Troubleshooting - QoS (V600R003C00 - 02)

HUAWEI NetEngine80E/40E Router
V600R003C00
Troubleshooting - QoS
Issue
02
Date
2011-09-10
HUAWEI TECHNOLOGIES CO., LTD.
Copyright Huawei Technologies Co., Ltd. 2011. All rights reserved.

No part of this document may be reproduced or transmitted in any form or by any means without prior written
consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or representations
of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Huawei Technologies Co., Ltd.

Address:
Huawei Industrial Base

Bantian, Longgang
Shenzhen 518129
People's Republic of China
Website:
http://www.huawei.com
Email:
support@huawei.com
Issue 02 (2011-09-10)
Huawei Proprietary and Confidential

Copyright Huawei Technologies Co., Ltd.

About This Document
About This Document

Purpose
NOTE
l This document takes interface numbers and link types of the NE40E-X8 as an example. In working
situations, the actual interface numbers and link types may be different from those used in this
document.
l On NE80E/40E series excluding NE40E-X1 and NE40E-X2, line processing boards are called Line
Processing Units (LPUs) and switching fabric boards are called Switching Fabric Units (SFUs). On
the NE40E-X1 and NE40E-X2, there are no LPUs and SFUs, and NPUs implement the same functions
of LPUs and SFUs to exchange and forward packets.
This document describes the troubleshooting of HUAWEI NetEngine80E/40E with various

services, including information collection methods, common processing flows, common
troubleshooting methods, and troubleshooting cases.
This document describes the troubleshooting workflow and methods for HUAWEI
NetEngine80E/40E.
Related Versions
The following table lists the product versions related to this document.
Product Name
Version
HUAWEI NetEngine80E/40E
Router
V600R003C00
Intended Audience
This document is intended for:
l
Policy planning
Installation and commissioning engineer
NM configuration engineer
Technical support engineer
Issue 02 (2011-09-10)

ii

About This Document
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol
Description
DANGER
WARNING
CAUTION
Alerts you to a high risk hazard that could, if not avoided,

result in serious injury or death.
Alerts you to a medium or low risk hazard that could, if
not avoided, result in moderate or minor injury.
Alerts you to a potentially hazardous situation that could,
if not avoided, result in equipment damage, data loss,
performance deterioration, or unanticipated results.
TIP
Provides a tip that may help you solve a problem or save

time.
NOTE
Provides additional information to emphasize or

supplement important points in the main text.
Change History
Updates between document issues are cumulative. Therefore, the latest document issue contains
all updates made in previous issues.
Changes in Issue 02 (2011-09-10)

The second commercial release has the following updates:
There is no update compared with the previous issue.
Changes in Issue 01 (2011-05-30)

Initial field trial release.
Issue 02 (2011-09-10)

iii

Contents
Contents
About This Document.....................................................................................................................ii
1 QoS...................................................................................................................................................1
1.1 Troubleshooting of 802.1P Simple Traffic Classification..................................................................................2
1.1.1 Typical Networking...................................................................................................................................2
1.1.2 Troubleshooting Flow................................................................................................................................2
1.1.3 Troubleshooting Procedures......................................................................................................................3
1.2 Troubleshooting of Complex Traffic Classification...........................................................................................4
1.3 Troubleshooting of Queue Scheduling Based on Traffic Classification............................................................6
1.4 Troubleshooting ATM QoS................................................................................................................................8
1.4.2 Troubleshooting Flowchart........................................................................................................................9
1.4.3 Troubleshooting Procedure......................................................................................................................10
1.5 Troubleshooting HQoS.....................................................................................................................................12
1.5.1 Typical Networking.................................................................................................................................12
1.5.2 Troubleshooting Flowchart......................................................................................................................13
1.6 Troubleshooting UCL.......................................................................................................................................15
1.6.2 Troubleshooting Flow..............................................................................................................................16
1.7 Troubleshooting Last Mile QoS.......................................................................................................................17
1.7.2 Troubleshooting Flow..............................................................................................................................17
1.8 BAS HQoS Does Not Take Effect...................................................................................................................19
1.8.1 Common Causes......................................................................................................................................19
1.8.2 Troubleshooting Flowchart......................................................................................................................19
Issue 02 (2011-09-10)

iv

Contents

1.8.4 Relevant Alarms and Logs......................................................................................................................20
1.9 Related Troubleshooting Cases........................................................................................................................20
1.9.1 Packets Are Not Discarded After Traffic Policy Is Configured..............................................................20
1.9.2 Packets of VPN Services Are Lost Because the IP Precedence of a Device Is Incorrectly Set..............22
1.9.3 Slow Web Page Loading for Some ADSL Users....................................................................................24
1.9.4 Rate Limit Does Not Take Effect When Both Rate Limit and Access Control Are Configured............25
1.9.5 The DNS Server Cannot Be Accessed Due to Incorrect Configurations of Traffic Classification.........27
Issue 02 (2011-09-10)


1 QoS
QoS
About This Chapter

1.1 Troubleshooting of 802.1P Simple Traffic Classification
This section describes the notes about configuring simple traffic classification, and provides the
simple traffic classification troubleshooting flowchart and the troubleshooting procedure.
1.2 Troubleshooting of Complex Traffic Classification
This section describes the notes about configuring comples traffic classification, and provides
the complex traffic classification troubleshooting flowchart and the troubleshooting procedure.
1.3 Troubleshooting of Queue Scheduling Based on Traffic Classification
This section describes the notes about configuring queue scheduling based on traffic
classification, and provides the queue scheduling based on traffic classification troubleshooting
flowchart and the troubleshooting procedure.
1.4 Troubleshooting ATM QoS
This section describes the notes about configuring ATM QoS, and provides the ATM QoS
troubleshooting flowchart and trouble shooting procedure.
1.5 Troubleshooting HQoS
This section describes the notes about configuring HQoS, and provides the HQoS
troubleshooting flowchart and troubleshooting procedure.
1.6 Troubleshooting UCL
1.7 Troubleshooting Last Mile QoS
1.8 BAS HQoS Does Not Take Effect
1.9 Related Troubleshooting Cases
Issue 02 (2011-09-10)


1 QoS
1.1 Troubleshooting of 802.1P Simple Traffic Classification

This section describes the notes about configuring simple traffic classification, and provides the
simple traffic classification troubleshooting flowchart and the troubleshooting procedure.
1.1.1 Typical Networking

Figure 1-1 shows a typical networking of simple traffic classification.
Figure 1-1 Networking of 802.1P simple traffic classification
Vlan-type dotlq 1
GE1/0/1
GE1/0/1.1
GE1/0/1
GE3/0/1.1
GE8/0/1
RouterA
RouterB Vlan-type dotlq 1 RouterC
RouterD
The solution in the above figure includes:

1.
Send IP packet with DSCP as 10 from Router A.
2.
The packet reaches the sub-interface GE 3/0/1.1 of Router C through Router B and the
value of 802.1p is 1.
1.1.2 Troubleshooting Flow

For the network shown in typical networking, when the value of 802.1p of the packet received
on GE 3/0/1.1 of Router C is incorrect, perform the troubleshooting flow shown in Figure
1-2.
Issue 02 (2011-09-10)


1 QoS
Figure 1-2 Troubleshooting flow of simple traffic classification

The 8021P value of
the packet received by
RouterC is incorrect
Is the
mapping used
on the inbound
interface
correct?
No
Modify the configuration

on the inbound
interface and adopt
correct mapping
Yes
Is the
mapping used
on the outbound
interface
correct?
No
Modify the configuration

on the outbound
interface and adopt
correct mapping
Yes
Is the
inbound/outbound
interface the subinterface?
No
Configure the subinterface
Yes
Is 8021P
enabled on the
inbound/outbound
interface?
No Configure trust 8021P

on the sub-interface
Yes
Seek Huawei
technical support
No
Is the fault
removed?
Yes
End
1.1.3 Troubleshooting Procedures

Procedure
Step 1 Check the mapping of the interface sending the packet
Display whether the trust upstream command is configured on GE 8/0/1 of Router B through
the display this command.
l If non-default domain is configured, check the mapping of the domain in global configuration
mode through the display diffserv domain command.
Issue 02 (2011-09-10)


1 QoS
l If trust upstream default is configured, check the mapping of the default domain in global
configuration mode through the display diffserv domain command. If the mapping does not
meet the requirement, re-configure it.
Step 2 Check the mapping of the interface receiving the packet
Display whether the trust upstream [ ds-domain-name ] command is configured on the subinterface GE 3/0/1.1 of Router C through the display this command.
l If non-default domain is configured, check the mapping of the domain in global configuration
mode through the display diffserv domain command.
l If trust upstream default is not configured, check the mapping of the default domain in
global configuration mode through the display diffserv domain command. If the mapping
does not meet the requirement, re-configure it.
Step 3 Check that 802.1P is enabled
Display whether the trust 8021P command is configured on the sub-interface GE 3/0/1.1 of
Router C through the display this command. If it is not configured, re-configure it.
----End
1.2 Troubleshooting of Complex Traffic Classification

This section describes the notes about configuring comples traffic classification, and provides
the complex traffic classification troubleshooting flowchart and the troubleshooting procedure.

Figure 1-3 shows a typical networking of complex traffic classification.
Figure 1-3 Networking of complex traffic classification
mac address
1-1-1
GE1/0/1.1
GE8/0/1.1
RouterA
RouterB

1.
Send the vlan packet with 802.1p as 3 from Router A.
2.
GE 8/0/1.1 of Router B receives the packet and discards it. Or Router B discards it based
on the source MAC address of the packet.

For the network shown in typical networking, GE 8/0/1.1 of Router B does not discard the packet
with 802.1p as 3 or the MAC address as F-F-F from Router A. The traffic policy is not applied
correctly.
Perform the troubleshooting flow shown in Figure 1-4.
Issue 02 (2011-09-10)


1 QoS
Figure 1-4 Troubleshooting flow of complex traffic classification

A fault occurs in
traffic policy
Check
whether the
inbound interface
receives the
packet
No
Check the status of

the interface and
isolate the fault on
the link layer
Yes
Check
whether the
traffic lassification
rule of the inbound
interface is
correct
No
Re-configure the
traffic classification
rule
No
Re-configure the
traffic behavior
No
Re-configure the
traffic policy
No
Apply the traffic

policy correctly
Yes
Check
whether the traffic
behavior is
correct
Yes
Check
whether the traffic
policy is
correct
Yes
Check
whether the traffic
policy is applied
correctly
Yes
Seek Huawei
technical support
No
Is the fault
removed?
Yes
End

Procedure
Step 1 Check the network connectivity
Display the state of each interface through the display ip interface brief command.
Issue 02 (2011-09-10)


1 QoS
l Up indicates that the interface is available.

l Down indicates that the interface is unavailable.
When the interface is Down, check the link and the interface.
Step 2 Check traffic classification rules configured
1.
Display whether the filter rule is set to discard the packet from the specified source MAC
address through the display acl command in system view. That is, whether the rule
deny source-mac command is configured.
2.
Display whether the traffic classifier command is configured through the display currentconfiguration command in system view.
3.
Display whether the following if-match clauses are configured in the configured traffic
classification view.
l if-match 8021p 3
l if-match acl acl-number. The acl-number is the ACL of the packet from the specified
source MAC address to be discarded.
Step 3 Check the traffic behavior configured

1.
Display whether the traffic behavior command is configured through the display currentconfiguration command in system view.
2.
Display whether the deny command is configured in the configured traffic behavior view.
Step 4 Check the traffic policy configured

1.
Display whether the traffic policy command is configured through the display currentconfiguration command in system view.
2.
Display whether the classifier behavior command is configured correctly in traffic policy
view.
Step 5 Check the application of traffic policy on GE 8/0/1.1

Display whether the vlan-type dot1q 3 and traffic-policy inbound link-layer commands are
configured through the display this command in sub-interface view of Router B.
----End
1.3 Troubleshooting of Queue Scheduling Based on Traffic

Classification
This section describes the notes about configuring queue scheduling based on traffic
classification, and provides the queue scheduling based on traffic classification troubleshooting
flowchart and the troubleshooting procedure.

Figure 1-5 shows a typical networking of queue scheduling based on traffic classification.
Figure 1-5 Networking of queue scheduling based on traffic classification
GE1/0/1
GE1/0/0
GE8/0/1
GE8/0/1
RouterA
RouterB
RouterC
Issue 02 (2011-09-10)


1 QoS

1.
Send the traffic of ef level with 700 M, the traffic of af1 level with 100 M, the traffic of
af2 level with 200 M, and the traffic of be level with 300 M from Router A. The bandwidth
of GE 1/0/1 of Router B is 1000 M. Congestion is caused.
2.
According to queue scheduling, all the traffic of ef level can be transmitted from GE 1/0/1,
and the traffic of af1, af2, be levels can be separately transmitted with 50 M, 100 M, 150
M.

For the network shown in Figure 1-5, the traffic at each level sent from Router A is not forwarded
correctly after reaching Router B based on the expected queue scheduling.
Perform the troubleshooting flow shown in Figure 1-6.
Figure 1-6 Troubleshooting flow of queue scheduling based on traffic classification
A fault occurs
Check
the network
connectivity
No
Isolate the
network fault
Yes
Check
whether simple
No Configure simple traffic
traffic classification is
classification on the
configured on the
inbound interface
inbound
interface
Yes
Check
whether simple
Configure simple traffic
traffic classification is No
classification on the
configured on the
outbound
outbound interface
interface
Yes
Check
whether queue
scheduling is
configured
correctly
No
Configure queue
scheduling correctly
Yes
Seek Huawei
technical support
No
Is the fault
removed?
Yes
End
Issue 02 (2011-09-10)


1 QoS

Procedure
Step 1 Check the network connectivity
Display the state of each interface through the display ip interface brief command.
l Up indicates available.
l Down indicates unavailable.
When the interface is Down, check the link and the interface.
Step 2 Check that simple traffic classification is configured on the inbound interface
Display whether simple traffic classification is enabled through the display this command in
the inbound interface view of GE 8/0/1 on Router B. That is, whether the trust upstream
command is configured.
Step 3 Check that simple traffic classification is configured on the outbound interface
Display whether simple traffic classification is enabled through the display this command in
the outbound interface view of GE 8/0/1 on Router B. That is, whether the trust upstream
command is configured.
Step 4 Check the mapping of the domain
Check the mapping of the domain in global configuration mode through the display diffserv
domain command. That is, whether the mapping meet the requirement.
Step 5 Check queue scheduling configured
Display whether the correct queue scheduling is configured to forward the traffic at each level
through the display this command in the outbound interface view of GE 1/0/1 on Router B. That
is, whether the commands such as port-queue ef, port-queue af1, port-queue af2, port-queue
be are configured.
Confirm that the shaping for the traffic at each level is set correctly.
----End
1.4 Troubleshooting ATM QoS

This section describes the notes about configuring ATM QoS, and provides the ATM QoS
troubleshooting flowchart and trouble shooting procedure.
NOTE
ATM QoS cannot be configured on the X1 and X2 models of the NE80E/40E.

Typical networking of ATM QoS is shown in Figure 1-7. ATM QoS troubleshooting in this
chapter is described based on this networking figure.
Issue 02 (2011-09-10)


1 QoS
Figure 1-7 Networking diagram for configuring ATM QoS for 1-to-1 VCC ATM transmission
1.1.1.9/32
PE1
ATM2/0/0
3.3.3.9/32
POS1/0/0
10.1.1.1/24
ATM1/0/0.1
PVC1:1/100
100.1.1.1/24
ATM
Network
MPLS
POS1/0/0
10.1.2.2/24
PE2
ATM2/0/0
ATM1/0/0.1
PVC1:1/100
100.1.1.2/24
CE1
CE2
ATM
Network
In the figure:
l
L2VPN is configured on PE1 and PE2; the L2VPN is bound with the interface of the PE
that is connected to the CE.
PVC is configured on the CE and transparent cell transmission is configured on the ATM
side of the PE.
On the ATM sub interface of PE1, simple traffic classification is configured.
1.4.2 Troubleshooting Flowchart

In Figure 1-7, users connected to CE1 and users connected to CE2 fail to access each other. The
troubleshooting flowchart is shown in Figure 1-8.
Issue 02 (2011-09-10)


1 QoS
Figure 1-8 ATM QoS troubleshooting flowchart

No traffic
classification on
the ATM
interface
LSP or remote
session set up between
PEs?
No Modify MPLS LDP

configured
between PEs
Yes
L2VPN
configuration
correct between
PEs?
No
Modify L2VPN
configured
between PEs?
Yes
ATM cell
transmission
configuration correct
on CEs?
Yes
Simple
or forced traffic
classification configured
on PEs?
No
No
Modify ATM cell

transmission
configured on CEs
Modify traffic
classification
configured for PVC
on private interface
Yes
Seek
technical
support
No
Fault
removed?
Yes
End
1.4.3 Troubleshooting Procedure

Procedure
l
Troubleshooting Procedure for Simple ATM Traffic Classification

1.
Check whether MPLS LDP sessions are set up between the PEs.
For detailed troubleshooting procedure, see HUAWEI NetEngine80E/40E MPLS
L2VPN Troubleshooting.
Issue 02 (2011-09-10)

10

2.
1 QoS
Check whether L2VPN is set up between the PEs.

For detailed troubleshooting procedure, see HUAWEI NetEngine80E/40E MPLS
L2VPN Troubleshooting.
3.
Check whether transparent transmission of ATM cells is enabled on the PE.

If the atm cell transfer command is run on the PE's interface that is connected to the
private network, transparent transmission of ATM cells can be carried out between
the CEs. The CEs can ping through each other.
4.
Check whether simple ATM traffic classification is enabled on the PE.

Check whether the trust upstream command is run on the inbound interface.
In the interface view, run the display current-configuration command. Check
whether the trust upstream default command is run on the interface.
If the trust upstream default command has been run on the upstream PVC of the
PE, it means that simple ATM traffic classification has been enabled. The CLP
field in the ATM cells will be transmitted transparently to the remote end. That is,
the service priority of the ATM cells remains unchanged.
The PE puts the ATM cells into queues according to the service class and CLP of
the cells. Thus, diff-serv according to the priority of cells is carried out.
Check the configuration in the default DS domain.
If the mapping between the service priority and the queue is different from the
default mapping, run the display current-configuration command in the default
DS domain view. If the mapping does not satisfy the networking requirement,
configure the mapping again in the default DS domain view.
You can run the display port-queue command to check the outgoing queue on
the interface.
5.
l
If the problem still remains unsolved, contact the local Huawei technical support
engineer.
Troubleshooting Procedure for Forced ATM Traffic Classification

The configuration of forced ATM traffic classification has nothing to do with the type of
ATM services.
Forced ATM traffic classification can be applied to only the upstream interface. It cannot
be configured together with simple ATM traffic classification.
1.
Check that forced ATM traffic classification is enabled on the upstream ATM interface
or PVC/PVP.
In the interface view, run the display current-configuration command. Check
whether the traffic queue service-class { green | red | yellow } command is run on
the interface.
The router should be able to put upstream ATM cells into queues according to their
class-service and color to carry out diff-serv according to interfaces and PVC/PVP.
You can run the display port-queue command to check the outgoing queue on the
interface.
2.
If the problem still remains unsolved, contact the local Huawei technical support
engineer.
----End
Issue 02 (2011-09-10)

11

1 QoS
1.5 Troubleshooting HQoS

This section describes the notes about configuring HQoS, and provides the HQoS
troubleshooting flowchart and troubleshooting procedure.

Typical networking of HQoS is shown in Figure 1-9 and Figure 1-10.HQoS troubleshooting
in this chapter is described based on these two networking figures.
HQoS on the User-Side Primary Interface of the PE

Figure 1-9 Networking for HQoS configuration on the primary interface
CE1
GE2/0/0
172.1.1.1/24
PE1
GE3/0/0
172.1.1.2/24
IP
backbone
network
PE2
In general, HQoS is configured on the access-layer router to guarantee bandwidth and limit
traffic of users or user groups.
In this networking, the configuration roadmap of HQoS is as follows:
l
Configure the WRED parameters for each CoS.
Queue scheduling algorithm and parameters for each flow queue.
Configure mapping of the CoS for flow queues.
Configure the shaping value for user group queues.
Configure SQ on the interface.
Configure CQ on the interface.
Issue 02 (2011-09-10)

12

1 QoS
HQoS on the User-Side Sub-interface of the PE

Figure 1-10 Networking for HQoS configuration on the sub-interface
PE1 GE3/0/0
172.1.1.2/24
GE2/0/0
172.1.1.1/24
VLL
VPLS L3VPN
Customer Customer Customer

gateway gateway gateway
PE2
IP
backbone
network
VLL
VPLS L3VPN
Customer Customer Customer

gateway gateway gateway
In this networking, the client gateways connect to the sub-interface of the PE by means of VLL,
VPLS or L3VPN.HQoS is configured on the access side of the PE to guarantee the bandwidth
and limit traffic of users or user groups.
The configuration roadmap is similar to that on the primary interface.

In the network shown in Figure 1-10, the traffic limit for the SQ is incorrect on one router. The
troubleshooting flowchart is shown in Figure 1-11.
Issue 02 (2011-09-10)

13

1 QoS
Figure 1-11 HQoS troubleshooting flowchart

SQ traffic is
incorrect
Yes
Yes
Traffic size
too small
Trunk
interface
Check the
configuration on
load of balancing
No
No
Yes
Excessive
protocol packets
Upstream
No
Multicast,
broadcast,unicast
packets exist
Yes
No
Yes
Downstream
connected to the MPLS
core network
Downstream
broadcast and
unknown unicast
have no rate limit
HQoS does not take

effect on the PW at
the public network
No
Seek
technical
support
No
Fault
removed?
Yes
End

Procedure
Step 1 Compare the actual traffic that passes through the router with the configuration.
If they are inconsistent, do as follows:
1.
If the volume of traffic is smaller than the configuration, check that the interface where
HQoS is configured is an Eth-Trunk interface.
2.
If the interface is an Eth-Trunk interface, check whether packet-based load balancing is

configured on that Eth-Trunk interface.
[PE1] interface eth-trunk 5
[PE1-Eth-Trunk55] display this
#
interface Eth-Trunk55
load-balance packet-all
#
3.
Issue 02 (2011-09-10)
If packet-based load balancing is configured on the Eth-Trunk interface, disable the load
balancing. Then the problem can be solved.
14

1 QoS
4.
If the volume of traffic is larger than the configuration and the interface is not an Eth-Trunk
interface, perform Step 3.
5.
If the volume of traffic is too large, proceed to Step 2.
Step 2 Check whether HQoS is configured on the inbound or outbound interface.

l If HQoS is configured on the inbound interface, perform Step 3.
l If HQoS is configured on the outbound interface, perform Step 4.
Step 3 Check whether there are too many protocol packets.
l When HQoS is configured on the inbound interface, SQ limits rate of all traffic including
protocol packets. In this case, if too many protocol packets go into the router, the bandwidth
allocated for protocol packets is wasted. Therefore, actual traffic volume is too small.
l If too few protocol packets go into the router, perform Step 6.
Step 4 Check whether there are multicast or unknown unicast packets.
l If there are multicast or unknown unicast packets on the outbound interface, the volume of
traffic that passes the router will be too large.
l If there are no multicast or unknown unicast packets, perform Step 5.
Step 5 Check whether the outbound interface is connected to the MPLS backbone network.
l If the outbound interface is connected to the MPLS backbone network, the volume of traffic
that passes the router will be too large because HQoS does not take effect on the backbone
network side.
l If not, perform step 6.
Step 6 Contact Huawei Technical Support Engineers.
----End
1.6 Troubleshooting UCL

Figure 1-12 shows a typical network configured with UCL policies. PPPoE users are accessed
to the network through the DSLAM. It is required that the router mark the priorities of users and
distinguish them as gold users and silver users, and achieve bandwidth assurance and implement
rate limit for the traffic of users according to their priorities.
Figure 1-12 UCL networking diagram
PC
ISP
network
VOIP
DSLAM 1
Router
IPTV
Issue 02 (2011-09-10)

15

1 QoS

In the network as shown in 1.6.1 Typical Networking, UCLs do not take effect after being
configured.
Figure 1-13 UCL troubleshooting flowchart
UCL configuration
not effective
Does the board

support UCL?
Yes
Configure UCL
on UCLsupporting
board
No
Is interface
configured with
CTC?
Yes
Delete configured
CTC policies
Yes
Delete excessive
rules
No
Are too many
rules configured?
No
Contact Huawei
technical support
personnel
No
Is fault
rectified?
Yes
End

Procedure
Step 1 Check the type of the board to confirm whether UCLs are supported on the board.
l If UCLs are not supported on the board, replace the board with a UCL-supporting type of
board and configure UCLs again.
l If UCLs are supported on the board, go to Step 2.
Step 2 Check whether complex traffic classification (CTC) policies are configured on the interface.
l If CTC policies are configured on the interface, traffic may match the CTC policies rather
than UCLs. In this case, delete the CTC policies.
Issue 02 (2011-09-10)

16

1 QoS
l If CTC policies are not configured on the interface, go to Step 3.

Step 3 Check whether too many UCL rules are configured.
NOTE
A maximum number of 2048 UCL rules can be configured. In addition, UCL rules of varying types are
applied to incoming and outgoing traffic differently.
l If the number of UCL rules that are configured exceeds the upper limit, delete the excessive
UCL rules.
l If the number of UCL rules that are configured does not exceed the upper limit, go to Step
4.
Step 4 If the fault persists, contact the Huawei technical support personnel.
----End
1.7 Troubleshooting Last Mile QoS

NOTE
Last Mile QoS cannot be configured on the X1 and X2 models of the NE80E/40E.

As shown in the following figure, the router functions as a BRAS. The user accesses the network
through PPPoA, and the link between the router and the DSLAM is an Ethernet link. It is required
to configure last mile QoS on the router to avoid traffic congestion on the DSLAM.
l
The user accesses the network through the GE 2/0/0 on the router.
RADIUS authentication and RADIUS accounting are used.
Figure 1-14 Networking diagram of last mile QoS
PPPoA
IPoE
PC
CPE
PPPoE
GE2/0/0
Ethernet
ATM DSLAM
BRAS
NOTE
A user can access the network through either PPPoA or PPPoE. When the local link type and remote link
type are different, you need to configure last mile QoS and set a remote packet compensation value.

In the network as shown in Figure 1-14, last mile QoS does not take effect after being configured.
Figure 1-15 shows the troubleshooting flowchart.
Issue 02 (2011-09-10)

17

1 QoS
Figure 1-15 Last mile QoS troubleshooting flowchart

Last mile QoS does
not take effect
Last mile
QoS enabled
or not?
No
Enable last
mile QoS
No
Configure correct
mode of last mile
QoS correct
Yes
Mode of last
mile QoS
correct?
Yes
Fault
rectified?
No
Contact Huawei
technical
support
personnel
Yes
End

Procedure
Step 1 Run the display this command in the system view or the AAA domain view to check whether
last mile QoS is enabled.
l If last mile QoS is enabled, go to Step 2.
l If last mile QoS is not enabled, run the qos link-adjustment remote enable command in
either the system view or the AAA domain view accordingly. The configuration takes effect
when the user log in again. If you configure the qos link-adjustment remote enable
command in the AAA domain view, last mile QoS takes effect with only the L2TP service.
Step 2 Check whether the remote packet compensation value is correctly configured in the interface
view or the AAA domain view.
l If the remote packet compensation value is correctly configured, go to Step 3.
l If the remote packet compensation value is not correctly configured, run the qos linkadjustment remote command in either the system view or the AAA domain view
accordingly.
Step 3 If the fault persists, contact the Huawei technical support personnel.
----End
Issue 02 (2011-09-10)

18

1 QoS
1.8 BAS HQoS Does Not Take Effect

1.8.1 Common Causes
This fault is commonly caused in one of the following situations:
l
No QoS profile is applied in the interface view or user domain view.
No traffic behavior is configured in the QoS profile.

None.

Context
NOTE
Saving the results of each troubleshooting step is recommended. If your troubleshooting fails to correct
the fault, you will have a record of your actions to provide Huawei technical support personnel.
Procedure
Step 1 Check that BAS HQoS is configured on the device.
l For family users, check whether a QoS profile is applied to an interface on the user side.
Run the display this command in the view of the interface connected to the faulty client to
check whether a QoS profile is applied.
If no QoS profile is applied, run the qos-profile qos-profile-name { inbound | outbound }
command to apply a correct QoS profile. The new configuration takes effect after the user
goes online again.
NOTE
The newly applied QoS profile is invalid for the logged-on users. After the user goes offline and goes
online again, the QoS profile takes effect.
l For common users, check whether a QoS profile is applied to an interface on the user side.
Run the display domain domain-name command to view the Qos-profile-name inbound
and Qos-profile-name outbound fields to check whether a QoS profile is applied.
If the values of the Qos-profile-name inbound and Qos-profile-name outbound fields are
not displayed, no QoS profile is applied. Run the qos-profile qos-profile-name { inbound |
outbound } command in the user domain view. The new configuration takes effect after the
user goes online again.
l If BAS HQoS is correctly configured, go to Step 2.
Step 2 Check that the QoS profile is correctly configured.
Run the display qos-profile configuration qos-profile-name command to check whether the
user-queue or car command is configured in the QoS profile.
Issue 02 (2011-09-10)

19

1 QoS
l If the user-queue or car command is not configured, run the user-queue or car command
in the QoS profile view. The new configuration takes effect after the user goes offline and
goes online again.
l If the QoS profile is correctly configured, go to Step 3.
Step 3 Collect the following information and contact Huawei technical support personnel.
l Results of the preceding operation procedure
l Configuration files, log files, and alarm files of the devices
----End
1.8.4 Relevant Alarms and Logs

Relevant Alarms
None.
Relevant Logs
None.
1.9 Related Troubleshooting Cases

1.9.1 Packets Are Not Discarded After Traffic Policy Is Configured
Fault Symptom
On the network shown in Figure 1-16, two ACL rules in a traffic policy is configured in sequence
on GE 1/0/0 of the router to implement the following functions:
l
Discards UDP packets with the destination address being 10.1.1.1/30 and interface numbers
smaller than 1023.
Applies a CAR policy to other packets with the destination address being 10.1.1.1/30 and
interface numbers equal to or larger than 1023 to limit the transmission rate to 400 Mbit/
s.
After the configurations, the router applies the CAP policy to the UDP packets with the
destination address being 10.1.1.1/30, thus implementing traffic control; however, it does not
discards the UDP packets with the destination address being 10.1.1.1/30 and interface numbers
smaller than 1023.
Figure 1-16 Packets not discarded after traffic policy is configured
GE1/0/0
Network
Router
Issue 02 (2011-09-10)

20

1 QoS
Fault Analysis
1.
Run the display current-configuration command to check the global configurations of

acl and traffic policy. The configurations are as follows:
acl 3010 match-order auto
rule 5 permit ip destination 10.1.1.1 0.0.0.3
acl 3011
rule 5 permit udp destination 10.1.1.1 0.0.0.3 destination-port lt 1023
traffic classifier c1 operator or
if-match acl 3010
traffic classifier c2 operator or
if-match acl 3011
traffic behavior b1
car cir 400000 cbs 400000 pbs 0 green pass yellow pass red discard
traffic behavior b2
deny
traffic policy tp
classifier c1 behavior b1
classifier c2 behavior b2
interface gigabitethernet 1/0/0
traffic-policy tc inbound
2.
The command output shows that UDP packets first attempt to match the ACL rule
associated with the classifier that is first configured in a traffic policy. After the UDP
packets match the ACL rule, the packets do not match the other ACL rule. In this case, the
UDP packets with the destination address being 10.1.1.1/30 and the interface number
smaller than 1023 match ACL 3010, allowing the traffic limit to take effect on the packets.
After this, the UDP packets, however, do not match the other ACL rule and therefore are
not discarded.
Procedure
Step 1 Run the undo traffic-policy inbound command in the interface view to delete the associated
policy applied to an interface.
Step 2 Run the system-view command to enter the system view.
Step 3 Run the undo traffic policy tp command to delete the traffic policy.
Step 4 Run the traffic policy tp command to create a traffic policy and enter the traffic policy view.
Step 5 Run the classifier c2 behavior b2 command and then the classifier c1 behavior b1 command
to change the sequence for applying ACL rules in the traffic policy.
Step 6 Run the traffic-policy policy-name inbound command to apply the associated policy on the
interface.
After the preceding operations, the UDP packets with the destination address being 10.1.1.1/30
and the interface numbers smaller than 1023 are discarded, traffic control is performed on other
packets with the destination address being 10.1.1.1/30. The fault is then rectified.
----End
Summary
The sequence for applying ACL rules must be correct. During traffic classification, packets
match the ACL rules in the sequence from an ACL associated with the classifier that is first
Issue 02 (2011-09-10)

21

1 QoS
configured in a traffic policy. If the packets match an ACL rule, the packets are processed based
on the ACL rule and do not match other ACL rules.
When configuring a traffic policy, ensure that the sequence in which traffic classifiers are applied
is correct.
1.9.2 Packets of VPN Services Are Lost Because the IP Precedence

of a Device Is Incorrectly Set
Fault Symptom
On the network shown in Figure 1-17, Layer 3 MPLS VPN is run between the router and the
switch, and the Soft 3000 belongs to the Layer 3 MPLS VPN. The router and the switch are
configured with QoS to protect services. After the configuration, it is found that packet loss
occurs when Switch A pings the Soft 3000 and the other services are normal.
Figure 1-17 Diagram of the networking where packets of VPN services are lost because the IP
precedence of a device is Incorrectly set
Soft 3000
Router
Switch A
Switch B
Fault Analysis
1.
Run the display current-configuration command on the router to check the current
configuration.
acl number 10001
rule ip
traffic classifier any-ngn
if-match acl 10001
traffic behavior action-ef
remark ip-precedence 4
traffic policy eacl-ef
classifier any-ngn behavior action-ef precedence 0
interface GigabitEthernet1/0/0
port-queue af4 shaping 10 outbound
port-queue ef shaping 100 outbound
trust upstream default
The command output shows that the IP precedence value is set to 4 (corresponding to AF4),
the committed bandwidth for AF4 on the interface is 10 Mbit/s, and packet loss occurs
when the traffic volume is greater than 10 Mbit/s. In this case, the volume of NGN traffic
on Switch A exceeds 10 Mbit/s.
Issue 02 (2011-09-10)

22

2.
1 QoS
Run the display port-queue statistics interface gigabitethernet 1/0/0 af4 outbound
command. You can find that a large number of packets in the AF queue are discarded.
[af4]
Current usage percentage of queue: 0
Total pass:
0 packets,
Total discard:
13,608,926 packets,
39,502,685,409 bytes
Drop tail discard:
0 packets,
Wred discard:
0 packets,
Last 30 seconds pass rate:
453,631 pps,
1,316,756,180 bps
Last 30 seconds discard rate:
0 pps,
Drop tail discard rate:
0 pps,
Wred discard rate:
0 pps,
Peak rate:
0000-00-00 00:00:00
0 bytes
0 bytes
0 bytes
0 bps
0 bps
0 bps
0 bps
The command output shows that the IP precedence value of the router is set to 4
(corresponding to AF4) and packet loss occurs when the traffic volume exceeds 10 Mbit/
s. As a result, packet loss occurs when Switch A pings the Soft 3000.
Procedure
Step 2 Run the traffic behavior behavior-name command to enter the traffic behavior view.
Step 3 Run the remark ip-precedence 5 command to re-mark the IP precedence and specify the ToS
of VPN NGN services to EF.
After the preceding operations, the IP precedence value is set to 5, which corresponds to EF set
with the port-queue ef shaping 100 outbound command on the interface. Thus, the committed
bandwidth of VPN NGN services is changed to 100 Mbit/s.
----End
Summary
After the remark ip-precedence precedence command is run on a device, the device maps the
re-marked IP precedence with a ToS.
The mappings between IP precedences and ToSs are as follows:
Issue 02 (2011-09-10)
be
af1
green
af2
green
af3
green

23

1 QoS
af4
green
ef
green
ef
green
ef
green
1.9.3 Slow Web Page Loading for Some ADSL Users

Fault Symptom
On the network shown in Figure 1-18, ADSL users access the Internet either by directly dialing
through a modem on PCs or by using a broadband router as an agent dialer connected to a modem.
After the configuration, when ADSL user access the Internet by using the agent dialer, Web
pages are loaded during a period from 17:00 to 23:30 slower than during daytime and some Web
pages fail to be loaded. When ADSL users access the Internet by dialing through a modem, Web
pages are loaded at a normal rate.
Figure 1-18 Networking diagram of slow web page loading for some ADSL users
I n t e r ne t
RouterA
Broadband
Access Router
Modem
User
Modem
User
User
User
Fault Analysis
1.
Issue 02 (2011-09-10)
After packets are captured, information shows that the port numbers used by ADSL users
dialing through a modem range from 1000 to 10000, but the port numbers used by ADSL
24

1 QoS
users dialing through an agent dialer are translated by NAT into port numbers larger than
10000.
2.
Run the display current-configuration command on the device to check the traffic limit
configured on the interface. The command output shows that a P2P traffic policy has been
configured. Based on the traffic policy, the transmission rate of services with the interface
number larger than 10000 is within 20 Mbit/s. In this case, insufficient bandwidth causes
slow Web page loading when ADSL users dialing through an agent dialer attached to the
modem access the Internet during the period from 19:00 to 23:30.
Procedure
Step 2 Run the interface interface-type interface-number command to enter the interface view.
Step 3 Run the undo traffic-policy { inbound | outbound } command to delete the traffic policy.
After the preceding operations, allowing the ADSL users using the agent dialer to experience
normal Web pages loading. The fault is rectified.
----End
Summary
Do check interface numbers used for transmitting a service before setting a traffic limit for the
service. In addition, if the service passes through a NAT device, such as a firewall or a NATenabled router, consider the impact of the NAT process before setting the traffic limit, preventing
an incorrect setting from affecting user traffic over an entire network.
1.9.4 Rate Limit Does Not Take Effect When Both Rate Limit and
Access Control Are Configured
Fault Symptom
Access control is configured on the Router A to discard UDP packets destined for specific
interfaces and rate limit is configured to limit the rate of the other data packets. After the
configuration is complete, it is found that rate limit does not take effect.
Figure 1-19 Networking diagram for Rate Limit Does Not Take Effect
Network
Network
RouterA
Fault Analysis
1.
Issue 02 (2011-09-10)
Run the display current-configuration command on the Router A.

25

1 QoS
acl number 3300

rule 0 deny udp destination-port eq dns
rule 1 deny udp destination-port eq snmp
rule 2 deny udp destination-port eq snmptrap
rule 3 deny udp destination-port eq syslog
traffic classifier udp-limit operator and
if-match acl 3300
traffic behavior udp-limit
car cir 1360000 cbs 1360000 pbs 0 green pass yellow discard red discard
traffic policy udp-limit
classifier udp-limit behavior udp-limit
interface gigabitethernet 1/0/0
traffic-policy udp-limit inbound
The preceding command output shows that after a data packet enters an interface, the packet is
matched against ACL rules. If the packet matches an ACL rule whose action is deny, the packet
is discarded. Packets that do not match any ACL rule are directly forwarded.
Therefore, to limit the rate of the data packets that do not match any ACL rule, you need to add
an ACL rule to implement the permit action on these packets. Then, rate limit takes effect with
these data packets.
Procedure
Step 1 Run the undo traffic-policy command in the interface view to cancel the traffic policy that is
applied to the interface.
Step 3 Run the undo traffic policy policy-name command to delete the traffic policy from the device.
Step 4 Run the traffic behavior udp-limit command to enter the traffic behavior view.
Step 5 Run the undo car command to cancel the configured traffic rate limit.
Step 6 Run the quit command to return to the system view.
Step 7 Run the acl [ number ] acl-number command to add an ACL.
Step 8 Run the rule rule-id permit any command to implement the permit action on the packets other
than the UDP packets destined for specific interfaces.
Step 10 Run the traffic classifier classifier-name command to configure a traffic classifier.
Step 11 Run the if-match acl acl-number command to define an ACL matching rule.
Step 13 Run the traffic behavior behavior-name command to configure a traffic behavior.
Step 14 Run the car cir 1360000 cbs 1360000 pbs 0 green pass yellow discard red discard command
to configure a rate limit for the packets that are allowed to pass.
Step 16 Run the traffic policy policy-name command to create a traffic policy and then run the
classifier classifier-name behavior behavior-name command to associate the traffic classifier
with the traffic behavior in the traffic policy.
Issue 02 (2011-09-10)

26

1 QoS
Step 17 Run the traffic-policy policy-name inbound command on the interface to apply the traffic
policy to the interface.
Step 18 Run the display current-configuration command to check the corresponding configurations.
acl number 3300
acl number 3301
rule 4 permit any
traffic classifier udp-limit operator or
if-match acl 3300
traffic classifier udp-limit1 operator or
if-match acl 3301
traffic behavior udp-limit1
classifier udp-limit1 behavior udp-limit1
interface gigabitEthernet 1/0/0
traffic policy udp-limit inbound
After the preceding operations, both access control and rate limit take effect. The fault is rectified.
----End
Summary
When configuring access control, you can use the parameter deny to discard packets. The other
packets that are not discarded are directly forwarded without rate limit by default. To limit the
rate of the packets that are not denied, you need to first configure an ACL rule to allow them to
pass. Then, configure traffic behaviors to limit the rate at which these packets are forwarded.
1.9.5 The DNS Server Cannot Be Accessed Due to Incorrect

Configurations of Traffic Classification
Fault Symptom
On the network shown in Figure 1-20, Router A functions as the egress. Rate limit is configured
for UDP packets other than DNS, SNMP, SNMP Trap, and Syslog packets in the inbound
direction of GE 1/0/0 on Router A. The rate of these UDP packets is limited to 1.3 Gbit/s. After
the configuration, a user on another network cannot access the DNS server on this network.
Issue 02 (2011-09-10)

27

1 QoS
Figure 1-20 Networking diagram of DNS service interruption caused by incorrect

configurations of traffic classification
RouterA
GE1/0/0
GE1/0/0
RouterB
GE1/0/1
GE1/0/1
RouterC
Fault Analysis
1.
After configurations of rate limit are deleted by using the undo car command in the traffic
behavior view on Router A, a user on another network can access the DNS server on this
network. Therefore, it can be concluded that the fault is caused by incorrect configurations.
2.
Run the display current-configuration command on Router A to check its configurations:

acl number 3300
rule 4 permit udp
traffic classifier udp-limit operator and
if-match acl 3300
The preceding information indicates that DNS, SNMP, SNMP Trap, and Syslog packets
are all denied. This is because these packets match the ACL rules whose action is deny.
As a result, these packets are directly discarded on Router A, and thus are not processed
based on the configured traffic behaviors.
Therefore, the actions in the rules of ACL 3300 need to be set to permit for DNS, SNMP,
SNMP Trap, and Syslog packets, and an ACL rule needs to be added to implement rate
limit on the other types of UDP packets.
Procedure
Step 1 Define ACL 3300 for DNS, SNMP, SNMP Trap, and Syslog packets, configure a traffic
classifier through the traffic classifier udp-limit command, configure a traffic behavior by using
the traffic behavior udp-limit command, and create a traffic policy by using the traffic policy
udp-limit command.
Step 2 Define ACL 3301 for UDP packets other than DNS, SNMP, SNMP Trap, and Syslog packets,
configure a traffic classifier through the traffic classifier udp-limit1 command, configure a
Issue 02 (2011-09-10)

28

1 QoS
traffic behavior by uing the traffic behavior udp-limit1 command, and create a traffic policy
by uing the traffic policy udp-limit1 command.
Step 3 Run the display current-configuration command on Router A to check the corresponding
configurations:
acl number 3300
rule 0 permit udp destination-port eq dns
rule 1 permit udp destination-port eq snmp
rule 2 permit udp destination-port eq snmptrap
rule 3 permit udp destination-port eq syslog
acl number 3301
rule 0 permit udp
traffic classifier udp-limit operator or
if-match acl 3300
traffic classifier udp-limit1 operator or
if-match acl 3301
traffic behavior udp-limit1
classifier udp-limit1 behavior udp-limit1
After matching ACL 3300, DNS, SNMP, SNMP Trap, and Syslog packets are forwarded based
on the traffic behavior configured through the traffic behavior udp-limit command. After
matching ACL 3301, UDP packets other than DNS, SNMP, SNMP Trap, and Syslog packets
are forwarded based on the traffic behavior configured in the traffic behavior udp-limit1
command.
After the preceding operations, a user on another network can access the DNS server on this
network and rate limit takes effect. The fault is rectified.
----End
Summary
An ACL not only classifies traffic but also permits or denies traffic, that is, forwards or discards
traffic. Therefore, make sure that packets that need to be rate limited are not discarded.
Issue 02 (2011-09-10)

29

Troubleshooting - QoS (V600R003C00 - 02)

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Troubleshooting - QoS (V600R003C00 - 02)

Uploaded by

Copyright:

Available Formats

HUAWEI NetEngine80E/40E Router

HUAWEI TECHNOLOGIES CO., LTD.

Copyright Huawei Technologies Co., Ltd. 2011. All rights reserved.

Trademarks and Permissions

Huawei Technologies Co., Ltd.

Huawei Industrial Base

Huawei Proprietary and Confidential

HUAWEI NetEngine80E/40E Router

About This Document

About This Document

This document describes the troubleshooting of HUAWEI NetEngine80E/40E with various

Installation and commissioning engineer

Technical support engineer

Huawei Proprietary and Confidential

HUAWEI NetEngine80E/40E Router

About This Document

Alerts you to a high risk hazard that could, if not avoided,

Provides a tip that may help you solve a problem or save

Provides additional information to emphasize or

Changes in Issue 02 (2011-09-10)

Changes in Issue 01 (2011-05-30)

Huawei Proprietary and Confidential

HUAWEI NetEngine80E/40E Router

Huawei Proprietary and Confidential

HUAWEI NetEngine80E/40E Router

1.8.3 Troubleshooting Procedure......................................................................................................................19

Huawei Proprietary and Confidential

HUAWEI NetEngine80E/40E Router

About This Chapter

Huawei Proprietary and Confidential

HUAWEI NetEngine80E/40E Router

1.1 Troubleshooting of 802.1P Simple Traffic Classification

1.1.1 Typical Networking

The solution in the above figure includes:

Send IP packet with DSCP as 10 from Router A.

1.1.2 Troubleshooting Flow

Huawei Proprietary and Confidential

HUAWEI NetEngine80E/40E Router

Figure 1-2 Troubleshooting flow of simple traffic classification

Modify the configuration

Modify the configuration

Configure the subinterface

No Configure trust 8021P

1.1.3 Troubleshooting Procedures

Huawei Proprietary and Confidential

HUAWEI NetEngine80E/40E Router

1.2 Troubleshooting of Complex Traffic Classification

1.2.1 Typical Networking

The solution in the above figure includes:

Send the vlan packet with 802.1p as 3 from Router A.

1.2.2 Troubleshooting Flow

Huawei Proprietary and Confidential

HUAWEI NetEngine80E/40E Router

Figure 1-4 Troubleshooting flow of complex traffic classification

Check the status of

Apply the traffic

1.2.3 Troubleshooting Procedures

Huawei Proprietary and Confidential

HUAWEI NetEngine80E/40E Router

l Up indicates that the interface is available.

Step 3 Check the traffic behavior configured

Step 4 Check the traffic policy configured

Step 5 Check the application of traffic policy on GE 8/0/1.1