H3c-technologies H3C S7500E Series Switches Bedienungsanleitung

H3C S7500E Series Ethernet SwitchesACL and QoSConfiguration GuideHangzhou H3C Technologies Co., Ltd. http://www.h3c.com Document Version: 20100722-C

iv 14 Appendix A Default Priority Mapping Tables ·····················································································14-1 15 Appendix

13-11 criteria, VLAN operation mode of the port, and VLAN tagging status of the received packets. For details, see Table 13-4. Table 13-4 Relationsh

13-12 VLAN operation mode With or without VLAN tag Packet processing Without VLAN tag The packet is tagged with the VLAN tag corresponding to the def

13-13 Table 13-5 Restrictions about the configuration Item Restrictions Priority remarking based on the source MAC address or destination Mac addres

13-14 For VLAN operation mode introduction and configuration of a UNI, see UNI Port Configuration in the Layer 2 - LAN Switching Configuration Guide.

13-15 Configuration procedure # Create ONU 3/0/1:1, and bind it to the ONU. <Sysname> system-view [Sysname] interface olt 3/0/1 [Sysname-Olt3

14-1 14 Appendix A Default Priority Mapping Tables For the default dot1p-exp, dscp-dscp, and exp-dot1p priority mapping tables, an input value yie

14-2 Input priority value dscp-dp mapping dscp-dot1p mapping DSCP Drop precedence (dp) 802.1p priority (dot1p) 40 to 47 0 5 48 to 55 0 6 56 t

15-1 15 Appendix B Introduction to Packet Precedences IP Precedence and DSCP Values Figure 15-1 ToS and DS fields As shown in Figure 15-1, the ToS

15-2 Table 15-2 Description on DSCP values DSCP value (decimal) DSCP value (binary) Description 46 101110 ef 10 001010 af11 12 001100 af12 14 00111

15-3 Figure 15-2 An Ethernet frame with an 802.1Q tag header As shown in Figure 15-2, the 4-byte 802.1Q tag header consists of the tag protocol ide

1-1 1 ACL Configuration This chapter includes these sections: z ACL Overview z ACL Configuration Task List z Configuring an ACL z Creating a Time

15-4 Figure 15-4 MPLS label structure As shown in Figure 15-4, the EXP field is 3 bits long and ranges from 0 to 7.

16-1 16 Index A ACL Classification 1-2 ACL Numbering and Naming 1-3 Application of ACLs on the Switch 1-2 Applying the QoS Policy 3-6 B Best-Effort

16-2 QoS Configuration Task List in an EPON System 13-6 QoS Functions for Downlink Traffic 13-5 QoS Functions for Uplink Traffic 13-4 QoS-Local-ID Ma

1-2 efficiently prevent illegal users from accessing networks and to control network traffic and save network resources. Access control lists (ACL) ar

1-3 Category ACL number IP version Match criteria IPv6 Source/destination IPv6 address, protocols over IPv6, and other Layer 3 and Layer 4 header f

1-4 ACL category Depth-first rule sorting procedures IPv4 advanced ACL 1) A rule configured with a VPN instance takes precedence. 2) A rule confi

1-5 example, the default ACL rule numbering step is 5. If you do assign IDs to rules you are creating, they are numbered 0, 5, 10, 15, and so on. The

1-6 Task Remarks Creating a Time Range Optional Configuring an IPv4 basic ACL Configuring an IPv4 advanced ACL Configuring an Ethernet Frame Heade

1-7 Configuring a Basic ACL Configuring an IPv4 basic ACL IPv4 basic ACLs match packets based on only source IP address. Follow these steps to configu

1-8 z You cannot create a rule with, or modify a rule to have, the same permit/deny statement as an existing rule in the ACL. z When the ACL match o

1-9 To do… Use the command… Remarks Configure or edit a rule description rule rule-id comment text Optional By default, an IPv6 basic ACL rule has

Copyright © 2009-2010, Hangzhou H3C Technologies Co., Ltd. and its licensors All Rights Reserved No part of this manual may be reproduced or transmitt

1-10 To do… Use the command… Remarks Create an IPv4 advanced ACL and enter its view acl number acl-number [ name acl-name ] [ match-order { auto |

1-11 z You can only modify the existing rules of an ACL that uses the match order of config. When modifying a rule of such an ACL, you may choose to

1-12 To do… Use the command… Remarks Create or edit a rule rule [ rule-id ] { deny | permit } protocol [ { established | { ack ack-value | fin fin-v

1-13 Follow these steps to configure an Ethernet frame header ACL: To do… Use the command… Remarks Enter system view system-view –– Create an Ethern

1-14 z When the ACL match order is auto, a newly created rule will be inserted among the existing rules in the depth-first match order. Note that the

1-15 Displaying and Maintaining ACLs To do... Use the command… Remarks Display configuration and match statistics for one or all IPv4 ACLs (distrib

1-16 Network Diagram Figure 1-1 Network diagram for IPv4 ACL configuration GE2/0/4GE2/0/1GE2/0/2 GE2/0/3192.168.1.0/24192.168.4.1SwitchR&D depar

1-17 # Configure traffic behavior b_ market to deny matching packets. [Switch] traffic behavior b_market [Switch-behavior-b_market] filter deny [Switc

1-18 [Switch] traffic behavior b_rd [Switch-behavior-b_rd] filter deny [Switch-behavior-b_rd] quit # Configure QoS policy p_rd to use traffic behavior

2-1 2 QoS Overview The S7500E Series Ethernet Switches are distributed devices supporting Intelligent Resilient Framework (IRF). Two S7500E series

Preface The H3C S7500E documentation set includes 12 configuration guides, which describe the software features for the H3C S7500E Series Ethernet Swi

2-2 IntServ Service Model IntServ is a multiple services model that can accommodate multiple QoS requirements. In this model, an application must req

2-3 Positions of the QoS Techniques in a Network Figure 2-1 Positions of the QoS techniques in a network As shown in Figure 2-1, traffic classifica

3-1 3 QoS Configuration Approaches This chapter covers the following topics: z QoS Configuration Approach Overview z Configuring a QoS Policy QoS

3-2 Figure 3-1 QoS policy configuration procedure Defining a Class To define a class, you need to specify a name for it and then configure match c

3-3 Keyword and argument combination Description acl ipv6 { access-list-number | name acl-name } Specifies to match an IPv6 ACL specified by its num

3-4 Keyword and argument combination Description service-vlan-id vlan-id-list Specifies to match the packets of the VLANs of the operator’s network

3-5 The matching criteria listed below must be unique in a traffic class with the operator being AND. Therefore, even though you can define multiple

3-6 To do… Use the command… Remarks Create a policy and enter policy view qos policy policy-name Required Associate a class with a behavior in the

3-7 z You can modify classes, behaviors, and class-behavior associations in a QoS policy even after it is applied. z The QoS policies applied to

3-8 To do… Use the command… Remarks Enter user profile view user-profile profile-name Required The configuration made in user profile view takes ef

Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text re

3-9 QoS policies cannot be applied to dynamic VLANs, for example, VLANs created by GVRP. Applying the QoS policy globally You can apply a QoS pol

3-10 To do… Use the command… Remarks Enter control plane view (on a distributed IRF device) control-plane chassis chassis-number slot slot-number

3-11 To do… Use the command… Remarks Display VLAN QoS policy configuration on a distributed IRF device display qos vlan-policy { name policy-name |

3-12

4-1 4 Priority Mapping Configuration When configuring priority mapping, go to these sections for information you are interested in: z Priority Mapp

4-2 z dscp-dscp: DSCP-to-DSCP priority mapping table, which is applicable to only IP packets. z exp-dot1p: EXP-to-802.1p priority mapping table.

4-3 Figure 4-1 Priority mapping procedure for an Ethernet packet Which priority is trusted on the port?Receive a packet on a portUse the port priorit

4-4 Figure 4-2 Priority mapping procedure for an MPLS packet Receive a packetLook up the exp-dp tableMark the packet with drop precedenceLook up the

4-5 Configuring Priority Mapping Configuring a Priority Mapping Table Follow these steps to configure an uncolored priority mapping table: To do… Us

4-6 To do… Use the command… Remarks Trust the 802.1p priority in packets undo qos trust Display the priority trust mode configuration on the port

About the H3C S7500E Documentation Set The H3C S7500E documentation set includes: Category Documents Purposes Marketing brochures Describe product

4-7 Priority Mapping Configuration Examples Priority Mapping Table and Priority Marking Configuration Example For information about priority markin

4-8 Figure 4-3 Network diagram for priority mapping table and priority marking configuration HostServerR&D departmentInternetDeviceGE2/0/1GE2/0/2

4-9 # Mark the HTTP traffic of the management department, marketing department, and R&D department to the Internet with 802.1p priorities 4, 5, a

5-1 5 Traffic Policing, Traffic Shaping, and Line Rate Configuration When configuring traffic classification, traffic policing, and traffic shaping,

5-2 Evaluation is performed for each arriving packet. In each evaluation, if the number of tokens in the bucket is enough, the traffic conforms to th

5-3 Figure 5-1 Schematic diagram for traffic policing Token bucketPackets droppedPacket classificationPackets to be sent through this interfacePacket

5-4 Figure 5-2 Schematic diagram for GTS Token bucketPackets droppedPacket classificationPackets to be sent through this interfacePackets sentTokens

5-5 Figure 5-4 Line rate implementation In the token bucket approach to traffic control, bursty traffic can be transmitted so long as enough tokens

5-6 To do… Use the command… Remarks Configure a traffic policing action car cir committed-information-rate [ cbs committed-burst-size [ ebs excess-

5-7 [Sysname-acl-adv-3000] quit # Create a class named http, and reference ACL 3000 in the class to match HTTP traffic. [Sysname] traffic classifie

Category Documents Purposes H3C PSR320-A[PSR320-D] Power Module User Manual Describes the appearance, specifications, LEDs, and installation and rem

5-8 Configuration Example Configure GTS on GigabitEthernet2/0/1, shaping the packets of queue 1 when the sending rate exceeds 512 kbps. # Enter sys

5-9 # Limit the outbound line rate of GigabitEthernet 2/0/1 to 512 kbps. [Sysname-GigabitEthernet2/0/1] qos lr outbound cir 512 Displaying and Main

6-1 6 Congestion Management Configuration When configuring hardware congestion management, go to these sections for information you are interested i

6-2 Congestion Management Policies In general, congestion management uses queuing technology. The system uses a certain queuing algorithm for traffic

6-3 Figure 6-3 Schematic diagram for WRR queuing Queue 0 Weight 1……Queue 1 Weight 2Queue N-2Weight N-1Queue N-1 Weight NPackets to be sent through th

6-4 z Short packets and long packets are fairly scheduled: if there are both long packets and short packets in queues, statistically the short packe

6-5 Task Remarks Configuring SP Queuing Optional Configure WRR Queuing Optional Configuring WFQ Queuing Optional Configuring SP+WRR Queues Optio

6-6 Configure WRR Queuing Configuration procedure Follow these steps to configure group-based WRR queuing: To do… Use the command… Remarks Enter sy

6-7 To do… Use the command… Remarks Enter system view system-view — Enter interface view interface interface-type interface-number Enter interface

6-8 [Sysname] interface gigabitethernet 2/0/1 [Sysname-GigabitEthernet2/0/1] qos wfq [Sysname-GigabitEthernet2/0/1] qos wfq 1 weight 1 [Sysname-Gigab

i Table of Contents 1 ACL Configuration···············································································································

6-9 [Sysname] interface GigabitEthernet 2/0/1 [Sysname-GigabitEthernet2/0/1] qos wrr [Sysname-GigabitEthernet2/0/1] qos wrr 0 group sp [Sysname-Gigab

7-1 7 Congestion Avoidance When configuring congestion avoidance, go to these sections for information you are interested in: z Congestion Avoidanc

7-2 Different from RED, WRED determines differentiated drop policies for packets with different IP precedence values. Packets with a lower IP precede

7-3 To do… Use the command… Remarks Enter system view system-view — Create a WRED table qos wred queue table table-name — Configure the drop parame

8-1 8 Traffic Filtering Configuration When configuring traffic filtering, go to these sections for information you are interested in: z Traffic Fil

8-2 To do… Use the command… Remarks Exit policy view quit — To an interface Applying the QoS policy to an interface — To online users Applying

8-3 Traffic direction (right) Card category (below) Inbound Outbound SD Supported Supported Traffic Filtering Configuration Example Traffic Filteri

9-1 9 Priority Marking Configuration When configuring priority marking, go to these sections for information you are interested in: z Priority Mark

9-2 To do… Use the command… Remarks Set the 802.1p priority for packets or configure the inner-to-outer tag priority copying function remark dot1p

9-3 Support of Line Cards for Priority Marking Table 9-1 and Table 9-2 show the support of line cards for the priority marking actions for the inbou

ii 4 Priority Mapping Configuration················································································································4-1

9-4 Card category (right) SC SA EA Action (below) Inbound Outbound Inbound Outbound Inbound Outbound Remarking the specified QoS local ID for

9-5 Priority Marking Configuration Example Priority Marking Configuration Example Network requirements As shown in Figure 9-1, the enterprise network

9-6 [Device-acl-adv-3002] rule permit ip destination 192.168.0.3 0 [Device-acl-adv-3002] quit # Create a class named classifier_dbserver, and referen

9-7 With QoS local ID marking, however, traffic limit applies to the two classes as a whole, allowing the switch to dynamically assign the bandwidth

10-1 10 Traffic Redirecting Configuration When configuring traffic redirecting, go to these sections for information you are interested in: z Traff

10-2 To do… Use the command… Remarks Associate the class with the traffic behavior in the QoS policy classifier tcl-name behavior behavior-name — E

10-3 Table 10-1 Support of line cards for the traffic redirecting action Direction(right) Card category (below) Inbound Outbound SC LPU Supported

11-1 11 Aggregation CAR Configuration Aggregation CAR Overview With aggregation CAR, one CAR is used to rate limit flows on different ports as a who

11-2 To do… Use the command… Remarks Exit class view quit — Enter traffic behavior view traffic behavior behavior-name Required Reference the aggre

11-3 [Sysname-classifier-2] if-match customer-vlan-id 100 [Sysname-classifier-2] quit [Sysname] traffic behavior 2 [Sysname-behavior-2] car name aggc

iii WRED Configuration Approaches···································································································7-2 Introduction t

12-1 12 Class-Based Accounting Configuration When configuring class-based accounting, go to these sections for information you are interested in: z

12-2 To do… Use the command… Remarks To an interface Applying the QoS policy to an interface — To a VLAN Applying the QoS policy to a VLAN — Gl

12-3 # Create a policy named policy, and associate class classifier_1 with behavior behavior_1 in the policy. [DeviceA] qos policy policy [DeviceA-q

13-4 13 QoS in an EPON System When configuring QoS in an EPON system, go to these sections for information you are interested in: z QoS in an EPON

13-5 Figure 13-1 QoS model for uplink traffic in an EPON system QoS Functions for Downlink Traffic Processing on an OLT z Configuring the OLT to p

13-6 Configuring QoS in an EPON System QoS Configuration Task List in an EPON System QoS configurations in an EPON system are the same as those in

13-7 QoS at the OLT side Reference Assign downlink bandwidth for each ONU Assign downlink bandwidth for an ONU Table 13-2 Configure QoS at the ONU si

13-8 Sending buffer size of the OLT port For traffic to be sent out an OLT port, you can set the priority threshold to identify high-priority traffi

13-9 High-priority packet buffering takes effect for downlink traffic only when downlink bandwidth allocation policy is enabled (as shown in Configu

13-10 Configuring QoS at the ONU Side Priority mapping on the ONU port When the ONU receives packets on an ONU port, it assigns local precedence to t