- Table of Contents
-
- H3C S3600 Command Manual-Release 1602(V1.02)
- 00-1Cover
- 01-CLI Command
- 02-Login Command
- 03-Configuration File Management Command
- 04-VLAN Command
- 05-IP Address and Performance Command
- 06-Voice VLAN Command
- 07-GVRP Command
- 08-Port Basic Configuration Command
- 09-Link Aggregation Command
- 10-Port Isolation Command
- 11-Port Security-Port Binding Command
- 12-DLDP Command
- 13-MAC Address Table Management Command
- 14-Auto Detect Command
- 15-MSTP Command
- 16-Routing Protocol Command
- 17-Multicast Command
- 18-802.1x and System Guard Command
- 19-AAA Command
- 20-Web Authentication Command
- 21-MAC Address Authentication Command
- 22-VRRP Command
- 23-ARP Command
- 24-DHCP Command
- 25-ACL Command
- 26-QoS-QoS Profile Command
- 27-Web Cache Redirection Command
- 28-Mirroring Command
- 29-IRF Fabric Command
- 30-Cluster Command
- 31-PoE-PoE Profile Command
- 32-UDP Helper Command
- 33-SNMP-RMON Command
- 34-NTP Command
- 35-SSH Command
- 36-File System Management Command
- 37-FTP-SFTP-TFTP Command
- 38-Information Center Command
- 39-System Maintenance and Debugging Command
- 40-VLAN-VPN Command
- 41-HWPing Command
- 42-IPv6 Management Command
- 43-DNS Command
- 44-Smart Link-Monitor Link Command
- 45-Access Management Command
- 46-Appendix
- Related Documents
-
Title | Size | Download |
---|---|---|
26-QoS-QoS Profile Command | 195.04 KB |
Table of Contents
display qos cos-local-precedence-map
display qos-interface line-rate
display qos-interface mirrored-to
display qos-interface traffic-limit
display qos-interface traffic-priority
display qos-interface traffic-redirect
display qos-interface traffic-remark-vlanid
display qos-interface traffic-statistic
protocol-priority protocol-type
2 QoS Profile Configuration Commands
QoS Profile Configuration Commands
The following commands were added:
l VLAN mapping related commands: display qos-interface traffic-remark-vlanid and section traffic-remark-vlanid.
l Commands related to port rate limiting and traffic policing: line-rate and section traffic-limit.
l VLAN-based priority marking command: traffic-priority vlan.
l The command for redirecting traffic to an aggregation group and removing outer VLAN tags when redirecting traffic to the specified port/aggregation group. Refer to traffic-redirect.
l The command enabling the burst function. Refer to burst-mode enable.
QoS Commands
burst-mode enable
Syntax
burst-mode enable
undo burst-mode enable
View
System view
Parameters
None
Description
Use the burst-mode enable command to enable the burst function.
Use the undo burst-mode enable command to disable the burst function.
By default, the burst function is disabled.
The burst function improves packet buffering and forwarding performance in the following scenarios:
l Dense broadcast or multicast traffic and massive burst traffic are present.
l High-speed traffic is forwarded over a low-speed link or traffic received from multiple interfaces at the same speed is forwarded through an interface at the same speed.
By enabling the burst function on your switch, you can improve the processing performance of the switch operating in the above scenarios and thus drop packet loss rate.
l For packets to be forwarded properly, you must not enable the burst function when the IRF function is enabled. Refer to IRF Fabric Operation for detailed information about IRF.
l Because the burst function may affect the QoS performance of your switch, you must make sure that you are fully aware of the impacts when enabling the burst function.
Examples
# Enable the burst function.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] burst-mode enable
display protocol-priority
Syntax
display protocol-priority
View
Any view
Parameters
None
Description
Use the display protocol-priority command to display the list of protocol priorities you assigned with the protocol-priority command.
An S3600 series switch supports setting priorities for certain protocol packets generated by it. The supported protocols are Telnet, SNMP, ICMP, and OSPF. Depending on your configuration, the IP or DSCP precedence is displayed for a specified protocol.
Related commands: protocol-priority.
Examples
# Display the list of protocol priorities manually specified.
<Sysname> display protocol-priority
Protocol: ospf
IP-Precedence: routine(0)
Protocol: telnet
DSCP: be(0)
Table 1-1 Description on the fields of the display protocol-priority command
Field |
Description |
Protocol: ospf |
Indicate that a priority has been set for OSPF packets with the protocol-priority command. |
IP-Precedence: routine(0) |
An IP precedence has been assigned to OSPF packets. The assigned IP precedence is 0, that is, routine in words. For information about the IP precedence range, refer to Table 1-6. |
Protocol: telnet |
Indicate that a priority has been set for Telnet packets with the protocol-priority command. |
DSCP: be(0) |
A DSCP precedence has been assigned to Telnet packets. The assigned value is 0, that is, be in words. For information about the DSCP precedence range, refer to Table 1-7. |
display qos cos-local-precedence-map
Syntax
display qos cos-local-precedence-map
View
Any view
Parameters
None
Description
Use the display qos cos-local-precedence-map command to display the 802.1p priority-to-local precedence mapping, illustrated by an 802.1p priority-to-local precedence mapping table as shown in the following example.
After a packet enters a switch, the switch sets the 802.1p priority and local precedence for the packet according to its own capability and the corresponding rules. The local precedence is locally significant precedence that the switch assigns to the packet. It corresponds to an output queue. Packets with higher local precedence values take precedence over those with lower precedence values and will be processed preferentially.
Related commands: qos cos-local-precedence-map.
Examples
# Display the 802.1p priority-to-local precedence mapping.
<Sysname> display qos cos-local-precedence-map
cos(802.1p) : 0 1 2 3 4 5 6 7
------------------------------------------------------------------------
local precedence(queue) : 2 0 1 3 4 5 6 7
display qos-interface all
Syntax
display qos-interface { interface-type interface-number | unit-id } all
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of a port, for which QoS configuration information is to be displayed.
unit-id: Unit ID of the switch whose QoS-related configuration is to be displayed. Table 1-2 shows the value range for the unit-id argument.
Table 1-2 The value range for the unit-id argument
For a switch not in a fabric |
For a switch in a fabric |
Always 1 |
The unit ID ranges from 1 to 8, depending on the unit ID of the switch in the fabric. For example, if two switches form a fabric, with the unit IDs being 3 and 5 respectively, the unit IDs of the two switches can only be 3 and 5. |
Description
Use the display qos-interface all command to display all the QoS-related configuration settings of a port or a unit.
Examples
# Display all the QoS-related configuration of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet 1/0/1 all
Ethernet1/0/1: traffic-limit
Inbound:
Matches: Acl 2000 rule 0 running
Effect mode: Union effect
Egress port: Ethernet1/0/2
Target rate: 64 Kbps
Burst bucket size: 16 Kbyte
Exceed action: remark-dscp cs7
Ethernet1/0/1: traffic-priority
Inbound:
Matches: Acl 2000 rule 0 running
Priority action: dscp cs6
Ethernet1/0/1: traffic-redirect
Inbound:
Matches: Acl 2000 rule 0 running
Redirected to: interface Ethernet1/0/2
Ethernet1/0/1: traffic-statistic
Inbound:
Matches: Acl 2000 rule 0 running
6 packets inprofile
0 packet outprofile
Ethernet1/0/1: mirrored-to
Inbound:
Matches: Acl 2000 rule 0 running
Mirrored to: monitor interface
Ethernet1/0/1: line-rate
Inbound: 64 Kbps
Burst bucket size: 16 Kbyte
Ethernet1/0/1:
Queue scheduling mode: weighted round robin
weight of queue 0: 1
weight of queue 1: 2
weight of queue 2: 3
weight of queue 3: 4
weight of queue 4: 5
weight of queue 5: 9
weight of queue 6: 13
weight of queue 7: 15
Ethernet1/0/1: traffic-remark-vlanid
Inbound:
Matches: Acl 2000 rule 0 running
Remark vlan: 2
Table 1-3 Description on the fields of the display qos-interface all command
Field |
Description |
Ethernet1/0/1 |
QoS functions configured on a port, including l traffic-limit, traffic policing configuration l traffic-priority, priority marking configuration l traffic-redirect, traffic redirecting configuration l traffic-statistic, traffic accounting configuration l mirrored-to, traffic mirroring configuration l line-rate, port speed limit configuration l traffic-remark-vlanid, VLAN mapping configuration |
Inbound |
Packet direction |
Matches |
ACL rules for traffic classifying |
Effect mode |
Union effect, indicating that the ACL referenced in the traffic-limit command takes effect together with the other ACLs applied to the port. |
Egress port |
The specified egress port |
Target rate |
Traffic policing target rate, in kbps |
Bucket burst size |
Maximum burst traffic size allowed, in KB |
Exceed action |
Action to take for exceeding packets: l drop: Drops the packets. l remark-dscp: Re-marks the DSCP precedence of the packets and forwards the packets. |
Priority action |
Priority marking action, which can be: l cos: Sets 802.1p precedence for packets. l dscp: Sets DSCP precedence for packets. l ip-precedence: Sets IP precedence for packets. l local-precedence: Sets local precedence for packets. |
Redirected to |
l “interface” indicates that the packets are redirected to the port. l “cpu” indicates that the packets are redirected to the CPU. l “link-aggregation-group” indicates that the packets are redirected to the aggregation group. |
inprofile |
Statistics about the packets within the traffic limit |
outprofile |
Statistics about the packets beyond the traffic limit |
Mirrored to |
l “monitor interface” indicates that the packets are duplicated to a port. l “cpu” indicates that the packets are duplicated to the CPU. |
Queue scheduling mode |
Queue scheduling algorithm, which can be: l strict priority l weighted round robin (WRR) l weighted fair queuing (WFQ) |
Remark vlan |
Target VLAN ID used in VLAN mapping |
display qos-interface line-rate
Syntax
display qos-interface { interface-type interface-number | unit-id } line-rate
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of the port, of which the line rate configuration is to be displayed.
unit-id: Unit ID of the switch for which line rate configuration is to be displayed. For the value range for the unit-id argument, refer to Table 1-2.
Description
Use the display qos-interface line-rate command to display the line rate configuration of a port or the ports on a unit.
Related commands: line-rate.
Examples
# Display the line rate configuration of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet 1/0/1 line-rate
Ethernet1/0/1: line-rate
Inbound: 128 Kbps
Burst bucket size: 16 Kbyte
Refer to Table 1-3 for the description on the output fields.
display qos-interface mirrored-to
Syntax
display qos-interface { interface-type interface-number | unit-id } mirrored-to
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of a port for which traffic mirroring configuration is to be displayed.
unit-id: Unit ID of the switch for which traffic mirroring configuration is to be displayed. For the value range for the unit-id argument, refer to Table 1-2.
Description
Use the display qos-interface mirrored-to command to display the traffic mirroring configuration of a port or a unit.
Related commands: mirrored-to.
Examples
# Display the traffic mirroring configuration of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet1/0/1 mirrored-to
Ethernet1/0/1: mirrored-to
Inbound:
Matches: Acl 2000 rule 0 running
Mirrored to: monitor interface
Refer to Table 1-3 for the description on the output fields.
display qos-interface traffic-limit
Syntax
display qos-interface { interface-type interface-number | unit-id } traffic-limit
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of a port for which traffic policing configuration is to be displayed.
unit-id: Unit ID of the switch whose traffic policing configuration is to be displayed. For the value range for the unit-id argument, refer to Table 1-2.
Description
Use the display qos-interface traffic-limit command to display the traffic policing configuration of a port or a unit.
Related commands: traffic-limit.
Examples
# Display the traffic policing configuration of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet1/0/1 traffic-limit
Ethernet1/0/1: traffic-limit
Inbound:
Matches: Acl 3000 rule 1 running
Effect mode: Union effect
Egress port: Ethernet1/0/2
Target rate: 640 Kbps
Burst bucket size: 16 Kbyte
Exceed action: remark-dscp cs7
Refer to Table 1-3 for the description on the output fields.
display qos-interface traffic-priority
Syntax
display qos-interface { interface-type interface-number | unit-id } traffic-priority
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of a port for which priority marking configuration is to be displayed.
unit-id: Unit ID of the switch whose priority marking configuration is to be displayed. For the value range for the unit-id argument, refer to Table 1-2.
Description
Use the display qos-interface traffic-priority command to display the priority marking configuration of a port or a unit.
Related commands: traffic-priority.
Examples
# Display the priority marking configuration of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet1/0/1 traffic-priority
Ethernet1/0/1: traffic-priority
Inbound:
Matches: Acl 2000 rule 0 running
Priority action: dscp ef
Refer to Table 1-3 for the description on the output fields.
display qos-interface traffic-redirect
Syntax
display qos-interface { interface-type interface-number | unit-id } traffic-redirect
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of a port for which traffic redirecting configuration is to be displayed.
unit-id: Unit ID of the switch whose traffic redirecting configuration is to be displayed. For the value range for the unit-id argument, refer to Table 1-2.
Description
Use the display qos-interface traffic-redirect command to display the traffic redirecting configuration of a port or a unit.
Related commands: traffic-redirect.
Examples
# Display the traffic redirecting configuration of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet1/0/1 traffic-redirect
Ethernet1/0/1: traffic-redirect
Inbound:
Matches: Acl 3000 rule 0 running
Redirected to: interface Ethernet1/0/2
Refer to Table 1-3 for the description on the output fields.
display qos-interface traffic-remark-vlanid
Syntax
display qos-interface { interface-type interface-number | unit-id } traffic-remark-vlanid
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of a port for which VLAN mapping configuration is to be displayed.
unit-id: Unit ID of the switch whose VLAN mapping configuration is to be displayed. For the value range for the unit-id argument, refer to Table 1-2.
Description
Use the display qos-interface traffic-remark-vlanid command to display the VLAN mapping configuration of a port or a unit.
Related commands: traffic-remark-vlanid.
Examples
# Display the VLAN mapping configuration of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet1/0/1 traffic-remark-vlanid
Ethernet1/0/1: traffic-remark-vlanid
Inbound:
Matches: Acl 4000 rule 0 running
Remark vlan: 101
Refer to Table 1-3 for the description on the output fields.
display qos-interface traffic-statistic
Syntax
display qos-interface { interface-type interface-number | unit-id } traffic-statistic
View
Any view
Parameters
interface-type interface-number: Specifies the type and number of a port for which traffic accounting configuration is to be displayed.
unit-id: Unit ID of the switch for which traffic accounting configuration and traffic statistics are to be displayed. For the value range for the unit-id argument, refer to Table 1-2.
Description
Use the display qos-interface traffic-statistic command to display the traffic accounting configuration and traffic statistics of a port or a unit.
Related commands: traffic-statistic.
Examples
# Display the traffic accounting configuration and traffic statistics of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet1/0/1 traffic-statistic
Ethernet1/0/1: traffic-statistic
Inbound:
Matches: Acl 2000 rule 2 running
6 packets inprofile
0 packet outprofile
Refer to Table 1-3 for the description on the output fields.
display queue-scheduler
Syntax
display queue-scheduler
View
Any view
Parameters
None
Description
Use the display queue-scheduler command to display the global queue scheduling configuration.
This command does not display the weight or bandwidth set for a queue in port view. To display the setting, you can perform the display this command in port view.
Related commands: queue-scheduler.
Examples
# Display the global queue scheduling configuration.
<Sysname> display queue-scheduler
Queue scheduling mode: weighted round robin
weight of queue 0: 1
weight of queue 1: 2
weight of queue 2: 3
weight of queue 3: 4
weight of queue 4: 5
weight of queue 5: 9
weight of queue 6: 13
weight of queue 7: 15
Refer to Table 1-3 for the description of the output fields.
line-rate
Syntax
line-rate { inbound | outbound } target-rate [ burst-bucket burst-bucket-size ]
undo line-rate{ inbound | outbound }
View
Ethernet port view
Parameters
inbound: Limits the inbound packet rate.
outbound: Limits the outbound packet rate.
target-rate: Total target rate (in kbps). The range of this argument varies with port type as follows:
l Fast Ethernet port: 64 to 99,968;
l GigabitEthernet port: 64 to 1,000,000.
The granularity of port rate limit is 64 kbps. Assume that the value you provide for the target-rate argument is in the range N*64 to (N+1)*64 (N is a natural number), it will be rounded off to (N+1)*64.
burst-bucket burst-bucket-size: Specifies the maximum burst traffic size (in KB). This is the buffer size provided for burst traffic while traffic is being forwarding or received at the rate of target-rate. The burst-bucket-size argument must be an integer power of 2, in the range of 4 to 512. If it is not specified, 512 KB applies by default.
Description
Use the line-rate command to limit the rate of the inbound or outbound packets on a port.
Use the undo line-rate command to cancel the line rate configuration.
Compared to traffic policing, line rate applies to all the inbound or outbound packets passing through a port and thus a simpler solution when you only want to limit the rate of all the inbound or outbound packets passing through a port as a whole.
Related commands: display qos-interface line-rate.
Examples
# Limit the inbound packet rate to 128 kbps on Ethernet 1/0/1 and provide 32 KB of buffer for burst traffic.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] interface Ethernet1/0/1
[Sysname-Ethernet1/0/1] line-rate inbound 128 burst-bucket 32
# Display the line rate configuration of Ethernet 1/0/1.
[Sysname-Ethernet1/0/1] display qos-interface Ethernet 1/0/1 line-rate
Ethernet1/0/1: line-rate
Inbound: 128 Kbps
Burst bucket size: 32 Kbyte
mirrored-to
Syntax
mirrored-to { inbound | outbound } acl-rule { monitor-interface | cpu }
undo mirrored-to { inbound | outbound } acl-rule
View
Ethernet port view
Parameters
inbound: Duplicates inbound packets.
outbound: Duplicates outbound packets.
acl-rule: ACL rules to be used for traffic classification. This argument can be a combination of multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the ACL rules referenced must be those defined with the permit keyword.
Table 1-4 Ways of applying combined ACL rules
ACL combination |
Form of the acl-rule argument |
Apply a basic or advanced Layer 3 ACL |
ip-group acl-number |
Apply a rule in an Layer 3 ACL |
ip-group acl-number rule rule-id |
Apply all the rules in a Layer 2 ACL |
link-group acl-number |
Apply a rule in a Layer 2 ACL |
link-group acl-number rule rule-id |
Apply all the rules in a user-defined ACL |
user-group acl-number |
Apply a rule in a user-defined ACL |
user-group acl-number rule rule-id |
Apply a rule in an Layer 3 ACL and a rule in a Layer 2 ACL |
ip-group acl-number rule rule-id link-group acl-number rule rule-id |
Table 1-5 Description on the parameters used in Table 1-4
Parameter |
Description |
ip-group acl-number |
Specifies the number of a basic or advanced ACL, in the range 2000 to 3999. |
link-group acl-number |
Specifies the number of a Layer 2 ACL, in the range 4000 to 4999. |
User-group acl-number |
Specifies the number of a user-defined ACL, in the range 5000 to 5999. |
Rule-id |
ACL rule number, in the range 0 to 65534. If this argument is not provided, all the rules in the ACL are specified. |
monitor-interface: Duplicates packets to the specified destination port (the monitor port).
cpu: Duplicates packets to the CPU.
Description
Use the mirrored-to command to configure traffic mirroring.
Use the undo mirrored-to command to cancel the configuration.
Traffic monitoring provides a finer mirroring granularity than port mirroring, which mirrors all traffic passing through a port. For detailed information about port mirroring, refer to the part talking about mirroring.
Note that:
l If you mirror traffic to the CPU, you do not need to configure a monitor port.
l If you mirror traffic to a port, you must configure a monitor port with the mirroring-group monitor-port command or the monitor-port command. For information about the two commands, refer to the part talking about mirroring.
l Traffic mirroring and local port mirroring share the same monitor port.
Related commands: display qos-interface mirrored-to.
Examples
# Configure traffic mirroring on Ethernet 1/0/1, duplicating the inbound packets sourced from IP address 1.1.1.1 to Ethernet 1/0/4.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 1.1.1.1 0
[Sysname-acl-basic-2000] quit
[Sysname] interface Ethernet 1/0/4
[Sysname-Ethernet1/0/4] monitor-port
[Sysname-Ethernet1/0/4] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] mirrored-to inbound ip-group 2000 monitor-interface
[Sysname-Ethernet1/0/1] quit
# Configure traffic mirroring on Ethernet 1/0/2, duplicating the inbound packets matching ACL 2000 to the CPU.
[Sysname] interface Ethernet 1/0/2
[Sysname-Ethernet1/0/2] mirrored-to inbound ip-group 2000 cpu
[Sysname-Ethernet1/0/2] return
# Display the traffic mirroring configuration of Ethernet 1/0/1 and Ethernet 1/0/2.
<Sysname> display qos-interface Ethernet 1/0/1 mirrored-to
Ethernet1/0/1: mirrored-to
Inbound:
Matches: Acl 2000 rule 0 running
Mirrored to: monitor interface
<Sysname> display qos-interface Ethernet 1/0/2 mirrored-to
Ethernet1/0/2: mirrored-to
Inbound:
Matches: Acl 2000 rule 0 running
Mirrored to: cpu
priority
Syntax
priority priority-level
undo priority
View
Ethernet port view
Parameters
priority-level: Port priority, ranging from 0 to 7.
Description
Use the priority command to configure trusting port priority and set the priority of the port.
Use the undo priority command to restore the default.
By default, port priority is trusted and the priority of an Ethernet port is 0.
After you execute the priority command on a port, the port priority rather than the 802.1p priority of each inbound 802.1q-tagged packet is used to identify the matching local precedence for the packet (in the 802.1p-precedence-to-local precedence mapping table). Then, the packet is assigned to the output queue corresponding to the local precedence.
If the priority command, the priority trust command, and the undo priority command are configured on the same port, the command configured the last applies.
Related commands: priority trust.
Examples
# Configure Ethernet 1/0/1 to trust its port priority and set the priority of Ethernet 1/0/1 to 6.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] interface Ethernet1/0/1
[Sysname-Ethernet1/0/1] priority 6
priority trust
Syntax
priority trust
undo priority
View
Ethernet port view
Parameters
None
Description
Use the priority trust command to configure the switch to trust the 802.1p priority of an inbound packet.
Use the undo priority command to restore the default settings.
By default, port priority is trusted and the priority of a port is 0.
After you execute the priority trust command on a port, the 802.1p priority of each inbound 802.1q-tagged packet is used to identify the matching local precedence for the packet (in the 802.1p-precedence-to-local precedence mapping table). Then, the packet is assigned to the output queue corresponding to the local precedence.
If the priority command, the priority trust command, and the undo priority command are configured on the same port, the command configured the last applies.
Related commands: priority.
Examples
# Configure the switch to trust the 802.1p priority of 802.1q-tagged packets on Ethernet 1/0/1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] interface Ethernet1/0/1
[Sysname-Ethernet1/0/1] priority trust
protocol-priority protocol-type
Syntax
protocol-priority protocol-type protocol-type { ip-precedence ip-precedence | dscp dscp-value }
undo protocol-priority protocol-type protocol-type
View
System view
Parameters
protocol-type protocol-type: Specifies the protocol type, which could be Telnet, SNMP, ICMP, or OSPF.
ip-precedence ip-precedence: Specifies an IP precedence in digits for the specified protocol, in the range 0 to 7. Alternatively, you can specify the IP precedence in words; available keywords are listed in Table 1-6.
Table 1-6 IP precedence values in words and in digits
IP precedence (in words) |
IP precedence (in digits) |
routine |
0 |
priority |
1 |
immediate |
2 |
flash |
3 |
flash-override |
4 |
critical |
5 |
internet |
6 |
network |
7 |
dscp dscp-value: Specifies an DSCP precedence in digits for the specified protocol, in the range of 0 to 63. Alternatively, you can specify the DSCP precedence in words; available keywords are listed in Table 1-7.
Table 1-7 DSCP precedence values in words and in digits
DSCP precedence (in words) |
DSCP precedence (in digits) |
af11 |
10 |
af12 |
12 |
af13 |
14 |
af21 |
18 |
af22 |
20 |
af23 |
22 |
af31 |
26 |
af32 |
28 |
af33 |
30 |
af41 |
34 |
af42 |
36 |
af43 |
38 |
be (the default) |
0 |
cs1 |
8 |
cs2 |
16 |
cs3 |
24 |
cs4 |
32 |
cs5 |
40 |
cs6 |
48 |
cs7 |
56 |
ef |
46 |
Description
Use the protocol-priority command to set the global IP precedence or DSCP precedence for the specified type of protocol packets generated by the current switch.
Use the undo protocol-priority command to cancel the configuration.
By default, the IP precedence and the DSCP precedence are 0 for all protocol packets generated by the current switch.
Related commands: display protocol-priority.
l On an S3600-EI switch, you can set priority for protocol packets of Telnet, OSPF, SNMP, and ICMP.
l On an S3600-SI switch, you can set priority for protocol packets of Telnet, SNMP, and ICMP.
Examples
# Set the IP precedence to 3 for SNMP protocol packets.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] protocol-priority protocol-type snmp ip-precedence 3
# Set the DSCP precedence of Telnet packets to 30, corresponding to the keyword af33.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] protocol-priority protocol-type telnet dscp af33
qos cos-local-precedence-map
Syntax
qos cos-local-precedence-map cos0-map-local-prec cos1-map-local-prec cos2-map-local-prec cos3-map-local-prec cos4-map-local-prec cos5-map-local-prec cos6-map-local-prec cos7-map-local-prec
undo qos cos-local-precedence-map
View
System view
Parameters
cos0-map-local-prec: Local precedence to which 802.1p 0 is to be mapped, in the range 0 to 7.
cos1-map-local-prec: Local precedence to which 802.1p 1 is to be mapped, in the range 0 to 7.
cos2-map-local-prec: Local precedence to which 802.1p 2 is to be mapped, in the range 0 to 7.
cos3-map-local-prec: Local precedence to which 802.1p 3 is to be mapped, in the range 0 to 7.
cos4-map-local-prec: Local precedence to which 802.1p 4 is to be mapped, in the range 0 to 7.
cos5-map-local-prec: Local precedence to which 802.1p 5 is to be mapped, in the range 0 to 7.
cos6-map-local-prec: Local precedence to which 802.1p 6 is to be mapped, in the range 0 to 7.
cos7-map-local-prec: Local precedence to which 802.1p 7 is to be mapped, in the range 0 to 7.
Description
Use the qos cos-local-precedence-map command to configure the 802.1p priority-to-local precedence mapping.
Use the undo qos cos-local-precedence-map command to restore the default settings.
Table 1-8 lists the default 802.1p priority-to-local precedence mapping.
Table 1-8 The default 802.1p priority-to-local precedence mapping
802.1p priority |
Local precedence |
0 |
2 |
1 |
0 |
2 |
1 |
3 |
3 |
4 |
4 |
5 |
5 |
6 |
6 |
7 |
7 |
Related commands: display qos cos-local-precedence-map.
Examples
# Configure the 802.1p priority-to-local precedence mapping table as follows: 0 to 0, 1 to 1, 2 to 2, 3 to 3, 4 to 4, 5 to 5, 6 to 6, and 7 to 7.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] qos cos-local-precedence-map 0 1 2 3 4 5 6 7
# Display the current 802.1p priority-to-local precedence mapping table.
[Sysname] display qos cos-local-precedence-map
cos-local-precedence-map:
cos(802.1p) : 0 1 2 3 4 5 6 7 --------------------------------------------------------------------------
local precedence(queue) : 0 1 2 3 4 5 6 7
queue-scheduler
Syntax
In system view
queue-scheduler { strict-priority | wfq queue0-width queue1-width queue2-width queue3-width queue4-width queue5-width queue6-width queue7-width | wrr queue0-weight queue1-weight queue2-weight queue3-weight queue4-weight queue5-weight queue6-weight queue7-weight }
undo queue-scheduler
In Ethernet port view
queue-scheduler { wfq queue0-width queue1-width queue2-width queue3-width queue4-width queue5-width queue6-width queue7-width | wrr queue0-weight queue1-weight queue2-weight queue3-weight queue4-weight queue5-weight queue6-weight queue7-weight }
undo queue-scheduler
View
System view, Ethernet port view
Parameters
strict-priority: Uses the Strict Priority (SP) algorithm for queue scheduling.
wfq: Uses the Weighted Fair Queuing (WFQ) algorithm for queue scheduling.
queue0-width queue1-width queue2-width queue3-width queue4-width queue5-width queue6-width queue7-width: Customizes the bandwidth values to be allocated for queues 0 through 7, in kbps. In system view, the bandwidth ranges from 0 to 99968. The bandwidth varies with the port type as follows.
l Fast Ethernet port: 0 to 99968;
l Gigabit Ethernet port: 0 to 1000000.
Bandwidth granularity is 64 kbps. Assume that the value provided is in the range N*64 to (N+1)*64 (N is a natural number), it will be round off to (N+1)*64 automatically. A value of 0 means the corresponding queue adopts the SP algorithm for queue scheduling.
wrr: Uses the Weighted Round Robin (WRR) algorithm for queue scheduling.
queue0-weight queue1-weight queue2-weight queue3-weight queue4-weight queue5-weight queue6-weight queue7-weight: Customizes the weights to be assigned to queues 0 through 7. The value ranges from 0 to 15 in both system view and Ethernet port view. A value of 0 means the corresponding queue adopts the SP algorithm for queue scheduling.
Description
Use the queue-scheduler command to configure the queue scheduling algorithm and the related parameters.
Use the undo queue-scheduler command to restore the default.
By default, the WRR algorithm is used for all the output queues of a port. The default weights of queues 0 through 7 are 1, 2, 3, 4, 5, 9, 13, and 15, as shown in Table 1-9.
Table 1-9 The default weights for queues
Queue ID |
Weight |
0 |
1 |
1 |
2 |
2 |
3 |
3 |
4 |
4 |
5 |
5 |
9 |
6 |
13 |
7 |
15 |
A port of an S3600 Ethernet switch supports eight output queues, to which these queue scheduling algorithms are applicable: SP, WRR, and WFQ. With WRR (or WFQ) adopted, if you set the weight or the bandwidth of one or multiple queues to 0, the device will add the queue or these queues to the SP group, where SP is adopted. For other queues, WRR (or WFQ) still applies. In this case, both SP and WRR (or WFQ) are adopted.
Note that:
l The queue scheduling algorithm specified by executing the queue-scheduler command in system view takes effect on all the ports. The queue scheduling algorithm configured in port view must be the same as that configured in system view. Otherwise, the system will prompt configuration errors. For example, if you configure queues 0 and 2 to adopt SP and queues 3 through 7 to adopt WRR in system view, you can modify the weights of queues 3 through 7 in port view but cannot modify the queue scheduling algorithm of any queue in port view.
l If the weight (or bandwidth value) specified in system view for a queue of WRR queuing or WFQ queuing cannot meet the requirement of a port, you can modify the weight (or bandwidth value) for this port in the corresponding Ethernet port view. The new weight (or bandwidth value) takes effect only on the port while the weights on the other ports remain as set in system view.
l If the weight (or bandwidth value) specified in system view for a queue of SP-WRR queuing or SP-WFQ queuing in the command cannot meet the requirement of a port, you can modify the weight (or bandwidth value) for this port in the corresponding Ethernet port view. The new weight (or bandwidth value) takes effect only on the port.
l The display queue-scheduler command cannot display the queue weights (or bandwidth values) specified in Ethernet port view. To do that, use the display this command in the corresponding port view or the display current-configuration interface command in any view. Note that the two commands display the queue scheduling configuration only when the configuration of a port is different from the global configuration.
Related commands: display queue-scheduler.
Examples
# Configure WRR as the queuing algorithm and set the weights of queues 0 through 7 to 2, 2, 4, 4, 6, 6, 8, and 8 globally in system view.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] queue-scheduler wrr 2 2 4 4 6 6 8 8
# Configure Ethernet 1/0/1 to adopt the WRR queue scheduling algorithm, setting the weights of queue 0 through queue 7 to 1, 2, 3, 4, 5, 6, 7, and 8.
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] queue-scheduler wrr 1 2 3 4 5 6 7 8
# Display the global queue scheduling configuration.
[Sysname-Ethernet1/0/1] display queue-scheduler
Queue scheduling mode: weighted round robin
weight of queue 0: 2
weight of queue 1: 2
weight of queue 2: 4
weight of queue 3: 4
weight of queue 4: 6
weight of queue 5: 6
weight of queue 6: 8
weight of queue 7: 8
# Display the queue scheduling configuration on Ethernet 1/0/1.
[Sysname-Ethernet1/0/1] display this
#
interface Ethernet1/0/1
queue-scheduler wrr 1 2 3 4 5 6 7 8
#
return
reset traffic-statistic
Syntax
reset traffic-statistic inbound acl-rule
View
Ethernet port view
Parameters
inbound: Specifies to clear the statistics of the inbound packets on the port.
acl-rule: ACL rules to be applied. This argument can be the combination of multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5.
Description
Use the reset traffic-statistic command to clear the statistics on packets matching specific ACL rules.
Related commands: traffic-statistic, display qos-interface traffic-statistic.
Examples
# Display the current traffic statistics of Ethernet 1/0/1.
<Sysname> display qos-interface Ethernet 1/0/1 traffic-statistic
Ethernet1/0/1: traffic-statistic
Inbound:
Matches: Acl 2008 rule 0 running
13775 packets inprofile
2061 packets outprofile
Matches: Acl 4008 rule 0 running
2606 packets inprofile
0 packet outprofile
# Clear the statistics about inbound packets matching ACL 2008 on Ethernet 1/0/1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] reset traffic-statistic inbound ip-group 2008
# Display the current traffic statistics of Ethernet 1/0/1.
[Sysname-Ethernet1/0/1] display qos-interface Ethernet 1/0/1 traffic-statistic
Ethernet1/0/1: traffic-statistic
Inbound:
Matches: Acl 2008 rule 0 running
0 packets inprofile
0 packet outprofile
Matches: Acl 4008 rule 0 running
2606 packets inprofile
0 packet outprofile
The output fields above show that the statistics about packets matching ACL 2008 have been cleared.
traffic-limit
Syntax
traffic-limit inbound acl-rule [ union-effect ] [ egress-port interface-type interface-number ] target-rate [ burst-bucket burst-bucket-size ] [ exceed action ]
undo traffic-limit inbound acl-rule
View
Ethernet port view
Parameters
inbound: Imposes traffic limit on the packets received through the interface.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the ACL rules referenced must be those defined with the permit keyword.
union-effect: Specifies that all the ACL rules, including those identified by the acl-rule argument in this command and those applied previously, are valid. If this keyword is not specified, traffic policing issues both the rate limiting action and the permit action at the same time, that is, traffic policing permits the conforming traffic to pass through. If this keyword is specified, traffic policing issues only the rate limiting action but not the permit action. In this case, if a packet matches both an ACL rule specified in the traffic-limit command and another previously applied ACL rule with the deny keyword specified, the packet will be dropped.
On Ethernet 1/0/1, assume that the filter command is configured to filter packets destined to IP address 2.2.2.2 and the traffic-limit command is configured to limit the rate of packets sourced from IP address 1.1.1.1 within 128 kbps. Whether packets conforming to the rate limit of 128 kbps, sourced from IP address 1.1.1.1, and destined to IP address 2.2.2.2 (referred to as packets A later) will be dropped depends on the union-effect keyword of the traffic-limit command.
l If the union-effect keyword is not specified, the traffic-limit command issues both the rate limiting action and the permit action. Whether packets A can pass through depends on the configuration order of the filter command and the traffic-limit command. If the traffic-limit command is configured after the filter command is configured, packets A can pass through; otherwise, packets A are dropped.
l If the union-effect keyword is specified, the traffic-limit command issues only the rate limiting action. Whether packets A can pass through depends on the filter command. As for this example, packets A are dropped.
egress-port interface-type interface-number: Enables traffic policing for the outbound packets of the port identified by interface-type interface-number. The interface-type interface-number argument refers to the port type and port number. If you specify this keyword-argument combination, this command applies to the outbound unicast packets that pass the port and match the ACL rules.
l When you configure the traffic policing on a port, an ACL rule can only be applied to one egress port. If you configure the same ACL rule for different egress ports, only the last configuration takes effect. To apply the same ACL rule to multiple egress ports, you need to specify different ACL numbers or rule numbers for the ACL rule.
l If the IRF function is enabled, the egress port can only be a port of the local unit. For information about IRF, refer to IRF Fabric module of this manual.
l Do not specify the egress-port keyword when configuring traffic policing on ports in an aggregation group spanning multiple units. Refer to Link Aggregation Operation for detailed information about link aggregation.
target-rate: Target packet rate (in kbps) to be set. The range of this argument varies with the port type as follows.
l Fast Ethernet port: 64 to 99,968
l Gigabit Ethernet port: 64 to 1,000,000
The granularity of rate limit is 64 kbps. If the number you input is in the range N*64 to (N+1)*64 (N is a natural number), it will be rounded off to (N+1)*64.
burst-bucket burst-bucket-size: Specifies the maximum burst traffic size (in KB) allowed. The burst-bucket-size argument ranges from 4 to 512 and defaults to 512. Note that it must be an integer power of 2.
exceed action: Specifies the action to be taken when the traffic rate exceeds the threshold. The action argument can be:
l drop: Drops the packets.
l remark-dscp value: Sets a new DSCP value for the packets and then forwards the packets.
Description
Use the traffic-limit command to enable traffic policing and set the related settings.
Use the undo traffic-limit command to disable traffic policing for packets matching specific ACL rules.
Related commands: display qos-interface traffic-limit.
Examples
# Configure traffic policing for inbound packets sourced from VLAN 200 on Ethernet 1/0/1, setting the target packet rate to 128 kbps, burst bucket size to 64 KB, and configuring to drop the packets exceeding the rate limit.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 4000
[Sysname-acl-ethernetframe-4000] rule permit source 200
[Sysname-acl-ethernetframe-4000] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] traffic-limit inbound link-group 4000 128 burst-bucket 64 exceed drop
traffic-priority
Syntax
traffic-priority { inbound | outbound } acl-rule { { dscp dscp-value | ip-precedence { pre-value | from-cos } } | cos { pre-value | from-ipprec } | local-precedence pre-value }*
undo traffic-priority { inbound | outbound } acl-rule
View
Ethernet port view
Parameters
inbound: Performs priority marking on the inbound packets.
outbound: Performs priority marking on the outbound packets.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the ACL rules referenced must be those defined with the permit keyword.
dscp dscp-value: Sets the DSCP precedence, ranging from 0 to 63. You can also provide one of the keywords listed in Table 1-7 for the dscp-value argument.
ip-precedence { pre-value | from-cos }: Sets the IP precedence. You can assign a value in digits in the range of 0 to 7 for the pre-value argument or in words as shown in Table 1-6. Alternatively, you can specify the from-cos keyword for the switch to extract the 802.1p priority for the IP precedence.
cos { pre-value | from-ipprec }: Sets the 802.1p priority. You can assign a value in digits in the range of 0 to 7 for the pre-value argument or in words as shown in Table 1-10. Alternatively, you can specify the from-ipprec keyword for the switch to extract the IP precedence for the 802.1p priority.
Table 1-10 802.1p priority values in words and in digits
802.1p priority (in words) |
802.1p priority (in digits) |
best-effort |
0 |
background |
1 |
spare |
2 |
excellent-effort |
3 |
controlled-load |
4 |
video |
5 |
voice |
6 |
network-management |
7 |
local-precedence pre-value: Sets the local precedence. The pre-value argument ranges from 0 to 7.
Description
Use the traffic-priority command to configure priority marking on a port.
Use the undo traffic-priority command to remove the priority marking configuration.
This command is used to set precedence for traffic matching a specified ACL rule:
l If 802.1p priority marking is configured, the traffic will be mapped to the local precedence corresponding to the re-marked 802.1p priority and assigned to the output queue corresponding to the local precedence.
l If local precedence marking is configured, the traffic will be assigned to the output queue corresponding to the re-marked local precedence.
l If IP precedence or DSCP marking is configured, the traffic will be marked with new IP precedence or DSCP precedence.
Do not configure 802.1p priority marking and local precedence marking for the same traffic. With 802.1p priority marking, the new 802.1p priority will be mapped to a local precedence automatically. If local precedence marking is also configured, there will be two local precedence values for the traffic, resulting in conflict. In this case, the device will display an error prompt.
Related commands: display qos-interface traffic-priority.
Examples
# Set the 802.1p priority of the inbound packets with 802.1p priority 5 to 1 on Ethernet 1/0/1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 4000
[Sysname-acl-ethernetframe-4000] rule permit cos 5
[Sysname-acl-ethernetframe-4000] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] traffic-priority inbound link-group 4000 cos 1
# Set the DSCP precedence of inbound DNS protocol packets to 16 (corresponding to the cs2 keyword) on Ethernet 1/0/1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 3000
[Sysname-acl-adv-3000] rule permit udp source-port eq dns
[Sysname-acl-adv-3000] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] traffic-priority inbound ip-group 3000 dscp cs2
# Set the 802.1p priority of inbound packets sourced from IP address 1.1.1.1 to the value of their IP precedence on Ethernet 1/0/1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 1.1.1.1 0
[Sysname-acl-basic-2000] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] traffic-priority outbound ip-group 2000 cos from-ipprec
traffic-priority vlan
Syntax
undo traffic-priority vlan vlan-id { inbound | outbound } acl-rule
View
System view
Parameters
vlan-id: VLAN ID, in the range of 1 to 4094.
inbound: Re-marks priority for the packets received on any ports in the specified VLAN.
outbound: Re-marks priority for the packets to be transmitted by any ports in the specified VLAN.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the ACL rules referenced must be those defined with the permit keyword.
dscp dscp-value: Sets the DSCP precedence, which is in the range 0 to 63. You can also provide one of the keywords listed in Table 1-7 for the dscp-value argument.
ip-precedence { pre-value | from-cos }: Sets the IP precedence. You can assign a value in digits in the range of 0 to 7 for the pre-value argument or in words as shown in Table 1-6. Alternatively, you can specify the from-cos keyword for the switch to extract the 802.1p priority for the IP precedence.
cos { pre-value | from-ipprec }: Sets the 802.1p priority. You can assign a value in digits in the range of 0 to 7 for the pre-value argument or in words as shown in Table 1-10. Alternatively, you can specify the from-ipprec keyword for the switch to extract the IP precedence for the 802.1p priority.
local-precedence pre-value: Sets the local precedence, which is in the range 0 to 7.
Description
Use the traffic-priority vlan command to configure priority marking for the packets received or transmitted by any ports in the specified VLAN.
Use the undo traffic-priority vlan command to cancel the configuration.
Related commands: traffic-priority, display qos-interface traffic-priority.
Do not configure 802.1p priority marking and local precedence marking for the same traffic. With 802.1p priority marking, the new 802.1p priority will be mapped to a local precedence automatically. If local precedence marking is also configured, there will be two local precedence values for the traffic, resulting in conflict. In this case, the device will display an error prompt.
Examples
# Set the 802.1p priority to 1 for the packets received on any ports in VLAN 2 and destined to MAC address 000F-E200-1234.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 4000
[Sysname-acl-ethernetframe-4000] rule permit cos 3 dest 000f-e200-1234 ffff-ffff-ffff
[Sysname-acl-ethernetframe-4000] quit
[Sysname] traffic-priority vlan 2 inbound link-group 4000 cos 1
traffic-redirect
Syntax
traffic-redirect { inbound | outbound } acl-rule { cpu | { interface interface-type interface-number | link-aggregation-group agg-id } [ untagged ] }
undo traffic-redirect { inbound | outbound } acl-rule
View
Ethernet port view
Parameters
inbound: Redirects inbound packets.
outbound: Redirects outbound packets.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the ACL rules referenced must be those defined with the permit keyword.
cpu: Redirects the packets to the CPU.
interface interface-type interface-number: Specifies the target port, to which the packets are to be redirected. The interface-type interface-number argument refers to the port type and port number.
link-aggregation-group agg-id: Specifies the aggregation group the traffic is to be redirected to. The agg-id argument is the ID of an aggregation group, in the range 1 to 416.
untagged: Specifies to remove the outer VLAN tag of a packet after the packet is redirected to a port or an aggregation group.
Description
Use the traffic-redirect command to configure traffic redirecting on a port.
Use the undo traffic-redirect command to remove the configuration from the port.
You can configure to redirect inbound or outbound packets matching a specified ACL rule on a port to the CPU, the specified port, or the specified aggregation group.
Related commands: display qos-interface traffic-redirect.
l Packets redirected to the CPU are not forwarded.
l If the traffic is redirected to a Combo port in down state, the system automatically redirects the traffic to the port corresponding to the Combo port in up state. Refer to Port Basic Configuration module of this manual for information about Combo ports.
l If the traffic is configured to be redirected to an aggregation group, the traffic is redirected to the master port of the aggregation group. Refer to Link Aggregation module of this manual for information about aggregation group.
l When the traffic redirecting function is used in conjunction with the selective QinQ function, you can specify the untagged keyword as required (that is, remove the outer VLAN tag of a packet after the packet is redirected to the uplink port) in a tree network with a single uplink port (or an aggregation group). Do not specify the untagged keyword in a ring network or a network with multiple uplink ports. Refer to VLAN-VPN module of this manual for information about selective QinQ.
Examples
# Redirect the inbound packets sourced from the IP network segment 1.1.1.0/24 to Ethernet 1/0/7 on Ethernet 1/0/1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 1.1.1.0 0.0.0.255
[Sysname-acl-basic-2000] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] traffic-redirect inbound ip-group 2000 interface Ethernet 1/0/7
traffic-remark-vlanid
Syntax
traffic-remark-vlanid inbound acl-rule remark-vlan remark-vlanid
undo traffic-remark-vlanid inbound acl-rule
View
Ethernet port view
Parameters
inbound: Maps the VLAN IDs carried in the inbound packets to a specified VLAN ID.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the ACL rules referenced must be those defined with the permit keyword.
remark-vlan remark-vlanid: Specified the target VLAN ID, to which the VLAN IDs of the packets matching specific ACL rules are to be mapped.
Description
Use the traffic-remark-vlanid command to enable VLAN mapping and set the target VLAN ID for packets matching specific ACL rules.
Use the undo traffic-remark-vlanid command to disable VLAN mapping for packets matching specific ACL rules.
Related commands: display qos-interface traffic-remark-vlanid.
Examples
# Enable VLAN mapping on Ethernet 1/0/1 to map the VLAN IDs of the inbound packets sourced from VLAN 5 to VLAN ID 1001.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 4000
[Sysname-acl-ethernetframe-4000] rule permit source 5
[Sysname-acl-ethernetframe-4000] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] traffic-remark-vlanid inbound link-group 4000 remark-vlan 1001
traffic-statistic
Syntax
traffic-statistic inbound acl-rule
undo traffic-statistic inbound acl-rule
View
Ethernet port view
Parameters
inbound: Enables traffic accounting for the inbound packets.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the ACL rules referenced must be those defined with the permit keyword.
Description
Use the traffic-statistic command to enable traffic accounting for packets matching specific ACL rules.
Use the undo traffic-statistic command to disable traffic accounting.
Related commands: display qos-interface traffic-statistic, reset traffic-statistic.
Examples
# Enable traffic accounting on Ethernet 1/0/1 for the inbound packets sourced from the IP network segment 1.1.1.0/24.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 1.1.1.0 0.0.0.255
[Sysname-acl-basic-2000] quit
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] traffic-statistic inbound ip-group 2000
# Display traffic statistics of Ethernet 1/0/1.
[Sysname-Ethernet1/0/1] display qos-interface Ethernet 1/0/1 traffic-statistic
Ethernet1/0/1: traffic-statistic
Inbound:
Matches: Acl 2000 rule 0 running
20787 packets inprofile
11464 packets outprofile
wred
Syntax
wred queue-index qstart probability
undo wred queue-index
View
Ethernet port view
Parameters
queue-index: Queue number in the range of 0 to 7.
qstart: Number of the packets contained in the queue, in the range 1 to 128.
probability: Dropping probability in the range of 0 to 92 (in percentage).
Description
Use the wred command to enable the WRED function.
Use the undo wred command to restore the default.
By default, the WRED function is disabled.
Examples
# Enable the WRED function for queue 2 on Ethernet 1/0/1, specifying to drop packets at random when the number of packets in queue 2 exceeds 64 and setting the dropping probability to 20%.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] interface Ethernet1/0/1
[Sysname-Ethernet1/0/1] wred 2 64 20
QoS Profile Configuration Commands
apply qos-profile
Syntax
In system view
apply qos-profile profile-name interface interface-list
undo apply qos-profile profile-name interface interface-list
In Ethernet port view
apply qos-profile profile-name
undo apply qos-profile profile-name
View
System view, Ethernet port view
Parameters
profile-name: QoS profile name, a case-insensitive string of 1 to 32 characters and starting with English letters [a-z, A-Z].
interface-list: List of Ethernet ports. You can specify multiple Ethernet ports by providing this argument in the form of interface-type interface-number [ to interface-type interface-number ].
Description
Use the apply qos-profile command to apply a QoS profile to a port in Ethernet port view or multiple ports in system view.
Use the undo apply qos-profile command to remove a QoS profile from a port in Ethernet port view or multiple ports in system view.
Examples
# Apply the QoS profile named a123 to Ethernet 1/0/1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] interface Ethernet1/0/1
[Sysname-Ethernet1/0/1] apply qos-profile a123
# Apply the QoS profile named a123 to Ethernet 1/0/1 through Ethernet 1/0/4.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] apply qos-profile a123 interface Ethernet1/0/1 to Ethernet1/0/4
display qos-profile
Syntax
display qos-profile { all | name profile-name | interface interface-type interface-number | user user-name }
View
Any view
Parameters
all: Specifies all the QoS profiles.
name profile-name: Specifies a QoS profile by its name, for which information is to be displayed. The profile-name argument is a case-insensitive string of 1 to 32 characters and must begin with an English letter (a to z, and A to Z).
interface interface-type interface-number: Specifies the type and number of a port to display the QoS profile applied on the port.
user user-name: Specifies the name of an 802.1x authentication user. The user-name argument is a string of 1 to 184 characters and in the form of aa@cc, with aa for user name and cc for domain name.
Description
Use the display qos-profile command to display the configuration of a QoS profile or all the QoS profiles.
Examples
# Display the configuration of the QoS profile named test.
<Sysname> display qos-profile name test
qos-profile: test, 3 actions
packet-filter inbound ip-group 2000 rule 0
traffic-limit inbound ip-group 3000 rule 0 64
traffic-priority inbound ip-group 4000 rule 0 cos controlled-load
# Display the configuration of the QoS profile applied to the 802.1x user abc@net.
<Sysname> display qos-profile user abc@net
User abc@net applied qos-profile: test, 3 actions
packet-filter inbound ip-group 2000 rule 0
traffic-limit inbound ip-group 3000 rule 0 64
traffic-priority inbound ip-group 4000 rule 0 cos controlled-load
# Display the configuration of the QoS profile applied to Ethernet 1/0/1, assuming that the QoS profile has been applied to Ethernet 1/0/1 manually.
<Sysname> display qos-profile interface Ethernet 1/0/1
User's qos-profile applied mode: user-based
Default applied qos-profile: test, 3 actions
packet-filter inbound ip-group 2000 rule 0
traffic-limit inbound ip-group 3000 rule 0 64
traffic-priority inbound ip-group 4000 rule 0 cos controlled-load
<H3C> display qos-profile interface Ethernet 1/0/2
User's qos-profile applied mode: port-based
User abc@net applied qos-profile: test, 3 actions
packet-filter inbound ip-group 2000 rule 0
traffic-limit inbound ip-group 3000 rule 0 64
traffic-priority inbound ip-group 4000 rule 0 cos controlled-load
Table 2-1 Description on the fields of the display qos-profile command
Field |
Description |
qos-profile: test, 3 actions |
Name of the QoS profile and the number of actions configured in the QoS profile. |
packet-filter inbound ip-group 2000 rule 0 |
Filter the inbound packets matching rule 0 of ACL 2000. |
traffic-limit inbound ip-group 3000 rule 0 64 |
Limit the rate of the inbound packets matching rule 0 of ACL 3000 to 64 kbps. |
traffic-priority inbound ip-group 4000 rule 0 cos controlled-load |
Set the 802.1p precedence of the inbound packets matching rule 0 of ACL 4000 to controlled-load (that is, 802.1p precedence 0). |
User abc@net applied qos-profile: test, 3 actions |
The QoS profile applied to 802.1x user abc@net is named test and contains three actions. |
User's qos-profile applied mode |
The QoS profile is dynamically applied and the application mode could be: l User-based, or l Port-based For detailed information about the two application modes, refer to the corresponding operation manual. |
Default applied qos-profile: test, 3 actions |
“Default” indicates that the QoS profile named test is applied to Ethernet 1/0/1 manually. The QoS profile contains three actions. |
User abc@net applied qos-profile: test, 3 actions |
The QoS profile test is applied to Ethernet 1/0/2, the access port for 802.1x user abc@net. The QoS profile contains three actions. |
packet-filter
Syntax
packet-filter { inbound | outbound } acl-rule
undo packet-filter { inbound | outbound } acl-rule
View
QoS profile view
Parameters
inbound: Filters the inbound packets.
outbound: Filters the outbound packets.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5.
Description
Use the packet-filter command to add the packet filtering action to a QoS profile.
Use the undo packet-filter command to remove the packet filtering action from a QoS profile.
Examples
# Add the packet filtering action to the QoS profile named a123 to filter the inbound packets sourced from MAC address 000F-1FD7-9528.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 4000
[Sysname-acl-ethernetframe-4000] rule deny source 000f-1fd7-9528 ffff-ffff-ffff
[Sysname-acl-ethernetframe-4000] quit
[Sysname] qos-profile a123
[Sysname-qos-profile-a123] packet-filter inbound link-group 4000
qos-profile
Syntax
qos-profile profile-name
undo qos-profile profile-name
View
System view
Parameters
profile-name: QoS profile name, a case-insensitive string of 1 to 32 characters, starting with an English letter in the range a to z and A to Z. Note that a QoS profile name cannot be all, interface, user, undo, or name.
Description
Use the qos-profile command to create a QoS profile and enter QoS profile view. If the QoS profile already exists, this command leads you to the corresponding QoS profile view.
Use the undo qos-profile command to remove a QoS profile.
To remove or modify a QoS profile already applied to a port, you must remove the QoS profile from the port first.
l If the QoS profile is applied to the port manually, use the undo apply qos-profile command to remove the QoS profile from the port.
l If the QoS profile is applied to the port dynamically, log off the user connected to the port to remove the QoS profile from the port.
Examples
# Create a QoS profile named a123.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] qos-profile a123
[Sysname-qos-profile-a123]
qos-profile port-based
Syntax
qos-profile port-based
undo qos-profile port-based
View
Ethernet port view
Parameters
None
Description
Use the qos-profile port-based command to configure the QoS profile application mode on a port to be port-based.
Use the undo qos-profile port-based command to restore the default.
By default, the application mode of a QoS profile is user-based.
Note that:
l If the 802.1x authentication is MAC-based, you need to configure the QoS profile application mode to be user-based.
l If the 802.1x authentication is port-based, you need to configure the QoS profile application mode to be port-based.
Examples
# Configure the QoS profile application mode on Ethernet 1/0/1 to be port-based.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] interface Ethernet1/0/1
[Sysname-Ethernet1/0/1] qos-profile port-based
traffic-limit
Syntax
traffic-limit inbound acl-rule [ union-effect ] [ egress-port interface-type interface-number ] target-rate [ burst-bucket burst-bucket-size ] [ exceed action ]
undo traffic-limit inbound acl-rule
View
QoS profile view
Parameters
inbound: Imposes traffic limit on the packets received through the interface.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the ACL rules referenced must be those defined with the permit keyword.
union-effect: Specifies that all the ACL rules, including those identified by the acl-rule argument in this command and those applied previously, are valid. If this keyword is not specified, traffic policing issues both the rate limiting action and the permit action at the same time, that is, traffic policing permits the conforming traffic to pass through. If this keyword is specified, traffic policing issues only the rate limiting action but not the permit action. In this case, if a packet matches both an ACL rule specified in the traffic-limit command and another previously applied ACL rule with the deny keyword, the packet will be dropped.
On Ethernet 1/0/1, assume that the filter command is configured to filter packets destined to IP address 2.2.2.2 and the traffic-limit command is configured to limit the rate of packets sourced from IP address 1.1.1.1 within 128 kbps. Whether packets conforming to the rate limit of 128 kbps, sourced from IP address 1.1.1.1, and destined to IP address 2.2.2.2 (referred to as packets A later)are dropped depends on the union-effect of the traffic-limit command.
l If the union-effect keyword is not specified, the traffic-limit command issues both the rate limiting action and the permit action. Whether packets A can pass through depends on the configuration order of the filter command and the traffic-limit command, with the latest command applying. That is, if the traffic-limit command is configured after the filter command is configured, packets A can pass through; otherwise, packets A are dropped.
l If the union-effect keyword is specified, the traffic-limit command issues only the rate limiting action. Whether packets A can pass through depends on the filter command. As for this example, packets A are dropped.
egress-port interface-type interface-number: Enables traffic policing for the outbound packets of the port identified by interface-type interface-number. If you specify this keyword, this command applies to the outbound unicast packets that pass the port and match the ACL rules.
l When you configure the traffic policing over a port, an ACL rule can only be applied to one egress port. If you configure the same ACL rule for different egress ports, only the last configuration takes effect. To apply the same ACL rule to multiple egress ports, you need to specify different ACL numbers or rule numbers for the ACL rule.
l If the IRF function is enabled, the egress port can only be a port of the local unit. For information about IRF, refer to IRF Fabric module of this manual.
l Do not specify the egress-port keyword when configuring traffic policing on ports in an aggregation group spanning multiple units. Refer to Link Aggregation Operation for detailed information about link aggregation.
target-rate: Target packet rate (in kbps) to be set, in the range 64 to 1,000,000. The granularity of rate limit is 64 kbps. If the number you input is in the ranges N*64 to (N+1)*64 (N is a natural number), it will be rounded off to (N+1)*64.
burst-bucket-size: Maximum burst traffic size (in KB) allowed, in the range 4 to 512. This argument defaults to 512 and must be an integer power of 2.
exceed action: Specifies the action to be taken when the traffic rate exceeds the threshold. The action can be:
l drop: Drops the packets.
l remark-dscp value: Sets a new DSCP value for the packets and then forwards the packets.
Description
Use the traffic-limit command to add the traffic policing action to a QoS profile.
Use the undo traffic-limit command to remove the traffic policing action from a QoS profile.
Examples
# Add traffic policing action to the QoS profile named a123 to limit the rate of the inbound packets sourced from IP address 1.1.1.1 to 128 kbps and drop the packets exceeding 128 kbps.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 1.1.1.1 0
[Sysname-acl-basic-2000] quit
[Sysname] qos-profile a123
[Sysname-qos-profile-a123] traffic-limit inbound ip-group 2000 128 exceed drop
traffic-priority
Syntax
traffic-priority { inbound | outbound } acl-rule { { dscp dscp-value | ip-precedence { pre-value | from-cos } } | cos { pre-value | from-ipprec } | local-precedence pre-value }*
undo traffic-priority { inbound | outbound } acl-rule
View
QoS profile view
Parameters
inbound: Performs priority marking on the inbound packets.
outbound: Performs priority marking on the outbound packets.
acl-rule: ACL rules to be applied for traffic classification. This argument can be the combination of multiple ACLs. For more information about this argument, refer to Table 1-4 and Table 1-5. Note that the ACL rules referenced must be those defined with the permit keyword.
dscp dscp-value: Sets the DSCP precedence, in the range 0 to 63. You can also provide one of the keywords listed in Table 1-7 for the dscp-value argument.
ip-precedence { pre-value | from-cos }: Sets the IP precedence. The pre-value argument ranges from 0 to 7. You can also provide one of the keywords listed in Table 1-6 for the pre-value argument. The from-cos keyword specifies to use the 802.1p priority as the IP precedence.
cos { pre-value | from-ipprec }: Sets the 802.1p priority. The pre-value argument is in the range 0 to 7. You can also provide one of the keywords listed in Table 1-10 for the pre-value argument. The from-ipprec keyword specifies to use the IP precedence as the 802.1p priority.
local-precedence pre-value: Sets the local precedence value, in the range of 0 to 7.
Description
Use the traffic-priority command to add a priority marking action to a QoS profile.
Use the undo traffic-priority command to remove a priority marking action from a QoS profile.
Do not configure 802.1p priority marking and local precedence marking for the same traffic. With 802.1p priority marking, the new 802.1p priority will be mapped to a local precedence automatically. If local precedence marking is also configured, there will be two local precedence values for the traffic, resulting in conflict. In this case, the device will display an error prompt.
Examples
# Add the priority marking action to the QoS profile named a123 to set the local precedence of the inbound packets sourced from IP address 1.1.1.1 to 0.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 1.1.1.1 0
[Sysname-acl-basic-2000] quit
[Sysname] qos-profile a123
[Sysname-qos-profile-a123] traffic-priority inbound ip-group 2000 local-precedence 0