Login
- Table of Contents
-
- H3C Low-End Ethernet Switches Configuration Guide(V1.01)
- 01-Login Configuration Guide
- 02-VLAN Configuration Guide
- 03-IP Address Configuration Guide
- 04-Voice VLAN Configuration Guide
- 05-GVRP Configuration Guide
- 06-Ethernet Interface Basic Configuration Guide
- 07-Link Aggregation Configuration Guide
- 08-Port Isolation Configuration Guide
- 09-Port Security Configuration Guide
- 10-Port Binding Configuration Guide
- 11-MAC Address Table Management Configuration Guide
- 12-DLDP Configuration Guide
- 13-Auto Detect Configuration Guide
- 14-MSTP Configuration Guide
- 15-Routing Configuration Guide
- 16-Multicast Configuration Guide
- 17-802.1x Configuration Guide
- 18-AAA Configuration Guide
- 19-MAC Authentication Configuration Guide
- 20-VRRP Configuration Guide
- 21-ARP Configuration Guide
- 22-DHCP Configuration Guide
- 23-ACL Configuration Guide
- 24-QoS-QoS Profile Configuration Guide
- 25-Web Cache Redirection Configuration Guide
- 26-Mirroring Configuration Guide
- 27-IRF Configuration Guide
- 28-Cluster Configuration Guide
- 29-PoE-PoE Profile Configuration Guide
- 30-UDP Helper Configuration Guide
- 31-SNMP-RMON Configuration Guide
- 32-NTP Configuration Guide
- 33-SSH Configuration Guide
- 34-FTP and TFTP Configuration Guide
- 35-Information Center Configuration Guide
- 36-VLAN-VPN Configuration Guide
- 37-HWPing Configuration Guide
- 38-DNS Configuration Guide
- 39-Access Management Configuration Guide
- 40-Web Authentication Configuration Guide
- 41-IPv6 Management Configuration Guide
- 42-Smart link - Monitor Link Configuration Guide
- 43-VLAN Mapping Configuration Guide
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 24-QoS-QoS Profile Configuration Guide | 130.29 KB |
Configuring Traffic Policing and Line Rate
Networking and Configuration Requirements
Configuring Priority Marking and Queue Scheduling
Networking and Configuration Requirements
Configuring Traffic Redirecting and Traffic Accounting
Networking and Configuration Requirements
2 QoS Profile Configuration Guide·
Networking and Configuration Requirements
1 QoS Configuration Guide
Configuring Traffic Policing and Line Rate
Network Diagram
Figure 1-1 Network diagram for traffic policing and line rate configuration
Networking and Configuration Requirements
A company uses a switch (an S3600 switch in this example) to interconnect all the departments. PC 1 with IP address 192.168.0.1 belongs to the R&D department and is connected to Ethernet 1/0/1 of the switch; the marketing department is connected to Ethernet 1/0/2 of the switch.
Configure traffic policing and line rate to satisfy the following requirements:
l Limit the total outbound traffic rate of the marketing department and the R&D department to 16000 kbps; drop the packets exceeding the rate limit.
Applicable Product Matrix
|
Product series |
Software version |
Hardware version |
|
S5600 series |
Release 1510, Release 1602 |
All versions |
|
S5100-SI/EI series |
Release 2200, Release 2201 |
All versions |
|
S3600-SI/EI series |
Release 1510, Release 1602 |
All versions |
|
S3100-EI series |
Release 2104, Release 2107 |
All versions |
|
S3100-C-SI series S3100-T-SI series |
Release 0011, Release 2102, Release 2107 |
All versions |
|
S3100-52P |
Release 1500, Release 1602 |
S3100-52P |
l The S3100-SI series do not support traffic policing.
l The S5100-EI series do not support line rate.
Configuration Procedure
1) Define traffic classification rules
# Create basic ACL 2000 and enter basic ACL view.
<H3C> system-view
[H3C] acl number 2000
# Define a rule to match the packets with source IP address 192.168.0.1.
[H3C-acl-basic-2000] rule permit source 192.168.0.1 0
[H3C-acl-basic-2000] quit
2) Configure traffic policing and line rate
# Limit the total outbound traffic rate of the marketing department and the R&D department to 16000 kbps, and drop the packets exceeding the rate limit.
[H3C] interface Ethernet 1/0/3
[H3C-Ethernet1/0/3] line-rate outbound 16000
# Limit the rate of the IP packets that PC 1 of the R&D department sends out to 8000 kbps, and drop the packets exceeding the rate limit.
[H3C] interface Ethernet 1/0/1
[H3C-Ethernet1/0/1] traffic-limit inbound ip-group 2000 8000 exceed drop
Complete Configuration
#
acl number 2000
rule 0 permit source 192.168.0.1 0
#
interface Ethernet1/0/1
traffic-limit inbound ip-group 2000 rule 0 8000 exceed drop
#
interface Ethernet1/0/3
line-rate outbound 16000
#
Precautions
Note that:
l The ACL rules configured for traffic classification must be permit statements.
l If packets match ACL rules of multiple traffic policing actions, the traffic policing action issued the last takes effect.
l The granularity of traffic policing and line rate is 64 kbps. If the value you input is in the range of N × 64 to (N + 1) × 64 (N is a natural number), the switch sets the value to (N + 1) × 64 kbps automatically.
l Traffic policing or rate limiting just limits the traffic rate of payloads (excluding preambles and interframes).
l When referencing an ACL for traffic policing, you must note that the action that traffic policing takes on conforming traffic is permit. If a packet matches a permit statement and a deny statement at the same time, the one issued the last takes effect. If the deny statement takes effect, no traffic policing action will be performed on the packet.
Configuring Priority Marking and Queue Scheduling
Network Diagram
Figure 1-2 Network diagram for priority marking and queue scheduling configuration
Networking and Configuration Requirements
A company uses a switch (an S3600 switch in this example) to interconnect all the departments. PC 1, PC 2, and PC 3 are clients. PC 1 and PC 2 are connected to Ethernet 1/0/1 of the switch; PC 3 is connected to Ethernet 1/0/3 of the switch. Server 1, Server 2, and Server 3 are the database server, mail server, and file server of the company. The three servers are connected to Ethernet 1/0/2 of the switch.
Configure priority marking and queue scheduling to satisfy the following requirements:
l Configure priority marking on Ethernet 1/0/1 to enable the switch to process traffic flows from PC 1 and PC 2 to the database server, mail server, and file server in the descending order.
Applicable Product Matrix
|
Product series |
Software version |
Hardware version |
|
S5600 series |
Release 1510, Release 1602 |
All versions |
|
S5100-SI/EI series |
Release 2200, Release 2201 |
All versions |
|
S3600-SI/EI series |
Release 1510, Release 1602 |
All versions |
|
S3100-EI series |
Release 2104, Release 2107 |
All versions |
|
S3100-C-SI series S3100-T-SI series |
Release 0011, Release 2102, Release 2107 |
All versions |
|
S3100-52P |
Release 1500, Release 1602 |
S3100-52P |
The S3100-SI series and the S5100-SI series Ethernet switches do not support priority marking.
Configuration Procedure
1) Define traffic classification rules
# Create advanced ACL 3000 and enter advanced ACL view.
<H3C> system-view
[H3C] acl number 3000
# Define traffic classification rules with destination IP address as the match criterion.
[H3C-acl-adv-3000] rule 0 permit ip destination 192.168.0.1 0
[H3C-acl-adv-3000] rule 1 permit ip destination 192.168.0.2 0
[H3C-acl-adv-3000] rule 2 permit ip destination 192.168.0.3 0
[H3C-acl-adv-3000] quit
2) Configure priority marking
# Mark the traffic matching ACL 3000 with a local precedence value on Ethernet 1/0/1.
[H3C] interface Ethernet 1/0/1
[H3C-Ethernet1/0/1] traffic-priority inbound ip-group 3000 rule 0 local-precedence 4
[H3C-Ethernet1/0/1] traffic-priority inbound ip-group 3000 rule 1 local-precedence 3
[H3C-Ethernet1/0/1] traffic-priority inbound ip-group 3000 rule 2 local-precedence 2
[H3C-Ethernet1/0/1] quit
3) Configure priority trust mode
# Configure the switch to trust port priority on Ethernet 1/0/3 and set the port priority of Ethernet 1/0/3 to 5. (As port priority is trusted by default, you need not to configure it here.)
[H3C] interface Ethernet 1/0/3
[H3C-Ethernet1/0/3] priority 5
[H3C-Ethernet1/0/3] quit
4) Configure a priority mapping table
# Configure the CoS-to-local precedence mapping table as follows: 0->0, 1->1, 2->2, 3->3, 4->4, 5->5, 6->6, and 7->7.
[H3C] qos cos-local-precedence-map 0 1 2 3 4 5 6 7
5) Configure queue scheduling
# Configure the switch to adopt the SP queue scheduling algorithm.
[H3C] queue-scheduler strict-priority
Complete Configuration
#
qos cos-local-precedence-map 0 1 2 3 4 5 6 7
#
queue-scheduler strict-priority
#
acl number 3000
rule 0 permit IP destination 192.168.0.1 0
rule 1 permit IP destination 192.168.0.2 0
rule 2 permit IP destination 192.168.0.3 0
#
interface Ethernet1/0/1
traffic-priority inbound ip-group 3000 rule 0 local-precedence 4
traffic-priority inbound ip-group 3000 rule 1 local-precedence 3
traffic-priority inbound ip-group 3000 rule 2 local-precedence 2
#
interface Ethernet1/0/3
priority 5
#
Precautions
Support for QoS varies by switch model. Follow these guidelines when making QoS configurations on your switch:
Table 1-1 Configuration guidelines
|
No. |
Guidelines |
|
1 |
For all products listed in Applicable Product Matrix, the ACL rules must be permit statements. |
|
2 |
You can achieve priority marking by using the traffic priority command or traffic policing. The support of the switches listed in Applicable Product Matrix for priority marking varies in applicable traffic directions, supported priority types, and configuration views: l When using the traffic priority command to configure priority marking, refer to Table 1-2 for your device’s support for priority marking. l When using traffic policing to configure priority marking, refer to Table 1-3 for your device’s support for priority marking. |
|
3 |
If both the traffic-priority command and traffic policing are configured for marking DSCP precedence/802.1p priority for the packets of the same type on a port, the priority marking configuration that applies depends on your switch model. l On an S3600 series, S5600 series, or S3100-52P switch the last issued configuration applies. l On an S3100-EI series, or S5100-EI series switch, the first issued configuration applies. |
|
4 |
You may configure your switch to trust port priority or packet priority, as described below: 1) When trusting port priority, the switch replaces the 802.1p priority of each incoming packet with the priority of the receiving port, searches for the local precedence corresponding to the port priority in the 802.1p-to-local precedence mapping table, and assigns the local precedence to the packet. 2) When trusting packet priority, the switch uses the 802.1p priority, DSCP precedence, or IP precedence of incoming packets for local precedence mapping, depending on its supported priority types and your configuration. (For a switch’s support for trusted packet priority types and the priority mapping tables, refer to the operation manual of your switch.) l The switch searches the local precedence corresponding to the selected type of priority of each received packet in the corresponding priority mapping table, and then assigns the local precedence (also drop precedence on the S5100 series) to the packet. l If you configure your switch to trust packet priority without specifying the trusted priority type, the switch trusts the 802.1p priority of received packets. |
|
5 |
The number of output queues on a port and support for queue scheduling algorithms and queue scheduling modes depend on your switch model. l Refer to Table 1-4 for a switch model’s support for queuing. l Refer to Table 1-5 for the introduction to each queue scheduling mode. |
Priority marking
Table 1-2 Support for priority marking achieved with the traffic-priority command
|
Product series |
Direction |
Marked priority types |
View |
|
S5600 series |
inbound |
IP precedence, 802.1p priority, DSCP precedence, and local precedence |
System view, port view |
|
S5100-EI series |
inbound |
802.1p priority, DSCP precedence |
System view, VLAN-interface view, port group view, port view |
|
S5100-SI series |
Not supported |
Not supported |
Not supported |
|
S3600-SI/EI series |
Inbound, outbound |
IP precedence, 802.1p priority, DSCP precedence, and local precedence |
System view, port view |
|
S3100-EI series |
inbound |
802.1p priority, local precedence, and DSCP precedence |
System view, VLAN-interface view, port group view, port view |
|
S3100-C-SI series S3100-T-SI series |
Not supported |
Not supported |
Not supported |
|
S3100-52P |
Inbound, outbound |
IP precedence, 802.1p priority, DSCP precedence, and local precedence |
System view, port view |
Table 1-3 Support for priority marking achieved with traffic policing
|
Product series |
Direction |
Marked priority types |
View |
|
S5600 series |
inbound |
DSCP precedence |
Port view |
|
S5100-EI series |
Inbound |
802.1p priority, DSCP precedence |
System view, VLAN-interface view, port group view, port view |
|
S5100-SI series |
Not supported |
Not supported |
Not supported |
|
S3600-SI/EI series |
inbound |
DSCP precedence |
Port view |
|
S3100-EI series |
Inbound |
802.1p priority, DSCP precedence |
System view, VLAN-interface view, port group view, port view |
|
S3100-C-SI series S3100-T-SI series |
Not supported |
Not supported |
Not supported |
|
S3100-52P |
inbound |
DSCP precedence |
Port view |
Queuing
Table 1-4 Support for queuing on a port
|
Product series |
Number of queues |
Supported queue scheduling algorithms |
Supported queue scheduling modes |
|
S5600 series |
8 |
SP, WRR |
SP, WRR, SP+WRR |
|
S5100-EI series |
8 |
SP, WRR, SDWRR |
SP, SDWRR, SP+SDWRR |
|
S5100-SI series |
4 |
SP, WRR, SDWRR |
SP, SDWRR, SP+SDWRR |
|
S3600-SI/EI series |
8 |
SP, WRR, WFQ |
SP, WRR, WFQ, SP+WRR, SP+WFQ |
|
S3100-EI series |
4 |
SP, WRR, HQ-WRR |
SP, WRR, HQ-WRR |
|
S3100-C-SI series S3100-T-SI series |
4 |
WRR, HQ-WRR |
WRR, HQ-WRR |
|
S3100-52P |
8 |
SP, WRR, WFQ |
SP, WRR, WFQ, SP+WRR, SP+WFQ |
Table 1-5 Supported queue scheduling modes
|
Queue scheduling modes |
Description |
|
SP |
Strict priority (SP) queuing schedules queues strictly in the descending order of priority. Packets in a queue with a lower priority are sent only when the queue with a higher priority is empty. l You are recommended to assign business critical packets to the queues with higher priority and assign non-critical service (such as e-mail) packets to the queues with lower priority to ensure that critical packets are sent preferentially and non-critical packets are sent when no critical packets are waiting for transmission. l If a large amount of packets are waiting for transmission in the queues with higher-priority, the packets in the queues with lower priority may fail to be served for a long time. |
|
WRR |
The WRR queue scheduling algorithm schedules all the queues in turn and every queue can be assured of a certain amount of service time. l WRR avoids the disadvantage of SP queue scheduling that the packets in queues with lower priority may fail to get served for a long time. l While the queues are scheduled in turn, the service time for each queue is not fixed. In WRR, if a queue is empty, the next queue will be scheduled immediately. Thus, the use of bandwidth resources is efficient. l You are recommended to use the default WRR settings. |
|
WFQ |
WFQ classifies packets to multiple flows, assigns a flow to a queue, and tries to assign different flows to different queues. l The number of WFQ queues is configurable, but it cannot exceed the maximum number of queues supported on your device. l When dequeuing packets, WFQ assigns the outgoing interface bandwidth to each traffic flow by the precedence. The higher precedence value a traffic flow has, the more bandwidth it gets. In this way, queues of different weights get bandwidth proportional to their weights. |
|
SP+WRR |
On a switch listed in Table 1-4, if a port uses the SP+WRR queue scheduling mode, queues with weight 0 are scheduled preferentially by SP, and the remaining queues are scheduled by WRR when the queues with weight 0 are all empty. |
|
SP+WFQ |
On a switch listed in Table 1-4, if a port uses the SP+WFQ queue scheduling mode, queues with weight 0 are scheduled preferentially by SP, and the remaining queues are scheduled by WFQ when the queues with weight 0 are all empty. |
|
SDWRR |
SDWRR provides two groups, that is, group 1 and group 2. You can assign every queue to a group as needed. l When using the SDWRR queue scheduling mode, you are recommended to assign contiguous queues to the same SDWRR group. l When packets are scheduled, queues in the same group are scheduled in round-robin fashion; the two groups are scheduled by SP, that is, the group containing the highest-priority queue is scheduled preferentially. Queue priority increases in the order of queue 0 to queue 7. Assuming you assign queues 0 through 3 to group 1, and queues 4 through 7 to group 2, l The system preferentially schedules the queues in group 2 in round-robin fashion. l The system schedules the queues in group 1 in round-robin fashion when group 2 is empty. |
|
SP+SDWRR |
When using the SP+SDWRR queue scheduling mode, you can assign a queue to the SP group, SDWRR group 1, or SDWRR group 2 as needed. l When using the SP+SDWRR queue scheduling mode, you are recommended to assign contiguous queues to the same group. l When packets are scheduled, queues in the same SDWRR group are scheduled in round-robin fashion; the three groups are scheduled by SP, that is, the group containing the highest-priority queue is scheduled preferentially. Queue priority increases in the order of queue 0 to queue 7. For example, assuming you assign queue 0, queue 1, queue 6, and queue 7 to the SP group, queue 2 and queue 3 to SDWRR group 1, and queue 5 and queue 6 to SDWRR group 2, l The system schedules queue 7 preferentially. l When queue 7 is empty, the system schedules queue 6. l When queue 6 is empty, the system schedules the queues in SDWRR group 2 in round-robin fashion. l When SDWRR group 2 is empty, the system schedules the queues in SDWRR group 1 in round-robin fashion. l When SDWRR group 1 is empty, the system schedules queue 1. l When queue 1 is empty, the system schedules queue 0. |
|
HQ-WRR |
HQ-WRR is implemented based on WRR. HQ-WRR selects queue 3 as the high-priority queue from the four output queues. If the bandwidth occupied by the four queues exceeds the interface bandwidth, packets in queue 3 are preferentially transmitted, and then the remaining three queues are scheduled with WRR. |
Configuring Traffic Redirecting and Traffic Accounting
Network Diagram
Figure 1-3 Network diagram for traffic redirecting and traffic accounting configuration
Networking and Configuration Requirements
A company uses a switch (an S3600 switch in this example) to interconnect all the departments. The network is described as follows:
l PC 1 and PC 2 are connected to Ethernet 1/0/1 of the switch. The IP address of PC 1 is 192.168.0.1.
l The data monitoring device is connected to Ethernet1/0/2 of the switch.
Configure traffic redirecting and traffic accounting to satisfy the following requirements:
l During non-working time, count the HTTP traffic from PC 1 to the Internet.
Applicable Product Matrix
|
Product series |
Software version |
Hardware version |
|
S5600 series |
Release 1510, Release1602 |
All versions |
|
S5100-EI series |
Release 2200, Release2201 |
All versions |
|
S3600-SI/EI series |
Release 1510, Release1602 |
All versions |
|
S3100-EI series |
Release 2104, Release 2107 |
All versions |
|
S3100-52P |
Release 1500, Release 1602 |
S3100-52P |
Configuration Procedure
1) Define a time range for working days
# Create time range tr1, setting it to become active between 8:30 to 18:00 during working days.
<H3C> system-view
[H3C] time-range tr1 08:30 to 18:00 working-day
# Create time range tr2, setting is to become active during non-working time.
[H3C] time-range tr2 00:00 to 8:30 working-day
[H3C] time-range tr2 18:00 to 24:00 working-day
[H3C] time-range tr2 00:00 to 24:00 off-day
2) Define traffic classification rules
# Create advanced ACL 3000 and enter advanced ACL view.
<H3C> system-view
[H3C] acl number 3000
# Define traffic classification rules to classify the HTTP traffic from PC 1 to the Internet.
[H3C-acl-adv-3000] rule 0 permit tcp source 192.168.0.1 0 destination-port eq 80 time-range tr1
[H3C-acl-adv-3000] rule 1 permit tcp source 192.168.0.1 0 destination-port eq 80 time-range tr2
[H3C-acl-adv-3000] quit
3) Configure traffic redirecting
# Redirect the received traffic matching certain criteria on Ethernet 1/0/1 to Ethernet 1/0/2.
[H3C] interface Ethernet 1/0/1
[H3C-Ethernet1/0/1] traffic-redirect inbound ip-group 3000 rule 0 interface Ethernet 1/0/2
Support for traffic redirecting on the products listed in Applicable Product Matrix varies:
l The S3600-SI/EI series, and S3100-52P switch support traffic redirecting in both the inbound and outbound directions.
l The other products support traffic redirecting only in the inbound direction.
4) Configure traffic accounting
# Count the traffic matching certain criteria on Ethernet 1/0/1.
[H3C-Ethernet1/0/1] traffic-statistic inbound ip-group 3000 rule 1
Complete Configuration
#
acl number 3000
rule 0 permit TCP source 192.168.0.1 0 destination-port eq www time-range tr1
rule 1 permit TCP source 192.168.0.1 0 destination-port eq www time-range tr2
#
interface Ethernet1/0/1
traffic-redirect inbound ip-group 3000 rule 0 interface Ethernet1/0/2
traffic-statistic inbound ip-group 3000 rule 1
#
time-range tr2 00:00 to 08:30 working-day
time-range tr2 18:00 to 24:00 working-day
time-range tr2 00:00 to 24:00 off-day
time-range tr1 08:30 to 18:00 working-day
#
Precautions
Note that:
l The ACL rules configured for traffic classification must be permit statements.
l When redirecting a packet, the switch processes the packet with the forwarding mechanism instead of leaving it intact.
l With traffic redirecting configured, the switch does not forward the packets to be redirected as usual.
l The packets received on the destination port for redirection are tagged
Configuring QoS Profile
Network Diagram
Figure 2-1 Network diagram for QoS profile configuration
Networking and Configuration Requirements
A company uses a switch (an S3600 switch in this example) to interconnect all the departments. The 802.1x protocol is used to authenticate the users and control user access to the network resources. A user named someone in the test.net domain is connected to Ethernet 1/0/1 of the switch. Its password is hello.
Applicable Product Matrix
|
Software version |
Hardware version |
|
|
S5600 series |
Release 1510, Release 1602 |
All versions |
|
S5100-EI series |
Release 2200, Release 2201 |
All versions |
|
S3600-SI/EI series |
Release 1510, Release 1602 |
All versions |
|
S3100-EI series |
Release 2104, Release 2107 |
All versions |
|
S3100-52P |
Release 1500, Release 1602 |
S3100-52P |
Configuration Procedure
1) Configuration on the AAA server
Configure authentication information and user name-to-QoS-profile mapping for the user on the AAA server. Refer to the guide to AAA Server configuration for detailed information.
2) Configuration on the switch
# Configure the IP address information of the RADIUS server as 10.11.1.1.
<H3C> system-view
[H3C] radius scheme radius1
[H3C-radius-radius1] primary authentication 10.11.1.1
[H3C-radius-radius1] primary accounting 10.11.1.1
# Configure the encryption keys as money for the switch to exchange packets with the authentication RADIUS server and the accounting RADIUS server.
[H3C-radius-radius1] key authentication money
[H3C-radius-radius1] key accounting money
# Enable the switch to remove the domain name from the fully qualified user name and then send the unqualified user name to the RADIUS sever.
[H3C-radius-radius1] user-name-format without-domain
[H3C-radius-radius1] quit
# Create the user domain test.net and specify radius1 as the RADIUS server group for the domain user.
[H3C] domain test.net
[H3C-isp-test.net] radius-scheme radius1
[H3C-isp-test.net] quit
# Create advanced ACL 3000 and define a classification rule to match IP packets destined for any IP address.
[H3C] acl number 3000
[H3C-acl-adv-3000] rule 1 permit ip destination any
[H3C-acl-adv-3000] quit
# Configure a QoS profile to limit the rate of the conforming traffic to 128 kbps and drop the packets exceeding the rate limit.
[H3C] qos-profile example
[H3C-qos-profile-example] traffic-limit inbound ip-group 3000 128 exceed drop
# Enable 802.1x.
[H3C] dot1x
[H3C] dot1x interface Ethernet 1/0/1
Complete Configuration
#
dot1x
#
radius scheme system
radius scheme radius1
server-type standard
primary authentication 10.11.1.1
primary accounting 10.11.1.1
key authentication money
key accounting money
user-name-format without-domain
#
domain system
domain test.net
scheme radius-scheme radius1
#
acl number 3000
rule 0 permit IP
#
qos-profile example
traffic-limit inbound ip-group 3000 rule 0 128 exceed drop
#
interface Ethernet1/0/1
dot1x
#
Precautions
Note that:
l A QoS profile can be applied manually or dynamically. You can use the apply qos-profile profile-name command to manually apply a QoS profile to a port. You can also combine a QoS profile with the 802.1x authentication function to provide the pre-defined QoS function for a user or a group of users that have passed authentication.
l Depending on the 802.1x authentication mode, dynamic QoS profile application mode can be user-based or port-based. The user-based mode is the default mode.
l If the traffic classification rules of a QoS profile take source information (including source MAC, source IP, VLAN) as the match criterion, the QoS profile cannot be applied in the user-based mode.
l Currently, the QoS profile function provides packet filtering, traffic policing, and priority marking.
l The granularity of traffic policing is 64 kbps. If the value you input is in the range of N × 64 to (N + 1) × 64 (where N is a natural number), the switch sets the value to (N + 1) × 64 kbps automatically.
