-profile user abc@net
User abc@net applied qos-profile: test, 3 actions
packet-filter inbound ip-group 2000 rule 0
traffic-limit inbound ip-group 3000 rule 0 64
traffic-priority inbound ip-group 4000 rule 0 cos controlled-load
# Display the configuration of the QoS profile applied to Ethernet 1/0/1, assuming that the QoS profile
has been applied to Ethernet 1/0/1 manually.
<Sysname> display qos-profile interface Ethernet 1/0/1
User's qos-profile applied mode: user-based
Default applied qos-profile: test, 3 actions
packet-filter inbound ip-group 2000 rule 0
traffic-limit inbound ip-group 3000 rule 0 64
traffic-priority inbound ip-group 4000 rule 0 cos controlled-load
2-2
# Display the configuration of the QoS profile applied to Ethernet 1/0/2, assuming that the QoS profile
has been applied to Ethernet 1/0/2 dynamically.
<H3C> display qos-profile interface Ethernet 1/0/2
User's qos-profile applied mode: port-based
User abc@net applied qos-profile: test, 3 actions
packet-filter inbound ip-group 2000 rule 0
traffic-limit inbound ip-group 3000 rule 0 64
traffic-priority inbound ip-group 4000 rule 0 cos controlled-load
Table 2-1 Description on the fields of the display qos-profile command
Field
Description
qos-profile: test, 3 actions
Name of the QoS profile and the number of
actions configured in the QoS profile.
packet-filter inbound ip-group 2000 rule 0
Filter the inbound packets matching rule 0 of
ACL 2000.
traffic-limit inbound ip-group 3000 rule 0 64
Limit the rate of the inbound packets matching
rule 0 of ACL 3000 to 64 kbps.
traffic-priority inbound ip-group 4000 rule 0 cos
controlled-load
Set the 802.1p precedence of the inbound
packets matching rule 0 of ACL 4000 to
controlled-load (that is, 802.1p precedence 0).
User abc@net applied qos-profile: test, 3 actions
The QoS profile applied to 802.1x user abc@net
is named test and contains three actions.
The QoS profile is dynamically applied and the
application mode could be:
z
User's qos-profile applied mode
z
User-based, or
Port-based
For detailed information about the two
application modes, refer to the corresponding
operation manual.
Default applied qos-profile: test, 3 actions
“Default” indicates that the QoS profile named
test is applied to Ethernet 1/0/1 manually. The
QoS profile contains three actions.
User abc@net applied qos-profile: test, 3 actions
The QoS profile test is applied to Ethernet 1/0/2,
the access port for 802.1x user abc@net. The
QoS profile contains three actions.
packet-filter
Syntax
packet-filter { inbound | outbound } acl-rule
undo packet-filter { inbound | outbound } acl-rule
View
QoS profile view
2-3
Parameters
inbound: Filters the inbound packets.
outbound: Filters the outbound packets.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of
multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5.
Description
Use the packet-filter command to add the packet filtering action to a QoS profile.
Use the undo packet-filter command to remove the packet filtering action from a QoS profile.
Examples
# Add the packet filtering action to the QoS profile named a123 to filter the inbound packets sourced
from MAC address 000F-1FD7-9528.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 4000
[Sysname-acl-ethernetframe-4000] rule deny source 000f-1fd7-9528 ffff-ffff-ffff
[Sysname-acl-ethernetframe-4000] quit
[Sysname] qos-profile a123
[Sysname-qos-profile-a123] packet-filter inbound link-group 4000
qos-profile
Syntax
qos-profile profile-name
undo qos-profile profile-name
View
System view
Parameters
profile-name: QoS profile name, a case-insensitive string of 1 to 32 characters, starting with an English
letter in the range a to z and A to Z. Note that a QoS profile name cannot be all, interface, user, undo,
or name.
Description
Use the qos-profile command to create a QoS profile and enter QoS profile view. If the QoS profile
already exists, this command leads you to the corresponding QoS profile view.
Use the undo qos-profile command to remove a QoS profile.
To remove or modify a QoS profile already applied to a port, you must remove the QoS profile from the
port first.
z
If the QoS profile is applied to the port manually, use the undo apply qos-profile command to
remove the QoS profile from the port.
z
If the QoS profile is applied to the port dynamically, log off the user connected to the port to remove
the QoS profile from the port.
2-4
Examples
# Create a QoS profile named a123.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] qos-profile a123
[Sysname-qos-profile-a123]
qos-profile port-based
Syntax
qos-profile port-based
undo qos-profile port-based
View
Ethernet port view
Parameters
None
Description
Use the qos-profile port-based command to configure the QoS profile application mode on a port to
be port-based.
Use the undo qos-profile port-based command to restore the default.
By default, the application mode of a QoS profile is user-based.
Note that:
z
If the 802.1x authentication is MAC-based, you need to configure the QoS profile application mode
to be user-based.
z
If the 802.1x authentication is port-based, you need to configure the QoS profile application mode
to be port-based.
Examples
# Configure the QoS profile application mode on Ethernet 1/0/1 to be port-based.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] interface Ethernet1/0/1
[Sysname-Ethernet1/0/1] qos-profile port-based
traffic-limit
Syntax
traffic-limit inbound acl-rule [ union-effect ] [ egress-port interface-type interface-number ]
target-rate [ burst-bucket burst-bucket-size ] [ exceed action ]
undo traffic-limit inbound acl-rule
2-5
View
QoS profile view
Parameters
inbound: Imposes traffic limit on the packets received through the interface.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of
multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the
ACL rules referenced must be those defined with the permit keyword.
union-effect: Specifies that all the ACL rules, including those identified by the acl-rule argument in this
command and those applied previously, are valid. If this keyword is not specified, traffic policing issues
both the rate limiting action and the permit action at the same time, that is, traffic policing permits the
conforming traffic to pass through. If this keyword is specified, traffic policing issues only the rate limiting
action but not the permit action. In this case, if a packet matches both an ACL rule specified in the
traffic-limit command and another previously applied ACL rule with the deny keyword, the packet will
be dropped.
On Ethernet 1/0/1, assume that the filter command is configured to filter packets destined to IP address
2.2.2.2 and the traffic-limit command is configured to limit the rate of packets sourced from IP address
1.1.1.1 within 128 kbps. Whether packets conforming to the rate limit of 128 kbps, sourced from IP
address 1.1.1.1, and destined to IP address 2.2.2.2 (referred to as packets A later)are dropped
depends on the union-effect of the traffic-limit command.
z
If the union-effect keyword is not specified, the traffic-limit command issues both the rate limiting
action and the permit action. Whether packets A can pass through depends on the configuration
order of the filter command and the traffic-limit command, with the latest command applying. That
is, if the traffic-limit command is configured after the filter command is configured, packets A can
pass through; otherwise, packets A are dropped.
z
If the union-effect keyword is specified, the traffic-limit command issues only the rate limiting action.
Whether packets A can pass through depends on the filter command. As for this example, packets
A are dropped.
egress-port interface-type interface-number: Enables traffic policing for the outbound packets of the
port identified by interface-type interface-number. If you specify this keyword, this command applies to
the outbound unicast packets that pass the port and match the ACL rules.
2-6
z
When you configure the traffic policing over a port, an ACL rule can only be applied to one egress
port. If you configure the same ACL rule for different egress ports, only the last configuration takes
effect. To apply the same ACL rule to multiple egress ports, you need to specify different ACL
numbers or rule numbers for the ACL rule.
z
If the IRF function is enabled, the egress port can only be a port of the local unit. For information
about IRF, refer to IRF Fabric module of this manual.
z
Do not specify the egress-port keyword when configuring traffic policing on ports in an
aggregation group spanning multiple units. Refer to Link Aggregation Operation for detailed
information about link aggregation.
target-rate: Target packet rate (in kbps) to be set, in the range 64 to 1,000,000. The granularity of rate
limit is 64 kbps. If the number you input is in the ranges N*64 to (N+1)*64 (N is a natural number), it will
be rounded off to (N+1)*64.
burst-bucket-size: Maximum burst traffic size (in KB) allowed, in the range 4 to 512. This argument
defaults to 512 and must be an integer power of 2.
exceed action: Specifies the action to be taken when the traffic rate exceeds the threshold. The action
can be:
z
drop: Drops the packets.
z
remark-dscp value: Sets a new DSCP value for the packets and then forwards the packets.
Description
Use the traffic-limit command to add the traffic policing action to a QoS profile.
Use the undo traffic-limit command to remove the traffic policing action from a QoS profile.
Examples
# Add traffic policing action to the QoS profile named a123 to limit the rate of the inbound packets
sourced from IP address 1.1.1.1 to 128 kbps and drop the packets exceeding 128 kbps.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 1.1.1.1 0
[Sysname-acl-basic-2000] quit
[Sysname] qos-profile a123
[Sysname-qos-profile-a123] traffic-limit inbound ip-group 2000 128 exceed drop
traffic-priority
Syntax
traffic-priority { inbound | outbound } acl-rule { { dscp dscp-value | ip-precedence { pre-value |
from-cos } } | cos { pre-value | from-ipprec } | local-precedence pre-value }*
undo traffic-priority { inbound | outbound } acl-rule
2-7
View
QoS profile view
Parameters
inbound: Performs priority marking on the inbound packets.
outbound: Performs priority marking on the outbound packets.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of
multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the
ACL rules referenced must be those defined with the permit keyword.
dscp dscp-value: Sets the DSCP precedence, in the range 0 to 63. You can also provide one of the
keywords listed in Table 1-7 for the dscp-value argument.
ip-precedence { pre-value | from-cos }: Sets the IP precedence. The pre-value argument ranges from
0 to 7. You can also provide one of the keywords listed in Table 1-6 for the pre-value argument. The
from-cos keyword specifies to use the 802.1p priority as the IP precedence.
cos { pre-value | from-ipprec }: Sets the 802.1p priority. The pre-value argument is in the range 0 to 7.
You can also provide one of the keywords listed in Table 1-10 for the pre-value argument. The
from-ipprec keyword specifies to use the IP precedence as the 802.1p priority.
local-precedence pre-value: Sets the local precedence value, in the range of 0 to 7.
Description
Use the traffic-priority command to add a priority marking action to a QoS profile.
Use the undo traffic-priority command to remove a priority marking action from a QoS profile.
Do not configure 802.1p priority marking and local precedence marking for the same traffic. With 802.1p
priority marking, the new 802.1p priority will be mapped to a local precedence automatically. If local
precedence marking is also configured, there will be two local precedence values for the traffic,
resulting in conflict. In this case, the device will display an error prompt.
Examples
# Add the priority marking action to the QoS profile named a123 to set the local precedence of the
inbound packets sourced from IP address 1.1.1.1 to 0.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 1.1.1.1 0
[Sysname-acl-basic-2000] quit
[Sysname] qos-profile a123
[Sysname-qos-profile-a123] traffic-priority inbound ip-group 2000 local-precedence 0
2-8
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising