Professional Documents
Culture Documents
No part of this manual may be reproduced or transmitted in any form or by any means without prior
written consent of Hangzhou H3C Technologies Co., Ltd.
Trademarks
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Preface
The H3C SR8800 documentation set includes 13 configuration guides, which describe the software
features for the H3C SR8800 10G Core Routers and guide you through the software configuration
procedures. These configuration guides also provide configuration examples to help you apply software
features to different network scenarios.
The ACL and QoS Configuration Guide describes ACL and QoS fundamentals and configurations. It
describes how to use ACLs or other match criteria to classify traffic into multiple classes and implement
per-class traffic control. ACL and QoS help you allocate limited network resources reasonably and
improve the network utilization. You can use HQoS to control internal resources of a router based on
policies. HQoS guarantees QoS for advanced users and saves the overall networking costs.
This preface includes:
Audience
Conventions
About the H3C SR8800 documentation set
Obtaining documentation
Technical support
Documentation feedback
Audience
This documentation is intended for:
Network planners
Field technical support and servicing engineers
Network administrators working with the SR8800 series
Conventions
This section describes the conventions used in this documentation set.
Command conventions
Convention Description
Boldface Bold text represents commands and keywords that you enter literally as shown.
Italic Italic text represents arguments that you replace with actual values.
[] Square brackets enclose syntax choices (keywords or arguments) that are optional.
Braces enclose a set of required syntax choices separated by vertical bars, from which
{ x | y | ... }
you select one.
Square brackets enclose a set of optional syntax choices separated by vertical bars, from
[ x | y | ... ]
which you select one or none.
Asterisk marked braces enclose a set of required syntax choices separated by vertical
{ x | y | ... } *
bars, from which you select at least one.
Convention Description
Asterisk marked square brackets enclose optional syntax choices separated by vertical
[ x | y | ... ] *
bars, from which you select one choice, multiple choices, or none.
The argument or keyword and argument combination before the ampersand (&) sign can
&<1-n>
be entered 1 to n times.
GUI conventions
Convention Description
Window names, button names, field names, and menu items are in Boldface. For
Boldface
example, the New User window appears; click OK.
> Multi-level menus are separated by angle brackets. For example, File > Create > Folder.
Symbols
Convention Description
An alert that calls attention to important information that if not understood or followed can
WARNING result in personal injury.
An alert that calls attention to important information that if not understood or followed can
CAUTION result in data loss, data corruption, or damage to hardware or software.
Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports
Layer 2 forwarding and other Layer 2 features.
Obtaining documentation
You can access the most up-to-date H3C product documentation on the World Wide Web
at http://www.h3c.com.
Click the links on the top navigation bar to obtain different categories of product documentation:
[Technical Support & Documents > Technical Documents] Provides hardware installation, software
upgrading, and software feature configuration and maintenance documentation.
[Products & Solutions] Provides information about products and technologies, as well as solutions.
[Technical Support & Documents > Software Download] Provides the documentation released with the
software version.
Technical support
service@h3c.com
http://www.h3c.com
Documentation feedback
You can e-mail your comments about product documentation to info@h3c.com.
We appreciate your comments.
Contents
Configuring ACLs 1
ACL overview 1
ACL categories 1
ACL numbering and naming 1
Match order 2
ACL rule numbering 3
Implementing time-based ACL rules3
IPv4 fragments filtering with ACLs 3
Flow templates 4
ACL application 4
ACL configuration task list 5
Configuring an ACL 5
Configuring a time range 5
Configuring a basic ACL 6
Configuring an advanced ACL 8
Configuring an Ethernet frame header ACL 10
Configuring a user-defined ACL 10
Copying an ACL 11
Configuring a flow template 12
Configuring an ACL rule length limit mode 13
Displaying and maintaining ACLs 13
ACL configuration examples 14
IPv4 ACL configuration example 14
IPv6 ACL configuration example 16
Flow template configuration example 17
ACL rule length limit mode configuration example 17
QoS overview 19
Introduction to QoS 19
Networks without QoS guarantee 19
QoS requirements of new applications 19
Congestion: causes, impacts, and countermeasures 20
Causes 20
Impacts 20
Countermeasures 20
Major traffic management technologies 21
i
Configuring a QoS policy 29
QoS policy overview 29
Traffic classification overview 29
Traffic classification 29
Packet precedences 30
QoS policy configuration procedure 32
Defining a class 32
Defining a traffic behavior 33
Defining a policy 34
Applying the QoS policy 35
QoS policy configuration example 36
Displaying and maintaining QoS policies 37
ii
Configuring aggregation CAR 59
Aggregation CAR overview 59
Referencing aggregation CAR in a traffic behavior 59
Configuration prerequisites 59
Configuration procedure 59
Configuration example 59
Displaying and maintaining aggregation CAR 60
Configuring FR QoS 66
Overview 66
Why FRTS 66
How FRTS works 66
Configuring FR QoS 67
FR QoS configuration task list 67
Creating and configuring an FR class 67
Configuring FRTS 68
Displaying and maintaining FR QoS 69
FR QoS configuration example 69
FRTS configuration example 69
Configuring HQoS 71
HQoS overview 71
Introduction to HQoS 71
How HQoS works 71
Terminology 72
HQoS configuration task list 73
HQoS basic configuration 75
Configuring an forwarding class 75
Configuring a drop profile 75
Configuring an forwarding profile 76
Configuring an forwarding group 78
Configuring an scheduler policy 80
Instantiating an forwarding group 81
Applying an scheduler policy to an interface 83
Copying an forwarding group or scheduler policy 84
Copying an forwarding group 84
Copying an scheduler policy 85
Displaying and maintaining HQoS 85
HQoS configuration examples 85
HQoS configuration example I 86
HQoS configuration example II 92
Index 98
iii
Configuring ACLs
NOTE:
Unless otherwise stated, ACLs refer to both IPv4 and IPv6 ACLs throughout this document.
In this documentation, SPC cards refer to the cards prefixed with SPC, for example, SPC-GT48L. SPE
cards refer to the cards prefixed with SPE, for example, SPE-1020-E-II.
ACL overview
An access control list (ACL) is a set of rules (or permit or deny statements) for identifying traffic based on
criteria such as source IP address, destination IP address, and port number.
ACLs are primarily used for packet filtering. A packet filter drops packets that match a deny rule and
permits packets that match a permit rule. ACLs are also used by many modules, for example, QoS and
IP routing, for traffic identification.
ACL categories
Category ACL number IP version Match criteria
IPv4 Source IPv4 address
Basic ACLs 2000 to 2999
IPv6 Source IPv6 address
1
for an IPv6 basic or advanced ACL, among all IPv6 ACLs. You can assign an IPv4 ACL the same number
and name as an IPv6 ACL.
Match order
The rules in an ACL are sorted in certain order. When a packet matches a rule, the device stops the
match process and performs the action defined in the rule. If an ACL contains overlapping or conflicting
rules, the matching result and action to take depend on the rule order.
The following ACL match orders are available:
configSorts ACL rules in ascending order of rule ID. A rule with a lower ID is matched before a
rule with a higher ID. If you use this approach, check the rule content and order carefully.
autoSorts ACL rules in depth-first order. Depth-first ordering guarantees that any subset of a rule
is always matched before the rule. Table 1 lists the sequence of tie breakers that depth-first ordering
uses to sort rules for each type of ACL.
NOTE:
The match order of user-defined ACLs can only be config.
2
NOTE:
A wildcard mask, also called an inverse mask, is a 32-bit binary and represented in dotted decimal
notation. In contrast to a network mask, the 0 bits in a wildcard mask represent 'do care' bits, and the 1
bits represent 'dont care' bits. If the 'do care' bits in an IP address are identical to the 'do care' bits in an
IP address criterion, the IP address matches the criterion. All 'dont care' bits are ignored. The 0s and 1s
in a wildcard mask can be noncontiguous. For example, 0.255.0.255 is a valid wildcard mask.
3
Provides ACL-based firewalls with standard and exact match modes for matching ACLs that contain
advanced attributes such as TCP/UDP port number and ICMP type. Standard match is the default
mode. It considers only Layer 3 attributes. Exact match considers all header attributes defined in
IPv4 ACL rules. For more information, see Security Configuration Guide.
Flow templates
Flow templates are sets of criteria based on header fields such as source IP address, destination IP
address, source TCP port, and destination TCP port. Flow templates apply only to hardware-based ACLs.
You use a flow template to limit the match criteria that can be applied to an interface. ACL rules that
contain any criterion beyond the flow template on an interface cannot be assigned to hardware.
There are default flow templates and user-defined templates, where a user-defined template can be basic
or extended. By default, an interface uses the default flow template.
ACL application
You can use ACLs in QoS, packet-filter firewall, routing, and other technologies for identifying traffic. For
examples of ACL application, see ACL configuration examples.
1. The inbound packet-filter firewall, policy-based routing (PBR), and QoS policy on an interface
process an incoming packet as shown in Figure 1.
Figure 1 Incoming packet processing procedure
An incoming packet
arrives
Packet-filter firewall
Yes
Match a deny rule? Drop
No
PBR
No
QoS policy
2. The outbound packet-filter firewall and QoS policy on an interface process an outgoing packet as
shown in Figure 2.
4
Figure 2 Outgoing packet processing procedure
An outgoing packet
arrives
Packet-filter firewall
deny permit
rule rule
Drop Find a match? Forward
No
QoS policy
For information about packet-filter firewall configuration, see Security Configuration Guide. For
information about policy-based routing, see Layer 3IP Routing Configuration Guide. For information
about and QoS policy configuration, see the chapter " Configuring a QoS policy."
Task Remarks
Optional
Configuring a time range
Applicable to IPv4 and IPv6 ACLs.
Optional
Copying an IPv4 ACL
Applicable to IPv4 and IPv6 ACLs.
Optional
Configuring a flow template
Applicable to IPv4 and IPv6 ACLs.
Configuring an ACL
Configuring a time range
To configure a time range:
5
Step Command Remarks
time-range time-range-name By default, no time range exists.
{ start-time to end-time days [ from Repeat this command with the
2. Configure a time range. time1 date1 ] [ to time2 date2 ] | same time range name to create
from time1 date1 [ to time2 date2 ] multiple statements for a time
| to time2 date2 } range.
You can create multiple statements in a time range. The active period of a time range is calculated as
follows:
1. Combining all periodic statements
2. Combining all absolute statements
3. Taking the intersection of the two statement sets as the active period of the time range
You can create a maximum of 256 time ranges, each with a maximum of 32 periodic statements and 12
absolute statements.
Optional.
3. Configure a description
description text By default, an IPv4 basic ACL has no
for the IPv4 basic ACL.
ACL description.
Optional.
6. Configure or edit a rule
rule rule-id comment text By default, an IPv4 ACL rule has no rule
description.
description.
6
Step Command Remarks
7. Enable rule match Optional.
counting for the IPv4 hardware-count enable By default, rule match counting is
basic ACL. disabled.
Optional.
3. Configure a description for
description text By default, an IPv6 basic ACL has
the IPv6 basic ACL.
no ACL description.
Optional.
4. Set the rule numbering step. step step-value
The default setting is 5.
Optional.
6. Configure or edit a rule
rule rule-id comment text By default, an IPv6 basic ACL rule
description.
has no rule description.
Optional.
7. Enable rule match counting
hardware-count enable By default, rule match counting is
for the IPv6 basic ACL.
disabled.
NOTE:
When configuring IPv6 basic ACLs for a QoS policy that is to be applied to an SPC card, you must set the
ACL rule length limit to 80 bytes. For more information about the ACL rule length limit, see ACL and QoS
Command Reference.
7
Configuring an advanced ACL
Configuring an IPv4 advanced ACL
IPv4 advanced ACLs match packets based on source and destination IP addresses, protocols over IP, and
other protocol header information, such as TCP/UDP source and destination port numbers, TCP flags,
ICMP message types, and ICMP message codes.
IPv4 advanced ACLs also allow you to filter packets based on these priority criteria: type of service (ToS),
IP precedence, and differentiated services codepoint (DSCP) priority.
Compared to IPv4 basic ACLs, IPv4 advanced ACLs allow more flexible and accurate filtering.
To configure an IPv4 advanced ACL:
Optional.
3. Configure a description for
description text By default, an IPv4 advanced ACL
the IPv4 advanced ACL.
has no ACL description.
Optional.
4. Set the rule numbering step. step step-value
The default setting is 5.
Optional.
6. Configure or edit a rule
rule rule-id comment text By default, an IPv4 advanced ACL
description.
rule has no rule description.
8
Step Command Remarks
Optional.
7. Enable rule match counting
hardware-count enable By default, rule match counting is
for the IPv4 advanced ACL.
disabled.
Optional.
6. Configure or edit a rule
rule rule-id comment text By default, an IPv6 advanced
description.
ACL rule has no rule description.
9
NOTE:
When configuring IPv6 advanced ACLs for a QoS policy that is to be applied to an SPC card, you must set
the ACL rule length limit to 80 bytes. For more information about the ACL rule length limit, see ACL and
QoS Command Reference.
Optional.
3. Configure a description for
the Ethernet frame header description text By default, an Ethernet frame
ACL. header ACL has no ACL
description.
Optional.
4. Set the rule numbering step. step step-value
The default setting is 5.
Optional.
6. Configure or edit a rule By default, an Ethernet frame
rule rule-id comment text
description. header ACL rule has no rule
description.
10
NOTE:
This feature is available only on SPC cards.
User-defined ACLs allow you to customize rules based on information in protocol headers such as the IP
header. You can define a user-defined ACL to deny or permit packets in which a specific number of bytes
after the specified offset (relative to the specified header), matches the specified match pattern after
being ANDed with a match pattern mask.
To configure a user-defined ACL:
Optional.
4. Configure a description for
description text By default, a user-defined ACL has
the user-defined ACL.
no ACL description.
Optional.
6. Configure or edit a rule
rule rule-id comment text By default, a user-defined ACL rule
description.
has no rule description.
Optional.
7. Enable rule match counting
hardware-count enable By default, rule match counting is
for the user-defined ACL.
disabled.
Copying an ACL
You can create an ACL by copying an existing ACL. The new ACL has the same properties and content
as the source ACL, but not the same ACL number and name.
To successfully copy an ACL, make sure that:
The destination ACL number is from the same category as the source ACL number.
The source ACL already exists but the destination ACL does not.
11
Step Command
1. Enter system view. system-view
2. Copy an existing IPv4 ACL to create a new IPv4 acl copy { source-acl-number | name source-acl-name }
ACL. to { dest-acl-number | name dest-acl-name }
Step Command
1. Enter system view. system-view
flow-template flow-template-name
basic { customer-vlan-id | dip |
dmac | dport | dscp |
ethernet-protocol | fragments |
2. Create a flow template. N/A
icmp-code | icmp-type |
ip-precedence | ip-protocol |
mpls-exp | service-cos | sip | smac
| sport | tcp-flag | tos } *
Optional.
4. Apply the flow template to the interface
flow-template flow-template-name The default one applies
or port group.
by default.
12
NOTE:
The user-defined flow template you are applying to an interface must already exist.
You can apply only one user-defined flow template on an interface.
The default flow template defines five fields: the source IP address, destination IP address, source port
number, destination port number, and protocol type.
When the length limit for the match criteria in an ACL rule is 18 bytes for an SPE card, available
parameters of the default flow template are sip, dip, ip-protocol, sport, and dport.
When the length limit for the match criteria in an ACL rule is 36 bytes for an SPE card, available
parameters of the default flow template are sip, dip, ip-protocol, sport, dport, icmp-code, icmp-type,
tos, dscp, ip-precedence, mpls-exp, tcp-flag, and fragment.
NOTE:
The limit mode setting is saved automatically, but it takes effect only after you restart your router.
The limit mode setting does not take effect on an SPE card with an ATM subcard.
The limit mode setting does not take effect for IPv6 ACLs on an SPE card.
When configuring IPv6 ACLs for a QoS policy that is to be applied to an SPC card, you must set the ACL
rule length limit to 80 bytes. For more information about the ACL rule length limit, see ACL and QoS
Command Reference.
Display the ACL rule length limit display acl mode [ | { begin | exclude |
Available in any view
mode. include } regular-expression ]
13
Task Command Remarks
display acl resource [ | { begin | exclude |
Display the usage of ACL rules. Available in any view
include } regular-expression ]
Clear statistics for one or all IPv4 reset acl counter { acl-number | all | name
Available in user view
ACLs. acl-name }
Clear statistics for one or all IPv6 reset acl ipv6 counter { acl6-number | all |
Available in user view
basic and advanced ACLs. name acl6-name }
Configuration procedure
1. Create a time range for office hours:
14
# Create a periodic time range spanning 8:00 to 18:00 in working days.
<Device> system-view
[Device] time-range trname 8:00 to 18:00 working-day
2. Configure an ACL to control accesses to the salary server:
# Create and enter the view of advanced IPv4 ACL 3000.
[Device] acl number 3000
# Create a rule to control access of the Presidents Office to the salary server.
[Device-acl-adv-3000] rule 1 permit ip source 129.111.1.2 0.0.0.0 destination
129.110.1.2 0.0.0.0
[Device-acl-adv-3000] quit
# Create and enter the view of advanced IPv4 ACL 3100.
[Device] acl number 3100
# Create a rule to control accesses of other departments to the salary server.
[Device-acl-adv-3100] rule 2 permit ip source any destination 129.110.1.2 0.0.0.0
time-range trname
[Device-acl-adv-3100] quit
3. Apply the ACL:
# Configure traffic classification.
[Device] traffic classifier c1
[Device-classifier-c1] if-match acl 3000
[Device-classifier-c1] quit
[Device] traffic classifier c2
[Device-classifier-c2] if-match acl 3100
[Device-classifier-c2] quit
4. Configure traffic behavior:
# Configure traffic behavior.
[Device] traffic behavior b1
[Device-behavior-b1] filter permit
[Device-behavior-b1] quit
[Device] traffic behavior b2
[Device-behavior-b2] filter deny
[Device-behavior-b2] quit
5. Associate classification rules and actions:
# Configure a QoS policy.
[Device] qos policy p1
[Device-qospolicy-p1] classifier c1 behavior b1
[Device-qospolicy-p1] classifier c2 behavior b2
[Device-qospolicy-p1] quit
6. Apply the QoS policy:
# Apply the QoS policy to the outbound direction of interface GigabitEthernet 2/1/1.
[Device] interface GigabitEthernet 2/1/1
[Device-GigabitEthernet2/1/1] qos apply policy p1 outbound
15
IPv6 ACL configuration example
Network requirements
Perform packet filtering in the inbound direction of interface GigabitEthernet 2/1/1 to deny all IPv6
packets but those with source addresses in the range 4050::9000 to 4050::90FF.
Configuration procedure
1. Create ACLs:
# Create an IPv6 ACL 2000.
<Sysname> system-view
[Sysname] acl ipv6 number 2000
[Sysname-acl6-basic-2000] rule permit source 4050::9000/120
# Create an IPv6 ACL 2100.
[Sysname] acl ipv6 number 2100
[Sysname-acl6-basic-2100] rule permit source any
[Sysname-acl6-basic-2000] quit
2. Apply the ACL:
# Configure traffic classification.
[Sysname] traffic classifier c1
[Sysname-classifier-c1] if-match acl ipv6 2000
[Sysname-classifier-c1] quit
[Sysname] traffic classifier c2
[Sysname-classifier-c2] if-match acl ipv6 2100
[Sysname-classifier-c2] quit
3. Configure traffic behaviors:
# Configure traffic behavior.
[Sysname] traffic behavior b1
[Sysname-behavior-b1] filter permit
[Sysname-behavior-b1] quit
[Sysname] traffic behavior b2
[Sysname-behavior-b2] filter deny
[Sysname-behavior-b2] quit
4. Associate traffic classification rules and actions:
# Configure a QoS policy.
[Sysname] qos policy p1
[Sysname-qospolicy-p1] classifier c1 behavior b1
[Sysname-qospolicy-p1] classifier c2 behavior b2
[Sysname-qospolicy-p1] quit
5. Apply the QoS policy:
# Apply QoS policy to the outbound direction of interface GigabitEthernet2/1/1.
[Sysname] interface GigabitEthernet 2/1/1
[Sysname-GigabitEthernet2/1/1] qos apply policy p1 outbound
16
Flow template configuration example
Network requirements
Create flow templates and apply them to interfaces.
Configuration procedure
# Create basic user-defined flow template aaa.
<Sysname> system-view
[Sysname] flow-template aaa basic smac customer-vlan-id
# Delete user-defined flow template aaa. As it is being referenced by interface Gigabitethernet 2/1/1,
remove it from the interface first.
[Sysname] interface Gigabitethernet 2/1/1
[Sysname-GigabitEthernet2/1/1] undo flow-template
[Sysname-GigabitEthernet2/1/1] quit
[Sysname] undo flow-template name aaa
17
Configuration procedure
# Set the ACL rule length limit mode to 3.
<Sysname> system-view
[Sysname] acl mode 3
ACL has been set to mode 3, and will take effect after the next system reboot.
18
QoS overview
NOTE:
In this documentation, SPC cards refer to the cards prefixed with SPC, for example, SPC-GT48L, and SPE
cards refer to the cards prefixed with SPE, for example, SPE-1020-E-II.
Introduction to QoS
In data communications, Quality of Service (QoS) is the ability of a network to provide differentiated
service guarantees for diversified traffic in terms of bandwidth, delay, jitter, and drop rate.
Network resources are always scarce. The contention for resources requires QoS to prioritize important
traffic flows over trivial ones. When making a QoS scheme, a network administrator must consider the
characteristics of various applications to balance the interests of diversified users and fully utilize network
resources.
19
Congestion: causes, impacts, and countermeasures
Network congestion is a key factor to degrade the service quality of a traditional network. Congestion
refers to the fact that the forwarding rates are decreased due to insufficient resources, resulting in extra
delay and degrading the quality.
Causes
Congestion easily occurs in complex packet switching circumstances in the Internet, Figure 4 shows some
common cases.
Figure 4 Traffic congestion causes
100M
(1) (2)
The traffic enters a router from a high-speed link and is forwarded over a low-speed link.
The packet flows enter a router from several interfaces and are forwarded out an interface, whose
speed is smaller than the sum of the incoming interfaces.
When traffic arrives at the line speed, congestion may occur due to the network resource bottleneck.
Besides the link bandwidth bottleneck, congestion can also be caused by resource shortages (such as
insufficient processor time, buffer, and memory). In addition, congestion may occur if the arriving traffic
is not managed efficiently, thus resulting in inadequate network resources.
Impacts
Congestion can bring the following negative results:
Increased delay and jitter during packet transmission
Decreased network throughput and resource use efficiency
Network resource (memory, in particular) exhaustion and even system breakdown
Congestion hinders resource assignment for traffic and degrades service performance. Congestion is
unavoidable in switched networks and multi-user application environments. To improve the service
performance of your network, you must address the congestion issues.
Countermeasures
A simple solution for congestion is to increase network bandwidth. However, this solution cannot solve all
the problems that cause congestion because you cannot increase network bandwidth infinitely.
A more effective solution is to provide differentiated services for different applications through traffic
control and resource allocation. In this way, resources can be used more properly. During resources
allocation and traffic control, the direct or indirect factors that might cause network congestion must be
controlled to reduce the probability of congestion. Once congestion occurs, resource allocation must be
20
performed according to the characteristics and demands of applications to minimize the effects of
congestion.
As shown in Figure 5, traffic classification, traffic shaping, traffic policing, congestion management, and
congestion avoidance mainly implement the following functions:
Traffic classification uses certain match criteria to assign packets with the same characteristics to a
class. Based on classes, you can provide differentiated services.
Traffic policing polices flows entering or leaving a device. You can apply traffic policing to both
incoming and outgoing traffic of a port. When a flow exceeds the pre-set threshold, some restriction
or punishment measures can be taken to prevent overconsumption of network resources.
Traffic shaping proactively adapts the output rate of traffic to the network resources available on the
downstream device to eliminate packet drop. Traffic shaping is usually applied to the outgoing
traffic of a port.
Congestion management provides a resource scheduling policy to arrange the forwarding
sequence of packets when congestion occurs. Congestion management is usually applied to the
outgoing traffic of a port.
Congestion avoidance monitors the usage status of network resources and is usually applied to the
outgoing traffic of a port. As congestion becomes worse, it actively reduces the queue length by
dropping packets.
21
Configuring traffic shaping and line rate
22
A token bucket has the following configurable parameters:
Mean rateRate at which tokens are put into the bucket, or the permitted average rate of traffic. It
is also called the committed information rate (CIR).
Burst sizeCapacity of the token bucket, or the maximum traffic size that is permitted in each burst.
It is also called the committed burst size (CBS). The set burst size must be greater than the
maximum packet size.
One evaluation is performed on each arriving packet. In each evaluation, if the number of tokens in the
bucket is enough, the traffic conforms to the specification and the tokens for forwarding the packet are
taken away; if the number of tokens in the bucket is not enough, it means that too many tokens have been
used and the traffic is excessive.
Complicated evaluation
You can set two token buckets, bucket C and bucket E, to evaluate traffic in a more complicated
environment and achieve more policing flexibility. For example, traffic policing uses the following
parameters:
CIRRate at which tokens are put into bucket C, that is, the average packet transmission or
forwarding rate allowed by bucket C.
CBSSize of bucket C, that is, transient burst of traffic that bucket C can forward.
Peak information rate (PIR)Rate at which tokens are put into bucket E, that is, the average packet
transmission or forwarding rate allowed by bucket E.
Excess burst size (EBS)Size of bucket E, that is, transient burst of traffic that bucket E can forward.
Figure 7 Two-bucket structure
The two-bucket structure is as shown in Figure 7. CBS is implemented with bucket C and EBS with bucket
E. In each evaluation, packets are measured against the following bucket scenarios:
If bucket C has enough tokens, packets are colored green.
If bucket C does not have enough tokens but bucket E has enough tokens, packets are colored
yellow.
If neither bucket C nor bucket E has sufficient tokens, packets are colored red.
Traffic policing
A typical application of traffic policing is to supervise the specification of certain traffic entering a
network and limit it within a reasonable range, or to discipline the extra traffic to prevent aggressive
use of network resources by a certain application. For example, you can limit bandwidth for HTTP
packets to less than 50% of the total. If the traffic of a certain session exceeds the limit, traffic policing can
drop the packets or reset the IP precedence of the packets.
Traffic policing is widely used in policing traffic into the networks of internet service providers (ISPs). It can
classify the policed traffic and perform pre-defined policing actions based on different evaluation results.
These actions include the following:
Forwarding the packets whose evaluation result is conforming
Dropping the packets whose evaluation result is nonconforming
23
Modifying the IP precedence of the packets whose evaluation result is conforming and
forwarding them
Modifying the IP precedence of the packets whose evaluation result is conforming and delivering
them into the next-level Traffic policing
Entering the next-level policing (you can set multiple traffic policing levels with each level focusing
on specific objects)
Traffic shaping
Traffic shaping limits the outbound traffic rate by buffering exceeding traffic. You can use traffic shaping
to adapt the traffic output rate on a device to the input traffic rate of its connected device to avoid packet
loss.
The difference between traffic policing and GTS is that packets to be dropped in traffic policing are
cached in a buffer or queue in GTS, as shown in Figure 8. When the token bucket has enough tokens,
these cached packets are sent at an even rate. Traffic shaping may result in an additional delay, but
traffic policing does not.
Figure 8 GTS
For example, in Figure 9, Router B performs traffic policing on packets from Router A and drops packets
exceeding the limit. To avoid packet loss, you can perform traffic shaping on the outgoing interface of
Router A so packets exceeding the limit are cached in Router A. Once resources are released, traffic
shaping takes out the cached packets and sends them out.
Figure 9 GTS application
24
Line rate
The line rate of a physical interface specifies the maximum rate for forwarding packets (including critical
packets).
Line rate also uses token buckets for traffic control. With line rate configured on an interface, all packets
to be sent through the interface are first handled by the token bucket at line rate. If the token bucket has
enough tokens, packets can be forwarded. Otherwise, packets are put into QoS queues for congestion
management. In this way, the traffic passing the physical interface is controlled.
Figure 10 Line rate implementation
The token bucket mechanism limits traffic rate and accommodates bursts. It allows bursty traffic to be
transmitted as long as enough tokens are available. If tokens are inadequate, packets cannot be
transmitted until efficient tokens are generated in the token bucket. It restricts the traffic rate to the rate for
generating tokens.
Line rate limits the total rate of all packets on a physical interface. It is easier to use than traffic policing
in controlling the total traffic rate on a physical interface.
25
Step Command Remarks
NOTE:
Do not configure a CIR exceeding the interface bandwidth. Otherwise, the configuration will fail.
Do not configure the qos lr command and the qos gts any command on the same interface or port
group at the same time.
26
Task Command Remarks
display qos gts interface
Display interface GTS [ interface-type interface-number ]
Available in any view
configuration information. [ | { begin | exclude | include }
regular-expression ]
Configuration procedure
# Enter system view.
<Sysname> system-view
3. Configure the line rate qos lr outbound cir By default, the CBS is the traffic
for the interface or committed-information-rate [ cbs transmitted at the rate of CIR in 500
port group. committed-burst-size ] ms.
27
NOTE:
Do not configure a CIR exceeding the interface bandwidth. Otherwise, the configuration will fail.
The qos lr command is available for the interfaces on the subcards PIC-GP10L, PIC-GP20R, and
PIC-GT20R.
The first time you configure the qos lr, queue ef bandwidth, queue af bandwidth, queue wfq, or
remark local-precedence command for a subinterface, you must use the undo qos lr command to
disable line rate on the main interface if none of these commands is configured on any other
subinterfaces.
Do not configure the qos lr command and the qos gts any command on the same interface or port
group at the same time.
28
Configuring a QoS policy
Class
Classes identify traffic.
A class is identified by a class name and contains some match criteria.
You can define a set of match criteria to classify packets, and the relationship between criteria can be
one of the following:
andThe router considers that a packet belongs to a class only when the packet matches all the
criteria in the class.
orThe router considers that a packet belongs to a class as long as the packet matches one of the
criteria in the class.
Traffic behavior
A traffic behavior, identified by a name, defines a set of QoS actions for packets.
Policy
A policy associates a class with a traffic behavior.
You can configure multiple class-to-traffic behavior associations in a policy.
29
Packet precedences
This section introduces IP precedence, ToS precedence, differentiated services codepoint (DSCP) values,
802.1p priority, and EXP values.
1. IP precedence, ToS precedence, and DSCP values
Figure 11 DS field and ToS bytes
As shown in Figure 11, the ToS field in the IP header contains eight bits: the first three bits (0 to 2)
represent IP precedence from 0 to 7; the subsequent four bits (3 to 6) represent a ToS value from 0 to 15.
According to RFC 2474, the ToS field is redefined as the differentiated services (DS) field, where a DSCP
value is represented by the first six bits (0 to 5) and ranges from 0 to 63. The remaining two bits (6 and
7) are reserved.
Table 2 Description on IP Precedence
1 001 priority
2 010 immediate
3 011 flash
4 100 flash-override
5 101 critical
6 110 internet
7 111 network
In a network in the Diff-Serve model, traffic is grouped into the following classes, and packets are
processed according to their DSCP values:
Expedited forwarding (EF) classIn this class, packets are forwarded regardless of link share of
other traffic. The class is suitable for preferential services requiring low delay, low packet loss, low
jitter, and high bandwidth.
Assured forwarding (AF) classThis class is divided into four subclasses (AF 1 to AF 4), each
containing three drop priorities for more granular classification. The QoS level of the AF class is
lower than that of the EF class.
Class selector (CS) classThis class is derived from the IP ToS field and includes eight subclasses.
Best effort (BE) classThis class is a special CS class that does not provide any assurance. AF traffic
exceeding the limit is degraded to the BE class. All IP network traffic belongs to this class by default.
30
Table 3 Description on DSCP values
10 001010 af11
12 001100 af12
14 001110 af13
18 010010 af21
20 010100 af22
22 010110 af23
26 011010 af31
28 011100 af32
30 011110 af33
34 100010 af41
36 100100 af42
38 100110 af43
8 001000 cs1
16 010000 cs2
24 011000 cs3
32 100000 cs4
40 101000 cs5
48 110000 cs6
56 111000 cs7
0 000000 be (default)
2. 802.1p priority
802.1p priority lies in Layer 2 packet headers and is applicable to occasions where Layer 3
header analysis is not needed and QoS must be assured at Layer 2.
Figure 12 An Ethernet frame with an 802.1Q tag header
802.1Q
Destination Source header FCS
Length/Type Data
Address Address (CRC-32)
TPID TCI
As shown in Figure 12, the 4-byte 802.1Q tag header consists of the tag protocol identifier (TPID, two
bytes in length), whose value is 0x8100, and the tag control information (TCI, two bytes in length). Figure
13 presents the format of the 802.1Q tag header.
31
Figure 13 802.1Q tag header
The priority in the 802.1Q tag header is called 802.1p priority, because its use is defined in IEEE
802.1p. Table 4 presents the values for 802.1p priority.
Table 4 Description on 802.1p priority
1 001 background
2 010 spare
3 011 excellent-effort
4 100 controlled-load
5 101 video
6 110 voice
7 111 network-management
3. EXP values
The EXP field lies in MPLS labels for QoS purposes.
Figure 14 MPLS label structure
As shown in Figure 14, the EXP field is 3 bits long and ranges from 0 to 7.
Defining a class
To define a class, specify its name and then configure the match criteria in class view.
32
Configuration procedure
To define a class:
Configuration example
1. Network requirements
Configure a class named test_class. Packets with the destination MAC address 0050-BA27-BED3
belong to the class.
2. Configuration procedure
# Enter system view.
<Sysname> system-view
# Define a class and enter class view.
[Sysname] traffic classifier test_class
# Define a match criterion.
[Sysname-classifier-test_class] if-match destination-mac 0050-ba27-bed3
Configuration procedure
To define a traffic behavior:
33
Step Command Remarks
redirect { cpu | next-hop { ipv4-add
[ track track-entry-number ] [ ipv4-add
[ track track-entry-number ] ] | ipv6-add
10. Redirect traffic to a specified [ interface-type interface-number ] [ track
target. track-entry-number ] [ ipv6-add
[ interface-type interface-number ] [ track
track-entry-number ] ] } [ fail-action
{ discard | forward } ] | vpn-instance
vpn-instance-name }
11. Set the DSCP value for
packets. remark dscp dscp-value
NOTE:
The priority mapping table to be included in the primap pre-defined command must be configured
beforehand. For more information, see the chapter Configuring priority mapping.
For an ordinary port in an isolation group, only the following commands take effect on its incoming
traffic: accounting, filter deny, car cir committed-information-rate red discard, and mirror-to.
In a traffic behavior, redirecting traffic to the CPU, redirecting traffic to the next hop, and redirecting
traffic to a VPN-instance cannot co-exist and the one configured the last overwrites the previous one.
Defining a policy
In a policy, you can define multiple class-behavior associations, and these associations are matched in
the order they are configured. A behavior is performed for an associated class of packets. In this way,
various QoS features can be implemented.
To define a policy:
34
Step Command Remarks
1. Enter system view. system-view N/A
2. Create a policy and enter policy view. qos policy policy-name N/A
3. Associate a class with a behavior in the classifier tcl-name behavior
policy. N/A
behavior-name
4. Display the information about a QoS display qos policy user-defined Optional.
policy information or a traffic behavior [ policy-name [ classifier tcl-name ] ] [ |
{ begin | exclude | include } Available in any
associated with a QoS policy. view
regular-expression ]
NOTE:
VLANs do not support user-defined flow templates. In case an interface referencing a user-defined flow
template and a VLAN on the interface have been each associated with a module QoS command (MQC)
policy in the same direction, the one on the interface takes effect and the one on the VLAN do not take
effect.
35
NOTE:
You can apply QoS policies to all physical interfaces except interfaces configured with X.25 or LAPB.
The QoS policy applied to the outgoing traffic on an interface does not regulate local packets. Local
packets refer to the critical protocol packets sent by the local system for maintaining the normal
operation of the router. To avoid drop of local packets, QoS does not process them. Commonly used
local packets include link maintenance packets, IS-IS packets, OSPF packets, RIP packets, BGP packets,
LDP packets, RSVP packets, and SSH packets.
Step Command
1. Enter system view. system-view
2. Apply the QoS policy to one or multiple VLANs. qos vlan-policy policy-name vlan vlan-id-list { inbound
| outbound }
NOTE:
You cannot apply QoS policies to dynamic VLANs, for example, VLANs created by GVRP.
Step Command
1. Enter system view. system-view
2. Apply the QoS policy globally. qos apply policy policy-name global { inbound |
outbound }
NOTE:
If the hardware resources of an interface card are insufficient, applying a QoS policy globally may fail
on the interface card. The system does not automatically roll back the QoS policy configuration already
applied to the main processing unit or other interface cards. To ensure consistency, you must use the
undo qos apply policy global command to manually remove the QoS policy configuration applied to
them.
The qos apply policy global command is available only on the SPC cards.
36
# Create a QoS policy test_policy.
<Sysname> system-view
[Sysname] qos policy test_policy
[Sysname-qospolicy-test_policy] classifier test_class behavior test_behavior
[Sysname-qospolicy-test_policy] quit
# Apply the QoS policy test_policy to the incoming traffic of GigabitEthernet 2/1/1.
[Sysname] interface GigabitEthernet2/1/1
[Sysname-GigabitEthernet2/1/1] qos apply policy test_policy inbound
[Sysname-GigabitEthernet2/1/1] quit
# Apply the QoS policy test_policy to the incoming traffic of the specified VLANs.
[Sysname] qos vlan-policy test_policy vlan 200 300 400 500 600 700 800 900 inbound
37
Configuring hardware congestion
management
38
Weighted fair queuing
NOTE:
WFQ is applicable to only SPE cards.
WFQ is an enhancement to fair queuing (FQ). FQ is designed for fairly sharing network resources,
reducing delay and jitter of traffic. To this end, FQ takes many aspects into consideration to guarantee
fairness among different queues and packets of different sizes during scheduling to
Prevent packets in low-priority queues from being starved.
Minimize jitter between packets in each stream by preferentially scheduling short packets in case
both large packets and short packets are waiting in the queues.
Compared with FQ, WFQ takes weights into account when determining the queue scheduling order.
Statistically, WFQ gives high priority traffic more scheduling opportunities than low priority traffic. When
dequeuing packets, WFQ assigns the outgoing interface bandwidth to each traffic flow by precedence.
The higher precedence a traffic flow has, the more bandwidth it gets.
For example, assume that three flows exist on the current interface, with the precedence 1, 2, and 3
respectively. The total bandwidth quota is 6, that is, the sum of all the precedence values. The bandwidth
percentage assigned to each flow is (precedence value of the flow)/total bandwidth quota. Thus, the
bandwidth percentages for the flows are 1/6, 2/6, and 3/6 respectively.
Hardware WFQ provides multiple queues, each with its individual weight.
NOTE:
Queue 0 is a BE queue, queues 1 through 4 are AF queues, queue 5 and queue 6 are EF queues, and
queue 7 is a NC queue. Different types of queues are scheduled by SP, and queues of the same type are
scheduled based on their weights.
39
CBQ
Class-based queuing (CBQ) extends WFQ by supporting user-defined classes. CBQ assigns an
independent reserved FIFO queue for each user-defined class to buffer data of the class. When network
congestion occurs, CBQ enqueues packets by user-defined match criteria. Before that, congestion
avoidance actions such as tail drop or weighted random early detection (WRED) and bandwidth
restriction check are performed before packets are enqueued. When being dequeued, packets are
scheduled by WFQ.
CBQ provides an emergency queue to enqueue emergent packets. The emergency queue is a FIFO
queue without bandwidth restriction. However, delay sensitive flows like voice packets may not be
transmitted timely in CBQ since packets are fairly treated. To solve this issue, Low Latency Queuing (LLQ)
was introduced to combine PQ and CBQ to transmit delay sensitive flows like voice packets
preferentially.
When defining traffic classes for LLQ, you can configure a class of packets to be transmitted preferentially.
Such a class is called a priority class. The packets of all priority classes are assigned to the same priority
queue. Bandwidth restriction on each class of packets is checked before the packets are enqueued.
During the dequeuing operation, packets in the priority queue are transmitted first. WFQ dequeues
packets in the other queues.
In order to reduce the delay of the other queues except the priority queue, LLQ assigns the maximum
available bandwidth for each priority class. The bandwidth value polices traffic during congestion.
When no congestion is present, a priority class can use more than the bandwidth assigned to it. During
congestion, the packets of each priority class exceeding the assigned bandwidth are discarded. LLQ can
also specify burst-size.
In a QoS policy, the class-behavior associations take effect in the order they are configured, and the one
configured first takes effect first. Similarly, the match criteria configured in a class take effect in the order
they are configured, and the one configured first takes effect first. Therefore, when you configure a QoS
policy, configure the class-behavior associations in the order of EF, AF, and BE.
Configuration procedure
To configure basic WFQ queuing:
40
Step Command Remarks
Optional.
Configuration example
Network requirements
Configure the weights of queue 2, queue 3, and queue 4 as 5, 10, and 20, respectively.
Configuration procedure
# Enter system view.
<Sysname> system-view
Configuring CBQ
To configured CBQ:
1. Create a class and define a set of traffic match criteria in class view.
2. Create a traffic behavior, and define a group of QoS features in traffic behavior view.
3. Create a policy, and associate a traffic behavior with a class in policy view.
4. Apply the QoS policy to the outgoing traffic of an interface.
Defining a class
For how to define a class, see the chapter Configuring a QoS policy.
NOTE:
To make sure that the traffic not entering the EF and AF queues enters the BE queue (the default priority
queue), you must configure a default class that permits any traffic, and use the default class in the last
class-behavior association of the QoS policy.
41
Defining a traffic behavior
To define a traffic behavior, you should first create the traffic behavior with a name specified and then
configure attributes for it in traffic behavior view.
Step Command
1. Enter system view. system-view
2. Create a traffic behavior and enter traffic
behavior view. traffic behavior behavior-name
NOTE:
You cannot configure the queue af command together with the queue ef or queue wfq command in the
same traffic behavior.
You can apply this traffic behavior only to the outgoing traffic of an interface.
The guaranteed bandwidth specifies the bandwidth that is guaranteed for the AF traffic, regardless of
congestion on the interface. The AF traffic exceeding the guaranteed bandwidth and the BE traffic
compete for bandwidth. The forwarding for the exceeding AF traffic depends on the congestion
conditions on the interface.
Step Command
1. Enter system view. system-view
2. Create a traffic behavior and enter traffic
behavior view. traffic behavior behavior-name
3. Configure EF and the guaranteed bandwidth. queue ef bandwidth bandwidth [ cbs burst ]
NOTE:
You cannot configure the queue ef command together with any of the commands queue af, queue wfq,
and wred in the same traffic behavior.
You can apply this behavior only to the outgoing traffic of an interface.
The bandwidth argument ranges from 64 to 10000000 in kbps. The burst argument ranges from 1600
to 1000000000 in bytes. If the burst argument is not configured, it is 25 times of the bandwidth
argument.
The guaranteed bandwidth specifies the bandwidth that is guaranteed for the EF traffic, regardless of
congestion on the interface. The forwarding for the EF traffic exceeding the guaranteed bandwidth
depends on the congestion conditions on the interface.
Configuring WFQ
To configure WFQ:
42
Step Command
1. Enter system view. system-view
2. Create a traffic behavior and enter traffic
behavior view. traffic behavior behavior-name
NOTE:
You cannot configure the queue wfq command together with the queue ef or queue af command in the
same traffic behavior.
You can apply this behavior only to the outgoing traffic of an interface.
NOTE:
You cannot configure the wred command together with the queue ef command in the same traffic
behavior.
Before configuring the wred [ dscp | ip-precedence ] command, make sure that you have configured
the queue af or queue wfq command.
You can apply this behavior to only the outgoing traffic of an interface.
43
Step Command Remarks
1. Enter system view. system-view N/A
NOTE:
Depending on the match criteria configured in classes of a QoS policy, you may need to apply a flow
template to an interface before applying the QoS policy to the interface.
You can apply a QoS policy containing a CBQ action only to the outgoing traffic of an interface.
The QoS policy applied to the outgoing traffic on an interface does not regulate local packets. Local
packets refer to the critical protocol packets sent by the local system for maintaining the normal
operation of the router. To avoid drop of local packets, QoS does not process them. Commonly used
local packets include link maintenance packets, IS-IS packets, OSPF packets, RIP packets, BGP packets,
LDP packets, RSVP packets, and SSH packets.
An RPR interface does not support CBQ.
You can apply a QoS policy containing a CBQ action only to an interface.
To apply a QoS policy to an ATM interface, configure the ATM interface as the P2P type.
To guarantee that a QoS policy containing a CBQ action works properly, do not configure a GTS action
or any of the queuing features (queue ef, queue af, and queue wfq) in the QoS policy.
Frame relay traffic shaping (FRTS) on an MFR interface may affect the operation of CBQ. Therefore, do
not configure a FRTS action together with a CBQ action in a QoS policy applied to an MFR interface.
You cannot apply a QoS policy containing a CBQ action to an HQoS-configured interface. You cannot
configure HQoS on an interface configured with a QoS policy containing a CBQ action.
In a QoS policy, make sure that the sum of bandwidth assigned to EF queues, AF queues, and BE queues
does not exceed the actual bandwidth of the target interface. Otherwise, CBQ does not work as
expected.
44
Perform EF for traffic with the DSCP value EF and set the guaranteed bandwidth to 30 Mbps.
Before performing the configuration, make sure that:
Router C can reach Router D through Router A and Router B.
The DSCP fields have been set for the traffic before the traffic enters Router A.
Figure 17 Network diagram
Configuration procedure
Configure Router A
# Define three classes to match the IP packets with the DSCP values AF11, AF21 and EF respectively.
<RouterA> system-view
[RouterA] traffic classifier ef_class
[RouterA-classifier-ef_class] if-match dscp ef
[RouterA-classifier-ef_class] quit
[RouterA] traffic classifier af11_class
[RouterA-classifier-af11_class] if-match dscp af11
[RouterA-classifier-af11_class] quit
[RouterA]traffic classifier af21_class
[RouterA-classifier-af21_class] if-match dscp af21
[RouterA-classifier-af21_class] quit
# Define a traffic behavior named ef_behav, configure EF in the behavior, and set the guaranteed
bandwidth to 30720 kbps.
[RouterA] traffic behavior ef_behav
[RouterA-behavior-ef_behav] queue ef bandwidth 30720
[RouterA-behavior-ef_behav] quit
# Define a traffic behavior af11_behav, configure AF in the traffic behavior, and set the guaranteed
bandwidth to 5120 kbps. Configure traffic behavior af21_behav in a similar way.
[RouterA] traffic behavior af11_behav
[RouterA-behavior-af11_behav] queue af bandwidth 5120
45
[RouterA-behavior-af11_behav] quit
[RouterA] traffic behavior af21_behav
[RouterA-behavior-af21_behav] queue af bandwidth 5120
[RouterA-behavior-af21_behav] quit
# Define a traffic behavior named be_behav, configure WFQ in the traffic behavior, and configure the
drop mode as WRED.
[RouterA] traffic behavior be_behav
[RouterA-behavior-be_behav] queue wfq
[RouterA-behavior-be_behav] wred
[RouterA-behavior-be_behav] quit
# Create a QoS policy named dscp, and associate the defined classes with the behaviors as needed.
[RouterA] qos policy dscp
[RouterA-qospolicy-dscp] classifier ef_class behavior ef_behav
[RouterA-qospolicy-dscp] classifier af11_class behavior af11_behav
[RouterA-qospolicy-dscp] classifier af21_class behavior af21_behav
[RouterA-qospolicy-dscp] classifier be_class behavior be_behav
[RouterA-qospolicy-dscp] quit
# Apply QoS policy dscp to the outgoing traffic of interface GigabitEthernet 3/1/1.
[RouterA-GigabitEthernet3/1/1] qos apply policy dscp outbound
[RouterA-GigabitEthernet3/1/1] quit
# After the configuration, display the QoS policy configuration on interface GigabitEthernet 3/1/1 to
verify the configuration.
[RouterA] display qos policy interface GigabitEthernet 3/1/1 outbound
Interface: GigabitEthernet3/1/1
Direction: Outbound
Policy: dscp
Classifier: ef_class
Operator: AND
Rule(s) : If-match dscp ef
Behavior: ef_behav
Expedited Forwarding:
Bandwidth 30720 (Kbps), CBS 768000 (Bytes)
Matched : 100/6400 (Packets/Bytes)
Enqueued : 100/6400 (Packets/Bytes)
Discarded: 0/0 (Packets/Bytes)
Classifier: af11_class
Operator: AND
Rule(s) : If-match dscp af11
Behavior: af11_behav
Assured Forwarding:
Bandwidth 5120 (Kbps)
Matched : 50/3200 (Packets/Bytes)
Enqueued : 50/3200 (Packets/Bytes)
Discarded: 0/0 (Packets/Bytes)
Classifier: af21_class
Operator: AND
46
Rule(s) : If-match dscp af21
Behavior: af21_behav
Assured Forwarding:
Bandwidth 5120 (Kbps)
Matched : 50/3200 (Packets/Bytes)
Enqueued : 50/3200 (Packets/Bytes)
Discarded: 0/0 (Packets/Bytes)
Classifier: be_class
Operator: AND
Rule(s) : If-match acl 3000
Behavior: be_behav
Flow Based Weighted Fair Queuing
Matched : 1000/128000 (Packets/Bytes)
Discard Method: IP Precedence based WRED
47
Configuring priority mapping
48
up-up: User-to-user priority mapping table.
up-dp: User-to-drop priority mapping table.
up-lp: User-to-local priority mapping table.
up-rpr: User-to-RPR priority mapping table.
up-fc: User-to-forwarding-class priority mapping table.
up-exp: User-to-EXP priority mapping table.
For more information about forwarding classes, see the chapter Configuring HQoS.
NOTE:
You can use the display qos map-table command to display the configured priority mapping tables.
The user precedence represents the 802.1p priority for Layer-2 packets, the IP precedence for Layer-3
packets, and the EXP precedence for MPLS packets.
Configuration prerequisites
Decide on the new mapping values.
Configuration procedure
To configure a priority mapping table:
49
NOTE:
In a DSCP-to-DSCP priority mapping table, only entries with an odd number as the input can take effect.
To configure a DSCP-to-DSCP mapping for an even source DSCP value, use the even source DSCP value
plus one as the input value. For example, to create a mapping for source DSCP precedence 4, you need
to use 5 as the input value for the mapping.
Configuration example
Network requirements
Configure an up-dot1p priority mapping table as shown in Table 5.
Table 5 The dot1p-lp mapping for green packets
1 0
2 1
3 1
4 2
5 2
6 3
7 3
Configuration procedure
# Enter system view.
50
<Sysname> system-view
Configuration prerequisites
Decide on a priority for the port.
Configuration procedure
To configure port priority:
Configuration example
Network requirements
Set the priority of the port to 7.
Configuration procedure
# Enter system view.
<Sysname> system-view
51
Configuring the port to trust packet priority for
priority mapping
You can configure the router to trust a particular priority field carried in packets for priority mapping on
a port. On a router supporting trusted priority type configuration, the priority mapping process for
packets is shown in Priority mapping overview.
Configuration procedure
To configure the trusted priority type:
Configuration example
Network requirements
Configure the trusted priority type as auto.
Configuration procedure
<Sysname> system-view
[Sysname] interface GigabitEthernet 2/1/1
[Sysname-GigabitEthernet2/1/1] qos trust auto
52
Task Command Remarks
display qos trust interface
Display the trusted priority type [ interface-type interface-number ]
Available in any view
and port priority of the port. [ | { begin | exclude | include }
regular-expression ]
Configuration procedure
# Enter system view.
<Router> system-view
# Enter inbound up-up priority mapping table view and modify the priority mapping table parameters.
[Router] qos map-table inbound up-up
[Router-maptbl-in-up-up] import 0 1 export 0
[Router-maptbl-in-up-up] import 2 3 export 1
[Router-maptbl-in-up-up] import 4 5 export 2
[Router-maptbl-in-up-up] import 6 7 export 3
[Router-maptbl-in-up-up] quit
53
# Configure the trusted priority type as auto for GigabitEthernet 2/1/2.
[Router] interface GigabitEthernet 2/1/2
[Router-GigabitEthernet2/1/2] qos trust auto
[Router-GigabitEthernet2/1/2] quit
54
Configuring congestion avoidance
55
formula: average queue size=previous average queue size(1-2-n)+Current queue size 2-n, where n can
be configured with the qos wred weighting-constant command.
Configuration methods
You can configure WRED by configuring a WRED table in system view and then apply the WRED table
to an interface.
56
Denominator for drop probability calculationThe bigger the denominator is, the smaller the
calculated drop probability is.
57
WRED configuration example
Network requirements
Apply a queue-based WRED table to interface GigabitEthernet 2/1/1.
Configuration procedure
# Enter system view
<Sysname> system-view
# Create a queue-based WRED table named queue-table1, and modify the lower and upper thresholds
and drop probability for each queue.
NOTE:
Configure the lower and upper thresholds for each queue in the WRED table depending on the interface
buffer size, which varies by interface type.
58
Configuring aggregation CAR
Configuration procedure
To reference aggregation CAR in a traffic behavior:
Configuration example
# Specify the aggregation CAR aggcar-1 to use the following parameters: CIR is 200, CBS is 2,000, and
red packets are dropped. Reference aggregation CAR aggcar-1 in traffic behavior be1.
<Sysname> system-view
[Sysname] qos car aggcar-1 aggregative cir 200 cbs 2000 red discard
59
[Sysname] traffic behavior be1
[Sysname-behavior-be1] car name aggcar-1
60
Configuring a queue scheduling profile
NOTE:
Queue scheduling profile configuration is applicable to only SPC cards.
Queue 7 has the highest priority. Its packets are sent preferentially.
Queue 6 has the second highest priority. Packets in queue 6 are sent when queue 7 is empty.
Queue 3, queue 4, and queue 5 are scheduled according to their weights. When both queue 6
and queue 7 are empty, WRR group 1 is scheduled.
Queue 1 and queue 2 are scheduled according to their weights. WRR group 2 is scheduled when
queue 7, queue 6, queue 5, queue 4, and queue 3 are all empty.
Queue 0 has the lowest priority, and it is scheduled when all the other queues are empty.
61
Step Command Remarks
1. Enter system view. system-view N/A
2. Create a queue
scheduling profile and
enter queue scheduling qos qmprofile profile-name N/A
profile view.
NOTE:
Only one queue scheduling profile can be applied to an interface.
The queue IDs in a WRR group must be successive. If not, queue scheduling may be performed
inaccurately.
62
Queue scheduling profile configuration example
Network requirements
Configure a queue scheduling profile on GigabitEthernet 3/1/1 to do the following:
Assign queue 7 the highest priority to forward its packets preferentially.
Assign queue 4, queue 5, and queue 6 to WRR group 1 to schedule them according to their
weights, which are 1, 5, and 10, respectively. When queue 7 is empty, WRR group 1 is scheduled.
Assign queue 1, queue 2, and queue 3 to WRR group 2 to schedule them according to their weights,
which are 1, 10, and 20, respectively. When queues 4 to 7 are all empty, WRR group 2 is
scheduled.
Assign queue 0 the lowest priority. Queue 0 is scheduled when all the other queues are empty.
Configuration procedure
# Enter system view.
<Sysname> system-view
# Assign queue 4, queue 5, and queue 6 to WRR group 1, with the weight of 1, 5, and 10, respectively.
[Sysname-qmprofile-qm1] queue 4 wrr group 1 weight 1
[Sysname-qmprofile-qm1] queue 5 wrr group 1 weight 5
[Sysname-qmprofile-qm1] queue 6 wrr group 1 weight 10
# Assign queue 1, queue 2, and queue 3 to WRR group 2, with the weight of 1, 10, and 20, respectively.
[Sysname-qmprofile-qm1] queue 1 wrr group 2 weight 1
[Sysname-qmprofile-qm1] queue 2 wrr group 2 weight 10
[Sysname-qmprofile-qm1] queue 3 wrr group 2 weight 20
# Apply queue scheduling profile qm1 to the incoming traffic of GigabitEthernet 3/1/1.
[Sysname] interface gigabitethernet 3/1/1
[Sysname-GigabitEthernet3/1/1] qos apply qmprofile qm1
After the configuration is completed, GigabitEthernet 3/1/1 performs queue scheduling as specified in
queue scheduling profile qm1.
63
Configuring QoS traffic accounting
NOTE:
The per-port queue-based accounting function is enabled by default. You can use the display qos
queue-statistics interface command to view the statistics.
NOTE:
This feature is applicable to only the interfaces operating in bridge mode on SPC cards.
64
Task Command Remarks
display qos traffic-counter
{ inbound | outbound } { counter0
Display traffic statistics. | counter1 } slot slot-number [ | Available in any view
{ begin | exclude | include }
regular-expression ]
65
Configuring FR QoS
Overview
FR QoS allows you to deploy QoS (frame relay traffic shaping) on each PVC of an FR interface. By
configuring Committed Information Rate Allowed (CIR ALLOW), which is the transmitting rate an FR
network allows, you can guarantee CIR ALLOW for user data transmission when no congestion occurs in
the network.
Why FRTS
Frame Relay Traffic Shaping (FRTS) limits traffic of packets and bursty packets sent from a PVC, so that
these packets can be transmitted at relatively even rate.
In an FR network, the bottleneck often occurs at the network segment juncture if the bandwidth of different
segments does not match. As shown in Figure 22, Router B transmits packets to Router A at the rate of 128
kbps whereas the maximum interface rate of Router A is only 64 kbps. Then, bottleneck occurs at the
place where Router A is connected to the FR network, and results in congestion that interrupts normal
data transmission. With FRTS applied on the outgoing interface Serial2/1/6:0 of Router B, the interface
can transmit packets at a relatively even rate of 64 kbps, and the network congestion is avoided.
Figure 22 FRTS implementation
FRTS is applied on the outgoing interfaces of the router. It allows you to configure the CIR ALLOW
parameter. FR PVCs can transmit packets at the rate of CIR ALLOW when the network is normal.
66
Figure 23 How a token bucket works
In the token bucket approach, packets requiring traffic control are put into the token bucket for processing
before being sent out. If enough tokens are available in the token bucket for sending these packets, the
packets are allowed to pass. If the number of tokens in the token bucket is not enough for sending these
packets, these packets are put into the FR class queue (the FRTS queue in FRTS implementation). Once
enough tokens are available in the token bucket, the packets are taken out of the FR class queue for
transmission. In this way, you can control the traffic of a certain class of packets. Tokens are in the unit
of bits.
The FR protocol-provisioned related parameters correspond to the FRTS parameters as such: CIR ALLOW
defines the number of tokens put into the token bucket per second.
Configuring FR QoS
FR QoS configuration task list
Complete the following tasks to configure FR QoS:
Task Remarks
Creating and configuring an FR class Required
67
Step Commands Remarks
1. Enter system
system-view N/A
view.
2. Create an FR
By default, no FR class
class and enter fr class class-name
is created.
FR class view.
3. Return to system
quit N/A
view.
(Approach I) Associate the FR class with an FR interface:
a. Enter FR interface view:
interface interface-type interface-number
b. Associate the FR class with the FR interface: Use either approach
4. Associate the FR fr-class class-name or all approaches.
class with an FR (Approach II) Associate the FR class with an FR PVC: By default, no FR class
interface or FR c. Enter FR interface view: is associated with an
PVC. interface interface-type interface-number FR PVC or an FR
d. Enter FR PVC view: interface.
fr dlci dlci
e. Associate the FR class with the FR PVC:
fr-class class-name
NOTE:
After using the fr class command to create an FR class, you can enter FR class view, where you can
configure parameters for FRTS. If you configure no parameters, the CIR is 56000 bps by default.
You can associate an FR class with an FR interface/subinterface or a DLCI. When an FR class is
associated with an FR main interface, it takes effect on all the DLCIs of the FR main interface, including
the DLCIs of the FR subinterfaces of the FR main interface. When an FR class is associated with an FR
subinterface, it takes effect on all the DLCIs of the FR subinterface. When an FR class is associated with
a DLCI, it takes effect on only the DLCI.
You can associate different FR classes with an FR main interface, its subinterfaces, and its DLCIs, and
these FR classes are in the ascending priority order.
To make the FR class configuration take effect, you must enable FRTS on the FR main interface.
Configuring FRTS
To configure FRTS:
interface interface-type
2. Enter FR interface view. N/A
interface-number
6. Set the CIR ALLOW for FR cir allow [ inbound | outbound ] Optional.
PVCs. committed-information-rate The default setting is 56000 bps.
68
NOTE:
FRTS is applied to the interfaces sending FR packets and is usually applied to the DTE side of an FR
network.
You can configure FRTS on only an FR main interface. The FRTS configuration takes effect on the FR main
interface and all the DLCIs of the FR subinterfaces.
Configuration procedure
# Create an FR class and configure FRTS parameters for the FR class.
<Router> system-view
[Router] fr class 96k
[Router-fr-class-96k] cir allow 96000
[Router-fr-class-96k] quit
69
[Router-Serial2/1/6:0] fr dlci 16
[Router-fr-dlci-Serial2/1/6:0-16] fr-class 96k
70
Configuring HQoS
HQoS overview
Introduction to HQoS
Quality of Service (QoS) is widely used in networks to ensure transmission quality and provide
differentiated service levels for various data flows.
In response to increased network users and service types, Ethernet devices are required not only to further
subdivide service traffic but also to uniformly manage and hierarchically schedule traffic by user in
addition to service. This is beyond the capability of traditional QoS.
Hierarchical Quality of Service (QoS) uniformly manages traffic and hierarchically schedules traffic by
user, network service, and application. It provides more granular traffic control and quality assurance
services than traditional QoS.
HQoS-capable devices can hierarchically classify and schedule traffic, for example, by both user and
application, and control internal resources based on policies at different levels. HQoS guarantees QoS
for advanced users and saves the overall networking costs.
71
Figure 25 How HQoS works
sp
s
gt
wrr
gt
s
2
Different from traditional single-layer QoS, HQoS manages traffic in scheduling queues at multiple levels
including physical level, logical level, and application level or service level. For example, at the physical
level, you can manage the total bandwidth of physical interfaces; at the logical level, you can manage
the per-user bandwidth of the interface; at the service level, you can manage per-application bandwidth
for a user. Through multi-level traffic management, HQoS helps service providers implement multi-service,
multi-user service management.
Terminology
Forwarding class
A forwarding class is a scheduling entity (a leaf node) in the scheduler policy tree. A forwarding
class corresponds to a scheduling queue. Packets are assigned to different scheduling queues
according to the specified mapping rules. The parameters associated with a forwarding class
determine the behavior of the scheduling queue.
As shown in Table 6, the system pre-defines four forwarding classes: BE, AF, EF, and NC, in the
descending order of priority.
Table 6 Predefined forwarding classes
72
Forwarding group
A forwarding group is a scheduling entity (a branch node) in the scheduler policy tree. Multiple
forwarding groups or forwarding classes can be nested in a forwarding group. A forwarding
group corresponds to a scheduler. The parameters associated with a forwarding group determine
the scheduling priority and bandwidth resources assigned to the forwarding group.
Forwarding profile
Forwarding profiles are scheduling rules configured for the scheduling entities in a scheduler
policy. A forwarding profile contains the scheduling priority, scheduling weight, shaping
parameters, and drop parameters. It determines the actions to take on the traffic passing the
forwarding class or forwarding group associated with the forwarding profile.
Drop profile
Drop profiles are drop rules defined for queues. As dropping packets is a traffic management
behavior, you must nest a drop profile within a forwarding profile for the drop profile to take
effect.
Scheduler policy
Scheduler policies are sets of scheduling entities. From an scheduler policy, a hierarchical tree of
schedule entities stretches out with forwarding groups at the second layer and forwarding classes
or other forwarding groups under the second-layer forwarding groups.
Scheduling layer
A scheduling layer indicates the nesting layer of a scheduling entity in the scheduler policy. A
forwarding group must match certain criteria at the corresponding layer.
Instantiation
Instantiation is a special match operation. A scheduling entity matches criteria in the instantiation
process. An instantiation entity is the result of instantiating a forwarding group. A forwarding
group can have multiple instances, with each using a distinct scheduler. The difference between
the instances of a forwarding group lies in only the instantiation rules.
Instantiation can be performed in one of the following modes:
{ Match modeYou must explicitly specify instantiation criteria for a forwarding group to be
instantiated.
{ Group modeYou do not need to specify instantiation criteria explicitly for a forwarding group
to be instantiated, but you must do that for the child forwarding groups in the forwarding group
to be instantiated.
73
Figure 26 HQoS configuration structure
As shown in Figure 26, the HQoS configuration procedure goes through the following phases:
1. Create scheduling entities and configure forwarding profiles for them. More specifically, create
nodes forwarding group A, forwarding group A1, forwarding group A2, forwarding group B,
forwarding group B1, and forwarding group B2 and configure traffic actions forwarding profile A,
forwarding profile A1, forwarding profile A2, forwarding profile B, forwarding profile B1,
forwarding profile B2.
2. Associate the scheduling entities with the forwarding profiles. More specifically, nest these nodes
(such as nesting forwarding group A1 and forwarding group A2 in forwarding group A, nest BE,
AF, EF, and NC in forwarding group A1) and then associate each node with its forwarding profile
(such as associating forwarding group A with forwarding profile A). In this phase, the nodes are
organized into a tree.
3. Instantiate forwarding groups. More specifically, configure match criteria for each node (for
example, assign packets of QoS-local-ID 11 through QoS-local-ID 20 to forwarding group A).
4. Apply the organized scheduler policy to an interface.
Complete the following tasks to configure HQoS:
Task Remarks
Configuring an forwarding class Optional
74
HQoS basic configuration
Configuring an forwarding class
In HQoS, a packet that arrives at a port is classified and mapped to a forwarding class before it can be
assigned to a scheduling queue.
Map traffic to forwarding classes in one the following methods:
Using a QoS policy to classify traffic into classes, configure the action of marking forwarding
classes in a traffic behavior, associate each traffic class with the traffic behavior in a QoS policy,
and then apply the QoS policy to an interface. Traffic classes are mapped to forwarding classes.
With this method, you can classify packets based on attributes such as packet priority, IP address,
MAC address, VLAN, and protocol type.
Using a user precedence-to-forwarding class (UP-to-forwarding class) mapping table to map
packets with certain user precedence to the forwarding class.
NOTE:
For how to configure QoS policies and UP-to-forwarding class mapping tables, see the chapters
Configuring a QoS policy and Configuring priority mapping.
Step Command
1. Enter system view. system-view
2. Create a traffic behavior and enter traffic
traffic behavior behaviorname
behavior view.
3. Configure the action of marking forwarding
remark forwarding-class { id fc-id | name fc-name }
classes.
75
Modifying the parameters of the user-defined drop profile
NOTE:
The default contents of a newly created drop profile are the same as those of the pre-defined drop profile.
76
Creating a user-defined forwarding profile
To create a user-defined forwarding profile:
Optional.
Optional.
By default, no minimum
5. Configure the minimum guaranteed bandwidth is
bandwidth bandwidth-value
guaranteed bandwidth. configured in a forwarding profile.
On the SR8800, this command
only applies to EF queues.
Optional.
77
NOTE:
A forwarding profile with GTS parameters configured takes effect at only the forwarding group-1 layer
and the forwarding group-2 layer for an Ethernet interface or POS interface, and only the forwarding
group-1 layer for other interfaces.
A forwarding profile with the minimum guaranteed bandwidth takes effect at only the forwarding
group-2 layer for an Ethernet interface or POS interface, and only the forwarding group-1 layer for other
interfaces.
A forwarding profile with WFQ weight parameters takes effect at only the forwarding group-1 layer and
the forwarding class layer for an Ethernet interface or POS interface, and only the forwarding class layer
for other interfaces.
A forwarding profile with a drop profile configured takes effect at only the forwarding class layer.
Modifying a forwarding profile that has been applied to an interface may fail due to insufficient
hardware resources.
Nesting an forwarding class in the forwarding group and associate the forwarding class with an
forwarding profile
When nesting a forwarding class in a forwarding group, you must associate the forwarding class with a
forwarding profile.
This forwarding profile defines the action that should be taken on the traffic assigned to the scheduling
queue of the forwarding class.
You can nest multiple forwarding classes in a forwarding group. A forwarding class can be nested in
multiple forwarding groups and associated with a distinct forwarding profile in each forwarding group.
78
To nest a forwarding class in the user-defined forwarding group:
Step Command
1. Enter system view. system-view
NOTE:
Each time you try to associate a forwarding class with a forwarding profile, the system checks the
contents of the forwarding profile. If the forwarding profile conflicts with the forwarding class, your
association attempt will fail.
In addition to nesting a new forwarding class in a forwarding group and associating a forwarding
profile with the newly nested forwarding class, the forwarding-class fc-name profile fp-name command
allows you to associate an existing forwarding class in a forwarding group with a new forwarding
profile.
You cannot nest a forwarding class in a forwarding group with nested forwarding groups.
Nesting a child forwarding group in the forwarding group and associate the child forwarding group
with an forwarding profile
When nesting a child forwarding group in another forwarding group, you must associate the child
forwarding group with a forwarding profile.
This forwarding profile defines the scheduling action that should be taken on the traffic of the child
forwarding group.
You can nest multiple forwarding groups in a forwarding group. A forwarding group can be nested in
multiple forwarding groups and associated with a distinct forwarding profile in each parent forwarding
group.
To nest a child forwarding group in the forwarding group:
Step Command
1. Enter system view. system-view
79
NOTE:
Each time you try to associate a forwarding group with a forwarding profile, the system checks the
contents of the forwarding profile. If the forwarding profile conflicts with the forwarding group, your
association attempt will fail.
In addition to nesting a new forwarding group in a forwarding group and associating a forwarding
profile with the newly nested forwarding group, the forwarding-group sub-fg-name profile fp-name
command allows you to associate an existing child forwarding group in a forwarding group with a new
forwarding profile.
You cannot nest a child forwarding group in a forwarding group with nested forwarding classes.
A forwarding group with child forwarding groups nested cannot be nested in another forwarding
group.
A forwarding group cannot nest itself.
A scheduler policy is a set of hierarchical scheduling entities. By applying a scheduler policy in the
outbound or inbound direction of an interface, you can perform hierarchical QoS for the outgoing or
incoming traffic of the interface.
You must create a scheduler policy before organizing forwarding groups and forwarding classes into a
scheduler policy tree.
Configuring a scheduler policy includes:
Creating an scheduler policy
Nesting forwarding groups in the scheduler policy
80
To nest a forwarding group in the user-defined scheduler policy:
Step Command
1. Enter system view. system-view
NOTE:
Each time you try to associate a forwarding group with a forwarding profile, the system checks the
contents of the forwarding profile. If the forwarding profile conflicts with the forwarding group, your
association attempt will fail.
In addition to nesting a new forwarding group in a scheduler policy and associating a forwarding
profile with the newly nested forwarding group, the forwarding-group sub-fg-name profile fp-name
command allows you to associate an existing forwarding group in a scheduler policy with a new
forwarding profile. Associating an instantiated forwarding group with a new forwarding profile can
cause all the instances of the forwarding group to replace the current forwarding profile with the new
forwarding profile.
The number of forwarding groups (including instances of forwarding groups) that can be nested at a
layer in the scheduler policy tree is limited. Once the limit is reached, your nesting attempt will fail.
Because forwarding group nodes on a scheduler policy tree must be unique, you cannot nest the same
forwarding group in the scheduler policy more than once. Forwarding group instances are not
considered here.
81
Figure 27 Instantiated forwarding groups in an scheduler policy
(User 1) FC-A
2-A
QoS-local-ID 10
FC-B
1- A 2-B
FC
(User 2) FC-A
QoS-local-ID 20 2-A
FC-B
1-A 2-B
0
FC
1-B 2-C
2- B
Figure 27 shows the results of a sample instantiation: forwarding group A at Layer 1 is instantiated by
QoS-local-ID into two instances with the same internal structure.
Instantiation mode
Instantiation can be performed in one of the following modes:
Match modeInstances created from the same forwarding group in this mode are differentiated by
their match criteria. Traffic satisfying the match criteria configured for a forwarding group enters the
scheduler of the forwarding group. Match criteria can be QoS-local IDs. You can mark a packet
with a QoS-local ID as needed, for example, based on its source IP address. Packets from different
IP address segments can be marked with different QoS-local IDs.
Group modeAn instance created in this mode is only a set of child forwarding groups nested in
the source forwarding group. No match criteria are configured for the source forwarding group.
However, the child forwarding groups nested in the source forwarding group must be configured
with match criteria.
Because forwarding classes cannot be instantiated, you cannot instantiate a forwarding group with
nested forwarding classes in the group mode.
82
Step Command Remarks
1. Enter system view. system-view N/A
NOTE:
When performing forwarding group instantiation, instantiate a parent forwarding group before
instantiating its child forwarding groups. Before removing instances of a parent forwarding group, you
must remove all instances of the child forwarding groups first.
To instantiate a parent forwarding group and its child forwarding groups in the match mode, the
instantiation rule of the parent node must be the sum of the instantiation rules of the child forwarding
groups, and the instantiation rules of child forwarding groups cannot overlap.
You can instantiate a forwarding group multiple times, but the instantiation rules must not overlap.
The pre-defined forwarding group nested in a scheduler policy has been instantiated in the group
mode. You cannot modify or remove the instantiation rule of the pre-defined forwarding group.
You can change the QoS-local ID of a packet by marking the QoS-local ID.
To set the QoS-local ID marking action for a traffic behavior:
Step Command
1. Enter system view. system-view
2. Create a behavior and enter behavior
traffic behavior behavior-name
view.
3. Configure the QoS-local ID marking
remark qos-local-id local-id-value
action for the traffic behavior.
4. Exit behavior view. quit
Configuration prerequisites
Before applying a scheduler policy to an interface, complete the following tasks:
Configure child nodes for all forwarding group nodes nested in the scheduler policy
Nest forwarding classes in a forwarding group with nested forwarding classes. Forwarding class
nesting of a forwarding group node is considered complete only when all the pre-defined
forwarding classes are nested.
Instantiate all forwarding group nodes in the scheduler policy tree. A forwarding group node that
has not been instantiated cannot appear in a scheduler policy tree.
83
Applying an scheduler policy to an interface
To apply a scheduler policy to an interface:
NOTE:
Only one scheduler policy can be applied to an interface at a time.
You cannot change the structure of a scheduler policy tree that has been applied to an interface.
However, you can associate a forwarding group or forwarding class with a new forwarding profile or
modify the contents of associated forwarding profiles in the scheduler policy tree. To change the
structure of the scheduler policy tree, for example, to add/remove forwarding class or forwarding group
nodes or perform instantiation, you must remove the scheduler policy from the interface first.
An HQoS scheduler policy is mutually exclusive with class-based queuing (CBQ) on an interface.
Step Command
1. Enter system view. system-view
84
Copying an scheduler policy
By copying a scheduler policy, only one destination scheduler policy can be generated. The number of
the destination scheduler policy is automatically assigned by the system.
Except the name and number, the destination scheduler policy is the same as the source scheduler policy,
including in instantiation rules.
To copy a scheduler policy:
Step Command
1. Enter system view. system-view
85
NOTE:
HQoS configuration example I and HQoS configuration example II are both applicable to Ethernet
interfaces and POS interfaces.
Only HQoS configuration example II is applicable to ATM interfaces, serial interfaces, and MP-group
interfaces.
Network requirements
Assume that the rate limit for the outgoing interface is 1000 Mbps.
Table 7 and Table 8 present the overall requirements for each service and the requirements for the user
groups of each service respectively.
Table 7 Requirements for the services
Requirements (right)
IP precedence Queue scheduling priority Rate limit
Service type (below)
VoIP 6, 7 Strict priority 100 Mbps
Requirements (right)
Number of groups Bandwidth assignment IP assignment
Service type (below)
VoIP service 2 Bandwidth sharing 10.1.1.X, 10.1.2.X
86
Requirements (right)
Number of groups Bandwidth assignment IP assignment
Service type (below)
Bandwidth sharing
Total bandwidth not
restricted, but 36
Mbps of the
maximum bandwidth
for each user group
40.1.1.X, 40.1.2.X,
Internet 5 (As all the other services 40.1.3.X, 40.1.4.X,
are rate limited, the 40.1.5.X
guaranteed bandwidth
for Internet traffic is 150
Mbps, providing a
minimum of 30 Mbps
bandwidth for each user
group.)
Configuration considerations
Map VoIP traffic with IP precedence 6 or 7 to the pre-defined forwarding class NC, VoD traffic with
IP precedence 4 or 5 to the pre-defined forwarding class EF, VPN traffic with IP precedence 2 or 3
to the pre-defined forwarding class AF, and Internet traffic with IP precedence 0 or 1 to the
pre-defined forwarding class BE.
Mark VoIP traffic, VoD traffic, VPN traffic, and Internet traffic with a QoS-local ID by source IP
address, and then map VoIP traffic, VoD traffic, VPN traffic, and Internet traffic each to a forwarding
group by QoS-local ID.
The user groups of the VoIP, VoD, VPN, and Internet services are each assigned to a distinct
forwarding group by instantiation.
Configuration procedure
1. Map different classes of traffic to forwarding classes.
87
As all traffic is differentiated by IP precedence, you can use the default UP-to-forwarding class
mapping table for mapping different classes of traffic to the pre-defined forwarding classes. To this
end, you must use the qos trust auto command on the incoming ports to specify the trusted priority
type.
<Router> system-view
[Router] interface GigabitEthernet 3/1/2
[Router-GigabitEthernet3/1/2] qos trust auto
[Router-GigabitEthernet3/1/2] quit
[Router] interface GigabitEthernet 3/1/3
[Router-GigabitEthernet3/1/3] qos trust auto
[Router-GigabitEthernet3/1/3] quit
[Router] interface GigabitEthernet 3/1/4
[Router-GigabitEthernet3/1/4] qos trust auto
[Router-GigabitEthernet3/1/4] quit
[Router] interface GigabitEthernet 3/1/5
[Router-GigabitEthernet3/1/5] qos trust auto
[Router-GigabitEthernet3/1/5] quit
2. Create forwarding profiles for the Layer-1 forwarding groups.
[Router] qos forwarding-profile voip
[Router-fp-voip] gts cir 100000
[Router-fp-voip] quit
[Router] qos forwarding-profile vod
[Router-fp-vod] gts cir 450000
[Router-fp-vod] quit
[Router] qos forwarding-profile vpn
[Router-fp-vpn] gts cir 300000
[Router-fp-vpn] quit
3. Create forwarding profiles for the Layer-2 forwarding groups.
[Router] qos forwarding-profile vpn-fg2
[Router-fp-vpn-fg2] gts cir 100000
[Router-fp-vpn-fg2] quit
[Router] qos forwarding-profile internet-fg2
[Router-fp-internet-fg2] gts cir 36000
[Router-fp-internet-fg2] quit
[Router] qos forwarding-profile empty
[Router-fp-empty] quit
4. Create forwarding profiles for the forwarding classes.
[Router] qos forwarding-profile vod-fc-1
[Router-fp-vod-fc-1] wfq weight 2
[Router-fp-vod-fc-1] quit
[Router] qos forwarding-profile vod-fc-2
[Router-fp-vod-fc-2] wfq weight 2
[Router-fp-vod-fc-2] quit
[Router] qos forwarding-profile vod-fc-3
[Router-fp-vod-fc-3] wfq weight 1
[Router-fp-vod-fc-3] quit
5. Nests the forwarding classes in the Layer-2 forwarding groups.
88
[Router] qos copy forwarding-group default to internet-fg2 voip-fg2 vod-fg2-1
vod-fg2-2 vod-fg2-3 vpn-fg2
[Router] qos forwarding-group vod-fg2-1
[Router-fg-vod-fg2-1] forwarding-class EF profile vod-fc-1
[Router-fg-vod-fg2-1] quit
[Router] qos forwarding-group vod-fg2-2
[Router-fg-vod-fg2-2] forwarding-class EF profile vod-fc-2
[Router-fg-vod-fg2-2] quit
[Router] qos forwarding-group vod-fg2-3
[Router-fg-vod-fg2-3] forwarding-class EF profile vod-fc-3
[Router-fg-vod-fg2-3] quit
6. Nest the Layer-2 forwarding groups in the Layer-1 forwarding groups.
[Router] qos forwarding-group voip
[Router-fg-voip] forwarding-group voip-fg2 profile empty
[Router-fg-voip] quit
[Router] qos forwarding-group vod
[Router-fg-vod] forwarding-group vod-fg2-1 profile empty
[Router-fg-vod] forwarding-group vod-fg2-2 profile empty
[Router-fg-vod] forwarding-group vod-fg2-3 profile empty
[Router-fg-vod] quit
[Router] qos forwarding-group vpn
[Router-fg-vpn] forwarding-group vpn-fg2 profile vpn-fg2
[Router-fg-vpn] quit
[Router] qos forwarding-group internet
[Router-fg-internet] forwarding-group internet-fg2 profile internet-fg2
[Router-fg-internet] quit
7. Mark traffic with a QoS-local ID based on the source IP address.
[Router] acl number 2001
[Router-acl-basic-2001] rule permit source 10.1.1.0 0.0.0.255
[Router-acl-basic-2001] acl number 2002
[Router-acl-basic-2002] rule permit source 10.1.2.0 0.0.0.255
[Router-acl-basic-2002] acl number 2101
[Router-acl-basic-2101] rule permit source 20.1.1.0 0.0.0.255
[Router-acl-basic-2101] acl number 2102
[Router-acl-basic-2102] rule permit source 20.1.2.0 0.0.0.255
[Router-acl-basic-2102] acl number 2103
[Router-acl-basic-2103] rule permit source 20.1.3.0 0.0.0.255
[Router-acl-basic-2103] acl number 2201
[Router-acl-basic-2201] rule permit source 30.1.1.0 0.0.0.255
[Router-acl-basic-2201] acl number 2202
[Router-acl-basic-2202] rule permit source 30.1.2.0 0.0.0.255
[Router-acl-basic-2202] acl number 2203
[Router-acl-basic-2203] rule permit source 30.1.3.0 0.0.0.255
[Router-acl-basic-2203] acl number 2204
[Router-acl-basic-2204] rule permit source 30.1.4.0 0.0.0.255
[Router-acl-basic-2204] acl number 2205
[Router-acl-basic-2205] rule permit source 30.1.5.0 0.0.0.255
[Router-acl-basic-2205] acl number 2301
89
[Router-acl-basic-2301] rule permit source 40.1.1.0 0.0.0.255
[Router-acl-basic-2301] acl number 2302
[Router-acl-basic-2302] rule permit source 40.1.2.0 0.0.0.255
[Router-acl-basic-2302] acl number 2303
[Router-acl-basic-2303] rule permit source 40.1.3.0 0.0.0.255
[Router-acl-basic-2303] acl number 2304
[Router-acl-basic-2304] rule permit source 40.1.4.0 0.0.0.255
[Router-acl-basic-2304] acl number 2305
[Router-acl-basic-2305] rule permit source 40.1.5.0 0.0.0.255
[Router-acl-basic-2305] quit
[Router] traffic classifier 1
[Router-classifier-1] if-match acl 2001
[Router-classifier-1] traffic classifier 2
[Router-classifier-2] if-match acl 2002
[Router-classifier-2] traffic classifier 101
[Router-classifier-101] if-match acl 2101
[Router-classifier-101] traffic classifier 102
[Router-classifier-102] if-match acl 2102
[Router-classifier-102] traffic classifier 103
[Router-classifier-103] if-match acl 2103
[Router-classifier-103] traffic classifier 201
[Router-classifier-201] if-match acl 2201
[Router-classifier-201] traffic classifier 202
[Router-classifier-202] if-match acl 2202
[Router-classifier-202] traffic classifier 203
[Router-classifier-203] if-match acl 2203
[Router-classifier-203] traffic classifier 204
[Router-classifier-204] if-match acl 2204
[Router-classifier-204] traffic classifier 205
[Router-classifier-205] if-match acl 2205
[Router-classifier-205] traffic classifier 301
[Router-classifier-301] if-match acl 2301
[Router-classifier-301] traffic classifier 302
[Router-classifier-302] if-match acl 2302
[Router-classifier-302] traffic classifier 303
[Router-classifier-303] if-match acl 2303
[Router-classifier-303] traffic classifier 304
[Router-classifier-304] if-match acl 2304
[Router-classifier-304] traffic classifier 305
[Router-classifier-305] if-match acl 2305
[Router-classifier-305] quit
[Router] traffic behavior 1
[Router-behavior-1] remark qos-local-id 1
[Router-behavior-1] traffic behavior 2
[Router-behavior-2] remark qos-local-id 2
[Router-behavior-2] traffic behavior 101
[Router-behavior-101] remark qos-local-id 101
[Router-behavior-101] traffic behavior 102
90
[Router-behavior-102] remark qos-local-id 102
[Router-behavior-102] traffic behavior 103
[Router-behavior-103] remark qos-local-id 103
[Router-behavior-103] traffic behavior 201
[Router-behavior-201] remark qos-local-id 201
[Router-behavior-201] traffic behavior 202
[Router-behavior-202] remark qos-local-id 202
[Router-behavior-202] traffic behavior 203
[Router-behavior-203] remark qos-local-id 203
[Router-behavior-203] traffic behavior 204
[Router-behavior-204] remark qos-local-id 204
[Router-behavior-204] traffic behavior 205
[Router-behavior-205] remark qos-local-id 205
[Router-behavior-205] traffic behavior 301
[Router-behavior-301] remark qos-local-id 301
[Router-behavior-301] traffic behavior 302
[Router-behavior-302] remark qos-local-id 302
[Router-behavior-302] traffic behavior 303
[Router-behavior-303] remark qos-local-id 303
[Router-behavior-303] traffic behavior 304
[Router-behavior-304] remark qos-local-id 304
[Router-behavior-304] traffic behavior 305
[Router-behavior-305] remark qos-local-id 305
[Router-behavior-305] quit
[Router] qos policy localid
[Router-qospolicy-localid] classifier 1 behavior 1
[Router-qospolicy-localid] classifier 2 behavior 2
[Router-qospolicy-localid] classifier 101 behavior 101
[Router-qospolicy-localid] classifier 102 behavior 102
[Router-qospolicy-localid] classifier 103 behavior 103
[Router-qospolicy-localid] classifier 201 behavior 201
[Router-qospolicy-localid] classifier 202 behavior 202
[Router-qospolicy-localid] classifier 203 behavior 203
[Router-qospolicy-localid] classifier 204 behavior 204
[Router-qospolicy-localid] classifier 205 behavior 205
[Router-qospolicy-localid] classifier 301 behavior 301
[Router-qospolicy-localid] classifier 302 behavior 302
[Router-qospolicy-localid] classifier 303 behavior 303
[Router-qospolicy-localid] classifier 304 behavior 304
[Router-qospolicy-localid] classifier 305 behavior 305
[Router-qospolicy-localid] quit
8. Create a scheduler policy and instantiate the forwarding groups.
[Router] qos scheduler-policy SP
[Router-sp-SP] forwarding-group voip profile voip
[Router-sp-SP] forwarding-group vod profile vod
[Router-sp-SP] forwarding-group vpn profile vpn
[Router-sp-SP] forwarding-group internet profile empty
[Router-sp-SP] layer 1
91
[Router-sp-SP-layer1] forwarding-group voip group
[Router-sp-SP-layer1] forwarding-group vod group
[Router-sp-SP-layer1] forwarding-group vpn group
[Router-sp-SP-layer1] forwarding-group internet group
[Router-sp-SP-layer1] layer 2
[Router-sp-SP-layer2] forwarding-group voip-fg2 match extended qos-local-id 1 2
[Router-sp-SP-layer2] forwarding-group vod-fg2-1 match qos-local-id 101
[Router-sp-SP-layer2] forwarding-group vod-fg2-2 match qos-local-id 102
[Router-sp-SP-layer2] forwarding-group vod-fg2-3 match qos-local-id 103
[Router-sp-SP-layer2] forwarding-group vpn-fg2 match extended qos-local-id 201 to 205
[Router-sp-SP-layer2] forwarding-group internet-fg2 match extended qos-local-id 301
to 305
[Router-sp-SP-layer2] quit
[Router-sp-SP] quit
9. Configure GTS on GigabitEthernet 3/1/1.
[Router] interface GigabitEthernet 3/1/1
[Router-GigabitEthernet3/1/1] qos gts any cir 1000000
10. Apply the scheduler policy SP and the QoS policy localid in the outbound direction of
GigabitEthernet 3/1/1.
[Router-GigabitEthernet3/1/1] qos apply scheduler-policy SP outbound
[Router-GigabitEthernet3/1/1] qos apply policy localid outbound
Network requirements
Assume that the rate limit for the outgoing interface is 16 Mbps.
Table 9 and Table 10 present the overall requirements for each service and the requirements for the user
groups of each service respectively.
Table 9 Requirements for the services
Requirements (right)
IP precedence Queue scheduling priority Rate limit
Service type (below)
VoIP 6, 7 Strict priority 2 Mbps
92
Table 10 Requirements for the user groups of each service
Requirements (right)
Number of groups IP assignment
Service type (below)
VoIP service 2 10.1.1.X, 10.1.2.X
qos-local- id Switch
201 to 205
GE
VPN 3/ 1 Router
/3
30 Mbps 16Mbps
WAN
20 Mbps /4 Mp-group 2/1/1
3/1
qos- local- id Switch GE
101 to 103
VoD
Configuration considerations
Map VoIP traffic with IP precedence 6 or 7 to the pre-defined forwarding class NC, VoD traffic with
IP precedence 4 or 5 to the pre-defined forwarding class EF, VPN traffic with IP precedence 2 or 3
to the pre-defined forwarding class AF, and Internet traffic with IP precedence 0 or 1 to the
pre-defined forwarding class BE.
Mark VoIP traffic, VoD traffic, VPN traffic, and Internet traffic with a QoS-local ID by source IP
address, and then map VoIP traffic, VoD traffic, VPN traffic, and Internet traffic each to a forwarding
group by QoS-local ID.
The user groups of the VoIP, VoD, VPN, and Internet services are each assigned to a distinct
forwarding group by instantiation.
Configuration procedure
1. Map different classes of traffic to forwarding classes.
As all traffic is differentiated by IP precedence, you can use the default UP-to-forwarding class
mapping table for mapping different classes of traffic to the pre-defined forwarding classes. To this
end, you must use the qos trust auto command on the incoming ports to specify the trusted priority
type.
<Router> system-view
93
[Router] interface GigabitEthernet 3/1/2
[Router-GigabitEthernet3/1/2] qos trust auto
[Router-GigabitEthernet3/1/2] quit
[Router] interface GigabitEthernet 3/1/3
[Router-GigabitEthernet3/1/3] qos trust auto
[Router-GigabitEthernet3/1/3] quit
[Router] interface GigabitEthernet 3/1/4
[Router-GigabitEthernet3/1/4] qos trust auto
[Router-GigabitEthernet3/1/4] quit
[Router] interface GigabitEthernet 3/1/5
[Router-GigabitEthernet3/1/5] qos trust auto
[Router-GigabitEthernet3/1/5] quit
2. Create the forwarding profiles for Layer-1 forwarding groups.
[Router] qos forwarding-profile voip
[Router-fp-voip] gts cir 2000
[Router-fp-voip] quit
[Router] qos forwarding-profile vod
[Router-fp-vod] gts cir 3000
[Router-fp-vod] quit
[Router] qos forwarding-profile vpn
[Router-fp-vpn] gts cir 4000
[Router-fp-vpn] quit
3. Create a forwarding profile for the forwarding class.
[Router] qos forwarding-profile empty
4. Nest forwarding classes in Layer-1 forwarding groups.
[Router] qos forwarding-group voip
[Router-hqos-fg-voip] forwarding-class BE profile empty
[Router-hqos-fg-voip] forwarding-class AF profile empty
[Router-hqos-fg-voip] forwarding-class EF profile empty
[Router-hqos-fg-voip] forwarding-class NC profile empty
[Router-fg-voip] quit
[Router] qos forwarding-group vod
[Router-fg-vod] forwarding-class BE profile empty
[Router-fg-vod] forwarding-class AF profile empty
[Router-fg-vod] forwarding-class EF profile empty
[Router-fg-vod] forwarding-class NC profile empty
[Router-fg-vod] quit
[Router] qos forwarding-group vpn
[Router-fg-vpn] forwarding-class BE profile empty
[Router-fg-vpn] forwarding-class AF profile empty
[Router-fg-vpn] forwarding-class EF profile empty
[Router-fg-vpn] forwarding-class NC profile empty
[Router-fg-vpn] quit
[Router] qos forwarding-group internet
[Router-fg-internet] forwarding-class BE profile empty
[Router-fg-internet] forwarding-class AF profile empty
[Router-fg-internet] forwarding-class EF profile empty
94
[Router-fg-internet] forwarding-class NC profile empty
[Router-fg-internet] quit
5. Mark traffic with a QoS-local ID based on the source IP address.
[Router] acl number 2001
[Router-acl-basic-2001] rule permit source 10.1.1.0 0.0.0.255
[Router-acl-basic-2001] acl number 2002
[Router-acl-basic-2002] rule permit source 10.1.2.0 0.0.0.255
[Router-acl-basic-2002] acl number 2101
[Router-acl-basic-2101] rule permit source 20.1.1.0 0.0.0.255
[Router-acl-basic-2101] acl number 2102
[Router-acl-basic-2102] rule permit source 20.1.2.0 0.0.0.255
[Router-acl-basic-2102] acl number 2103
[Router-acl-basic-2103] rule permit source 20.1.3.0 0.0.0.255
[Router-acl-basic-2103] acl number 2201
[Router-acl-basic-2201] rule permit source 30.1.1.0 0.0.0.255
[Router-acl-basic-2201] acl number 2202
[Router-acl-basic-2202] rule permit source 30.1.2.0 0.0.0.255
[Router-acl-basic-2202] acl number 2203
[Router-acl-basic-2203] rule permit source 30.1.3.0 0.0.0.255
[Router-acl-basic-2203] acl number 2204
[Router-acl-basic-2204] rule permit source 30.1.4.0 0.0.0.255
[Router-acl-basic-2204] acl number 2205
[Router-acl-basic-2205] rule permit source 30.1.5.0 0.0.0.255
[Router-acl-basic-2205] acl number 2301
[Router-acl-basic-2301] rule permit source 40.1.1.0 0.0.0.255
[Router-acl-basic-2301] acl number 2302
[Router-acl-basic-2302] rule permit source 40.1.2.0 0.0.0.255
[Router-acl-basic-2302] acl number 2303
[Router-acl-basic-2303] rule permit source 40.1.3.0 0.0.0.255
[Router-acl-basic-2303] acl number 2304
[Router-acl-basic-2304] rule permit source 40.1.4.0 0.0.0.255
[Router-acl-basic-2304] acl number 2305
[Router-acl-basic-2305] rule permit source 40.1.5.0 0.0.0.255
[Router-acl-basic-2305] quit
[Router] traffic classifier 1
[Router-classifier-1] if-match acl 2001
[Router-classifier-1] traffic classifier 2
[Router-classifier-2] if-match acl 2002
[Router-classifier-2] traffic classifier 101
[Router-classifier-101] if-match acl 2101
[Router-classifier-101] traffic classifier 102
[Router-classifier-102] if-match acl 2102
[Router-classifier-102] traffic classifier 103
[Router-classifier-103] if-match acl 2103
[Router-classifier-103] traffic classifier 201
[Router-classifier-201] if-match acl 2201
[Router-classifier-201] traffic classifier 202
[Router-classifier-202] if-match acl 2202
95
[Router-classifier-202] traffic classifier 203
[Router-classifier-203] if-match acl 2203
[Router-classifier-203] traffic classifier 204
[Router-classifier-204] if-match acl 2204
[Router-classifier-204] traffic classifier 205
[Router-classifier-205] if-match acl 2205
[Router-classifier-205] traffic classifier 301
[Router-classifier-301] if-match acl 2301
[Router-classifier-301] traffic classifier 302
[Router-classifier-302] if-match acl 2302
[Router-classifier-302] traffic classifier 303
[Router-classifier-303] if-match acl 2303
[Router-classifier-303] traffic classifier 304
[Router-classifier-304] if-match acl 2304
[Router-classifier-304] traffic classifier 305
[Router-classifier-305] if-match acl 2305
[Router-classifier-305] quit
[Router] traffic behavior 1
[Router-behavior-1] remark qos-local-id 1
[Router-behavior-1] traffic behavior 2
[Router-behavior-2] remark qos-local-id 2
[Router-behavior-2] traffic behavior 101
[Router-behavior-101] remark qos-local-id 101
[Router-behavior-101] traffic behavior 102
[Router-behavior-102] remark qos-local-id 102
[Router-behavior-102] traffic behavior 103
[Router-behavior-103] remark qos-local-id 103
[Router-behavior-103] traffic behavior 201
[Router-behavior-201] remark qos-local-id 201
[Router-behavior-201] traffic behavior 202
[Router-behavior-202] remark qos-local-id 202
[Router-behavior-202] traffic behavior 203
[Router-behavior-203] remark qos-local-id 203
[Router-behavior-203] traffic behavior 204
[Router-behavior-204] remark qos-local-id 204
[Router-behavior-204] traffic behavior 205
[Router-behavior-205] remark qos-local-id 205
[Router-behavior-205] traffic behavior 301
[Router-behavior-301] remark qos-local-id 301
[Router-behavior-301] traffic behavior 302
[Router-behavior-302] remark qos-local-id 302
[Router-behavior-302] traffic behavior 303
[Router-behavior-303] remark qos-local-id 303
[Router-behavior-303] traffic behavior 304
[Router-behavior-304] remark qos-local-id 304
[Router-behavior-304] traffic behavior 305
[Router-behavior-305] remark qos-local-id 305
[Router-behavior-305] quit
96
[Router] qos policy localid
[Router-qospolicy-localid] classifier 1 behavior 1
[Router-qospolicy-localid] classifier 2 behavior 2
[Router-qospolicy-localid] classifier 101 behavior 101
[Router-qospolicy-localid] classifier 102 behavior 102
[Router-qospolicy-localid] classifier 103 behavior 103
[Router-qospolicy-localid] classifier 201 behavior 201
[Router-qospolicy-localid] classifier 202 behavior 202
[Router-qospolicy-localid] classifier 203 behavior 203
[Router-qospolicy-localid] classifier 204 behavior 204
[Router-qospolicy-localid] classifier 205 behavior 205
[Router-qospolicy-localid] classifier 301 behavior 301
[Router-qospolicy-localid] classifier 302 behavior 302
[Router-qospolicy-localid] classifier 303 behavior 303
[Router-qospolicy-localid] classifier 304 behavior 304
[Router-qospolicy-localid] classifier 305 behavior 305
[Router-qospolicy-localid] quit
6. Create a scheduler policy and instantiate the forwarding groups.
[Router] qos scheduler-policy SP
[Router-sp-SP] forwarding-group voip profile voip
[Router-sp-SP] forwarding-group vod profile vod
[Router-sp-SP] forwarding-group vpn profile vpn
[Router-sp-SP] forwarding-group internet profile empty
[Router-sp-SP] layer 1
[Router-sp-SP-layer1] forwarding-group voip match qos-local-id 1 2
[Router-sp-SP-layer1] forwarding-group vod match qos-local-id 101 to 103
[Router-sp-SP-layer1] forwarding-group vpn match qos-local-id 201 to 205
[Router-sp-SP-layer1] forwarding-group internet match qos-local-id 301 to 305
[Router-sp-SP] quit
7. Configure GTS on interface Mp-group 2/1/1.
[Router] interface Mp-group 2/1/1
[Router-Mp-group2/1/1] qos gts any cir 16000
8. Apply the scheduler policy SP and the QoS policy localid in the outbound direction of interface
Mp-group2/1/1.
[Router-Mp-group2/1/1] qos apply scheduler-policy SP outbound
[Router-Mp-group2/1/1] qos apply policy localid outbound
97
Index
ACDFHILMNOPQRTW
A H
ACL configuration examples,14 HQoS basic configuration,75
ACL configuration task list,5 HQoS configuration examples,85
ACL overview,1 HQoS configuration task list,73
Aggregation CAR overview,59 HQoS overview,71
C I
Changing the port priority of a port,51 Introduction to QoS,19
Configuring a priority mapping table,49 Introduction to queue scheduling profile,61
Configuring a queue scheduling profile,61 Introduction to WRED configuration,56
Configuring an ACL,5 L
Configuring and applying a WRED table on an
Line rate configuration,27
interface,57
Configuring CBQ,41 M
Configuring FR QoS,67 Major traffic management technologies,21
Configuring the port to trust packet priority for priority
N
mapping,52
Configuring traffic accounting,64 Networks without QoS guarantee,19
Configuring WFQ queuing,40 O
Congestion avoidance overview,55
Overview,66
Congestion management overview,38
P
Congestion: causes, impacts, and
countermeasures,20 Per-port queue-based accounting overview,64
Copying an forwarding group or scheduler policy,84 Priority mapping configuration example,53
D Priority mapping overview,48
98
Traffic shaping configuration,25 W
Traffic shaping overview,22 WRED configuration example,58
99