Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 10-QoS Configuration | 942.33 KB |
Recommended ACL configuration procedures
Configuring a rule for an IPv4 basic ACL
Configuring a rule for an IPv4 advanced ACL
Configuring a rule for an Ethernet frame header ACL
Configuring a rule for a IPv6 basic ACL
Configuring a rule for an IPv6 advanced ACL
Recommended QoS policy configuration procedure
Configuring classification rules
Configuring actions for a traffic behavior
Configuring classifier-behavior associations for the policy
Applying a QoS policy to a WLAN service
ACL and QoS configuration example
Setting radio EDCA parameters for APs
Setting EDCA parameters for wireless clients
Configuring the bandwidth guarantee function
Wireless QoS configuration examples
CAC service configuration example
Static rate limiting configuration example
Configuring ACL and QoS
Unless otherwise stated, ACLs refer to both IPv4 and IPv6 ACLs throughout this document.
Overview
ACL overview
An access control list (ACL) is a set of rules (or permit or deny statements) for identifying traffic based on criteria such as source IP address, destination IP address, and port number.
You can use ACLs in QoS, security, and other feature modules for identifying traffic. The packet drop or forwarding decisions varies with the modules that use ACLs.
ACLs fall into the following categories.
|
Category |
ACL number |
IP version |
Match criteria |
|
Basic ACLs |
2000 to 2999 |
IPv4 |
Source IPv4 address |
|
IPv6 |
Source IPv6 address |
||
|
Advanced ACLs |
3000 to 3999 |
IPv4 |
Source IPv4 address, destination IPv4 address, packet priority, protocols over IPv4, and other Layer 3 and Layer 4 header fields |
|
IPv6 |
Source IPv6 address, destination IPv6 address, packet priority, protocols over IPv6, and other Layer 3 and Layer 4 header fields |
||
|
Ethernet frame header ACLs |
4000 to 4999 |
IPv4 and IPv6 |
Layer 2 header fields, such as source and destination MAC addresses, 802.1p priority, and link layer protocol type |
For more information about ACLs, see ACL and QoS Configuration Guide.
QoS overview
Quality of Service (QoS) is a concept concerning service demand and supply. It reflects the ability to meet customer needs. Generally, QoS does not focus on grading services precisely, but on improving services under certain conditions.
In the internet, QoS refers to the ability of the network to forward packets. The evaluation on QoS of a network can be based on different aspects because the network may provide various services. Generally, QoS refers to the ability to provide improved service by solving the core issues such as delay, jitter, and packet loss ratio in the packet forwarding process.
Traditional packet forwarding services
On traditional IP networks, devices treat all packets equally and handle them using the first in first out (FIFO) policy. All packets share the resources of the network and devices. How many resources the packets can obtain completely depends on the time they arrive. This service is called "best-effort." It delivers packets to their destinations as best as it can, without any guarantee for delay, jitter, packet loss ratio, and reliability.
This service policy is only suitable for applications insensitive to bandwidth and delay, such as WWW, file transfer and email.
New requirements from new applications
The Internet has been growing along with the fast development of networking technologies. More and more users take the Internet as their data transmission platform to implement various applications.
Besides traditional applications such as WWW, email and FTP, network users are experiencing new services, such as tele-education, telemedicine, video telephone, videoconference, and VoD. The enterprise users expect to connect their regional branches together through VPN technologies to carry out operational applications, for instance, to access the database of the company or to monitor remote devices through Telnet.
These new applications have one thing in common, and they all have special requirements for bandwidth, delay, and jitter. For instance, videoconference and VoD need large bandwidth, low delay and jitter. As for mission-critical applications, such as transactions and Telnet, they may not require large bandwidth but do require low delay and preferential service during congestion.
The new emerging applications demand higher service performance of IP networks. Better network services during packets forwarding are required, such as providing dedicated bandwidth, reducing packet loss ratio, managing and avoiding congestion, regulating network traffic, and setting the precedence of packets. To meet these requirements, networks must provide more improved services.
For more information about QoS, see ACL and QoS Configuration Guide.
Configuring an ACL
Recommended ACL configuration procedures
Recommended IPv4 basic ACL configuration procedure
IPv4 basic ACLs match packets based only on source IP addresses.
To configure an IPv4 basic ACL:
|
Step |
Remarks |
|
Optional. A rule referencing a time range takes effect only during the specified time range. |
|
|
2. Add an IPv4 basic ACL |
Required. For more information, see "Adding an ACL." |
|
Required. |
Recommended IPv4 advanced ACL configuration procedure
IPv4 advanced ACLs match packets based on source IP addresses, destination IP addresses, packet priorities, protocols over IP, and other protocol header information, such as TCP/UDP source and destination port numbers, TCP flags, ICMP message types, and ICMP message codes.
Compared to IPv4 basic ACLs, IPv4 advanced ACLs allow more flexible and accurate filtering.
To configure an IPv4 advanced ACL:
|
Step |
Remarks |
|
Optional. A rule referencing a time range takes effect only during the specified time range. |
|
|
2. Add an IPv4 advanced ACL |
Required. For more information, see "Adding an ACL." |
|
Required. |
Recommended Ethernet frame header ACL configuration procedure
Ethernet frame header ACLs, also called "Layer 2 ACLs," match packets based on Layer 2 protocol header fields, such as source MAC address, destination MAC address, 802.1p priority (VLAN priority), and link layer protocol type.
To configure an Ethernet frame header ACL:
|
Step |
Remarks |
|
Optional. A rule referencing a time range takes effect only during the specified time range. |
|
|
2. Add an Ethernet frame header ACL |
Required. For more information, see "Adding an ACL." |
|
Required. |
Recommended IPv6 basic ACL configuration procedure
IPv6 basic ACLs match packets based only on source IP addresses.
To configure an IPv6 basic ACL:
|
Step |
Remarks |
|
Optional. A rule referencing a time range takes effect only during the specified time range. |
|
|
2. Add an IPv6 basic ACL |
Required. For more information, see "Adding an IPv6 ACL." |
|
Required. |
Recommended IPv6 advanced ACL configuration procedure
IPv6 advanced ACLs match packets based on the source IPv6 addresses, destination IPv6 addresses, packet priorities, protocols carried over IPv6, and other protocol header fields such as the TCP/UDP source port number, TCP/UDP destination port number, ICMPv6 message type, and ICMPv6 message code.
Compared to IPv6 basic ACLs, IPv6 advanced ACLs allow more flexible and accurate filtering.
To configure an IPv6 advanced ACL:
|
Step |
Remarks |
|
Optional. A rule referencing a time range takes effect only during the specified time range. |
|
|
2. Add an IPv6 advanced ACL |
Required. For more information, see "Adding an IPv6 ACL." |
|
Required. |
Adding a time range
To add a time range:
1. From the navigation tree, select QoS > Time Range.
2. Click the Add tab.
3. Configure the time range settings as described in Table 2.
4. Click Apply.
|
Item |
Description |
||
|
Time Range Name |
Set the name for the time range. |
||
|
Periodic Time Range |
Start Time |
Set the start time of the periodic time range. |
These items are available after you select the Periodic Time Range box. |
|
End Time |
Set the end time of the periodic time range. The end time must be greater than the start time. |
||
|
Sun, Mon, Tue, Wed, Thu, Fri, and Sat. |
Select the day or days of the week on which the periodic time range is valid. You can select any combination of the days of the week. |
||
|
Absolute Time Range |
From |
Set the start time of the absolute time range. The time of the day is in the hh:mm format (24-hour clock), and the date is in the MM/DD/YYYY format. |
These items are available after you select the Absolute Time Range box. |
|
To |
Set the end time of the absolute time range. The time of the day is in the hh:mm format (24-hour clock), and the date is in the MM/DD/YYYY format. The end time must be greater than the start time. |
||
Adding an ACL
1. Select QoS > ACL IPv4 from the navigation tree.
2. Click the Add tab to enter the IPv4 ACL adding page.
3. Configure the ACL information as described in Table 3.
4. Click Apply.
|
Item |
Description |
|
ACL Number |
Set the number of the IPv4 ACL: · 2000 to 2999 for IPv4 basic ACLs. · 3000 to 3999 for IPv4 advanced ACLs. · 4000 to 4999 for Ethernet frame header ACLs. An IPv4 basic or advanced ACL number is unique only among IPv4 ACLs. |
|
Match Order |
Set the match order of the ACL: · Config—Packets are compared against ACL rules in the order that the rules are configured. · Auto—Packets are compared against ACL rules in the depth-first match order. |
|
Description |
Set the description for the ACL. |
Configuring a rule for an IPv4 basic ACL
1. Select QoS > ACL IPv4 from the navigation tree.
2. Click the Basic Setup tab to enter the rule configuration page for an IPv4 basic ACL.
Figure 3 Configuring an IPv4 basic ACL
3. Configure an IPv4 basic ACL as described in Table 4.
4. Click Add.
|
Item |
Description |
|
ACL |
Select the IPv4 basic ACL for which you want to configure rules. |
|
Rule ID |
Specify an ID for the rule. If you do not specify the rule ID, the system will assign one automatically. If the rule ID you specify already exists, the following operations modify the configuration of the rule. |
|
Action |
Select the action to be performed for IPv4 packets matching the rule: · Permit—Allows matched packets to pass. · Deny—Drops matched packets. |
|
Check Fragment |
Select this box to apply the rule to only non-first fragments. If you do not select this box, the rule applies to all fragments and non-fragments. |
|
Check Logging |
Select this box to keep a log of matched IPv4 packets. A log entry contains the ACL rule ID, operation for the matched packets, protocol that IP carries, source/destination address, source/destination port number, and number of matched packets. |
|
Source IP Address |
Select the Source IP Address box and enter a source IPv4 address and source wildcard, in dotted decimal notation. |
|
Source Wildcard |
|
|
Time Range |
Select the time range during which the rule takes effect. |
Configuring a rule for an IPv4 advanced ACL
1. Select QoS > ACL IPv4 from the navigation tree.
2. Click the Advanced Setup tab to enter the rule configuration page for an IPv4 advanced ACL.
Figure 4 Configuring an IPv4 advanced ACL
3. Configure an IPv4 advanced ACL rule as described in Table 5.
4. Click Add.
|
Item |
Description |
||
|
ACL |
Select the IPv4 advanced ACL for which you want to configure rules. |
||
|
Rule ID |
Specify an ID for the rule. If you do not specify the rule ID, the system will assign one automatically. If the rule ID you specify already exists, the following operations modify the configuration of the rule. |
||
|
Action |
Select the action to be performed for IPv4 packets matching the rule: · Permit—Allows matched packets to pass. · Deny—Drops matched packets. |
||
|
Non-First Fragments Only |
Select this box to apply the rule to only non-first fragments. If you do not select this box, the rule applies to all fragments and non-fragments. |
||
|
Logging |
Select this box to keep a log of matched IPv4 packets. A log entry contains the ACL rule ID, operation for the matched packets, protocol that IP carries, source/destination address, source/destination port number, and number of matched packets. |
||
|
IP Address Filter |
Source IP Address |
Select the Source IP Address box and enter a source IPv4 address and source wildcard, in dotted decimal notation. |
|
|
Source Wildcard |
|||
|
Destination IP Address |
Select the Source IP Address box and enter a source IP address and source wildcard, in dotted decimal notation. |
||
|
Destination Wildcard |
|||
|
Protocol |
Select the protocol to be carried by IP. If you select 1 ICMP, you can configure the ICMP message type and code. If you select 6 TCP or 17 UDP, you can configure the TCP or UDP specific items. |
||
|
ICMP Type |
ICMP Message |
Specify the ICMP message type and code. These items are available only when you select 1 ICMP from the Protocol list. If you select Other from the ICMP Message list, you must enter values in the ICMP Type and ICMP Code fields. Otherwise, the two fields will take the default values, which cannot be changed. |
|
|
ICMP Type |
|||
|
ICMP Code |
|||
|
TCP/UDP Port |
TCP Connection Established |
Select this box to make the rule match packets used for establishing and maintaining TCP connections. These items are available only when you select 6 TCP from the Protocol list. On a router, a rule with this item configured matches TCP connection packets with the ACK or RST flag. The usage and availability of this item on switches depend on the device model. |
|
|
Source |
Operator |
Select the operators and enter the source port numbers and destination port numbers as required. These items are available only when you select 6 TCP or 17 UDP from the Protocol list. Different operators have different configuration requirements for the port number fields: · Not Check—The following port number fields cannot be configured. · Range—The following port number fields must be configured to define a port range. · Other values—The first port number field must be configured and the second must not. |
|
|
Port |
|||
|
- |
|||
|
Destination |
Operator |
||
|
Port |
|||
|
- |
|||
|
Precedence Filter |
DSCP |
Specify the DSCP value. |
|
|
TOS |
Specify the ToS preference. |
||
|
Precedence |
Specify the IP precedence. |
||
|
Time Range |
Select the time range during which the rule takes effect. |
||
Configuring a rule for an Ethernet frame header ACL
1. Select QoS > ACL IPv4 from the navigation tree.
2. Click the Link Setup tab to enter the rule configuration page for an Ethernet frame header IPv4 ACL.
Figure 5 Configuring a rule for an Ethernet frame header ACL
3. Configure an Ethernet frame header IPv4 ACL rule as described in Table 6.
4. Click Add.
|
Item |
Description |
||
|
ACL |
Select the Ethernet frame header IPv4 ACL for which you want to configure rules. |
||
|
Rule ID |
Specify an ID for the rule. If you do not specify the rule ID, the system will assign one automatically. If the rule ID you specify already exists, the following operations modify the configuration of the rule. |
||
|
Action |
Select the action to be performed for IPv4 packets matching the rule: · Permit—Allows matched packets to pass. · Deny—Drops matched packets. |
||
|
MAC Address Filter |
Source MAC Address |
Select the Source MAC Address box and enter a source MAC address and wildcard. |
|
|
Source Mask |
|||
|
Destination MAC Address |
Select the Destination MAC Address box and enter a destination MAC address and wildcard. |
||
|
Destination Mask |
|||
|
COS(802.1p priority) |
Specify the 802.1p priority for the rule. |
||
|
Type Filter |
LSAP Type |
Select the LSAP Type box and specify the DSAP and SSAP fields in the LLC encapsulation by configuring the following items: · LSAP Type—Indicates the frame encapsulation format. · LSAP Mask—Indicates the LSAP wildcard. |
The LSAP Type box is mutually exclusive with the Protocol Type box. |
|
LSAP Mask |
|||
|
Protocol Type |
Select the Protocol Type box and specify the link layer protocol type by configuring the following items: · Protocol Type—Indicates the frame type. It corresponds to the type-code field of Ethernet_II and Ethernet_SNAP frames. · Protocol Mask—Indicates the wildcard. |
||
|
Protocol Mask |
|||
|
Time Range |
Select the time range during which the rule takes effect. |
||
Adding an IPv6 ACL
1. Select QoS > ACL IPv6 from the navigation tree.
2. Click the Add tab to enter the IPv6 ACL adding page.
3. Configure the IPv6 ACL information as described in Table 7.
4. Click Apply.
|
Item |
Description |
|
ACL Number |
Enter a number for the IPv6 ACL: · 2000 to 2999 for IPv6 basic ACLs. · 3000 to 3999 for IPv6 advanced ACLs. An IPv6 basic or advanced ACL number is unique only among IPv6 ACLs. |
|
Match Order |
Select a match order for the ACL: · Config—Packets are compared against ACL rules in the order the rules are configured. · Auto—Packets are compared against ACL rules in the depth-first match order. |
|
Description |
Set the description for the ACL. |
Configuring a rule for a IPv6 basic ACL
1. Select QoS > ACL IPv6 from the navigation tree
2. Click the Basic Setup tab to enter the rule configuration page for an IPv6 basic ACL.
Figure 7 Configuring a rule for a IPv6 basic ACL
3. Configure the IPv6 basic ACL rule information as described in Table 8.
4. Click Add.
|
Item |
Description |
|
Select Access Control List (ACL) |
Select the IPv6 basic ACL for which you want to configure rules. |
|
Rule ID |
Specify an ID for the rule. If you do not specify the rule ID, the system will assign one automatically. If the rule ID you specify already exists, the following operations modify the configuration of the rule. |
|
Operation |
Select the operation to be performed for IPv6 packets matching the rule: · Permit—Allows matched packets to pass. · Deny—Drops matched packets. |
|
Check Fragment |
Select this box to apply the rule to only non-first fragments. If you do not select this box, the rule applies to all fragments and non-fragments. |
|
Check Logging |
Select this box to keep a log of matched IPv6 packets. A log entry contains the ACL rule ID, operation for the matched packets, protocol that IP carries, source/destination address, source/destination port number, and number of matched packets. |
|
Source IP Address |
Select the Source IP Address box and enter a source IPv6 address and prefix length. The IPv6 address must be in a format like X:X::X:X. An IPv6 address consists of eight 16-bit long fields, each of which is expressed with two hexadecimal numbers and separated from its neighboring fields by colon (:). |
|
Source Prefix |
|
|
Time Range |
Select the time range during which the rule takes effect. |
Configuring a rule for an IPv6 advanced ACL
1. Select QoS > ACL IPv6 from the navigation tree
2. Click the Advanced Setup tab to enter the rule configuration page for an IPv6 advanced ACL.
Figure 8 Configuring a rule for an IPv6 advanced ACL
3. Configure the IPv6 advanced ACL rule information as described in Table 9.
4. Click Add.
|
Item |
Description |
||
|
Select Access Control List (ACL) |
Select the IPv6 advanced ACL for which you want to configure rules. |
||
|
Rule ID |
Specify an ID for the rule. If you do not specify the rule ID, the system will assign one automatically. If the rule ID you specify already exists, the following operations modify the configuration of the rule. |
||
|
Operation |
Select the operation to be performed for IPv6 packets matching the rule: · Permit—Allows matched packets to pass. · Deny—Drops matched packets. |
||
|
Check Fragment |
Select this box to apply the rule to only non-first fragments. If you do not select this box, the rule applies to all fragments and non-fragments. |
||
|
Check Logging |
Select this box to keep a log of matched IPv6 packets. A log entry contains the ACL rule ID, operation for the matched packets, protocol that IP carries, source/destination address, source/destination port number, and number of matched packets. |
||
|
IP Address Filter |
Source IP Address |
Select the Source IP Address box and enter a source IPv6 address and prefix length. The IPv6 address must be in a format like X:X::X:X. An IPv6 address consists of eight 16-bit long fields, each of which is expressed with two hexadecimal numbers and separated from its neighboring fields by colon (:). |
|
|
Source Prefix |
|||
|
Destination IP Address |
Select the Destination IP Address box and enter a destination IPv6 address and prefix length. The IPv6 address must be in a format like X:X::X:X. An IPv6 address consists of eight 16-bit long fields, each of which is expressed with two hexadecimal numbers and separated from its neighboring fields by colon (:). |
||
|
Destination Prefix |
|||
|
Protocol |
Select the protocol to be carried by IP. If you select 58 ICMPv6, you can configure the ICMP message type and code. If you select 6 TCP or 17 UDP, you can configure the TCP or UDP specific items. |
||
|
ICMPv6 Type |
Named ICMPv6 Type |
Specify the ICMPv6 message type and code. These items are available only when you select 58 ICMPv6 from the Protocol list. If you select Other from the Named ICMPv6 Type list, you must enter values in the ICMPv6 Type and ICMPv6 Code fields. Otherwise, the two fields will take the default values, which cannot be changed. |
|
|
ICMPv6 Type |
|||
|
ICMPv6 Code |
|||
|
TCP/UDP Port |
Source |
Operator |
Select the operators and enter the source port numbers and destination port numbers as required. These items are available only when you select 6 TCP or 17 UDP from the Protocol list. Different operators have different configuration requirements for the port number fields: · Not Check—The following port number fields cannot be configured. · Range—The following port number fields must be configured to define a port range. · Other values—The first port number field must be configured and the second must not. |
|
Port |
|||
|
To Port |
|||
|
Destination |
Operator |
||
|
Port |
|||
|
Port |
|||
|
Time Range |
Select the time range during which the rule takes effect. |
||
Configuring a QoS policy
Recommended QoS policy configuration procedure
A QoS policy defines what QoS actions to take on what class of traffic for purposes such as traffic shaping or traffic policing. Before configuring a QoS policy, be familiar with these concepts: class, traffic behavior, and policy.
1. Class
Classes identify traffic.
A class is identified by a class name and contains some match criteria for identifying traffic. The relationship between the criteria can be And or Or.
¡ And—A packet is considered belonging to a class only when the packet matches all the criteria in the class.
¡ Or—A packet is considered belonging to a class if it matches any of the criteria in the class.
2. Traffic behavior
A traffic behavior, identified by a name, defines a set of QoS actions for packets.
3. Policy
A policy associates a class with a traffic behavior to define what actions to take on which class of traffic.
You can define multiple class-traffic behavior associations in a policy.
You can apply a policy to a port to regulate traffic sent or received on the port. A QoS policy can be applied to multiple ports, but in one direction (inbound or outbound) of a port, only one QoS policy can be applied.
|
Step |
Remarks |
|
Required. Add a class and specify the operator of the class. |
|
|
Required. Configure match criteria for the class. |
|
|
Required. Add a traffic behavior. |
|
|
Use either approach Configure various actions for the traffic behavior. |
|
|
Required. Add a policy. |
|
|
6. Configuring classifier-behavior associations for the policy |
Required. Associate a traffic behavior with a class in the QoS policy. You can associate a class with only one traffic behavior in a QoS policy. If a class is associated with multiple traffic behaviors, the last associated one takes effect. |
|
7. Apply the policy |
Use either approach. Apply the QoS policy to a port or a WLAN service. |
Adding a class
1. Select QoS > Classifier from the navigation tree.
2. Click the Add tab to enter the page for adding a class.
3. Configure the class information as described in Table 10.
4. Click Add.
|
Item |
Description |
|
Classifier Name |
Specify a name for the classifier to be added. |
|
Operator |
Specify the logical relationship between rules of the classifier: · And—Specifies the relationship between the rules in a class as logic AND. The device considers a packet belongs to a class only when the packet matches all the rules in the class. · Or—Specifies the relationship between the rules in a class as logic OR. The device considers a packet belongs to a class as long as the packet matches one of the rules in the class. |
Configuring classification rules
1. Select QoS > Classifier from the navigation tree.
2. Click the Setup tab to enter the page for setting a class.
Figure 10 Configuring classification rules
3. Configuration classification rules as described in Table 11.
4. Click Apply.
A progress dialog box appears.
5. Click Close on the progress dialog box when the progress dialog box prompts that the configuration succeeds.
|
Item |
Description |
|
|
Please select a classifier |
Select an existing classifier in the list. |
|
|
Any |
Define a rule to match all packets. Select the box to match all packets. |
|
|
DSCP |
Define a rule to match DSCP values. If multiple such rules are configured for a class, the new configuration does not overwrite the previous one. You can configure up to eight DSCP values each time. If multiple identical DSCP values are specified, the system considers them as one. The relationship between different DSCP values is OR. After such configurations, all the DSCP values are arranged in ascending order automatically. |
|
|
IP Precedence |
Define a rule to match IP precedence values. If multiple such rules are configured for a class, the new configuration does not overwrite the previous one. You can configure up to eight IP precedence values each time. If multiple identical IP precedence values are specified, the system considers them as one. The relationship between different IP precedence values is OR. After such configurations, all the IP precedence values are arranged in ascending order automatically. |
|
|
Classifier |
Define a rule to match a QoS class. The device does not support this item. |
|
|
Inbound Interface |
Define a rule to match inbound interfaces. The device does not support this item. |
|
|
RTP Port |
Define a rule to match a range of RTP ports. Specify the start port in the from field and the end port in the to field. The device does not support this item. |
|
|
Dot1p |
Service 802.1p |
Define a rule to match the service 802.1p precedence values. If multiple such rules are configured for a class, the new configuration does not overwrite the previous one. You can configure up to eight Dot1p values each time. If multiple identical Dot1p values are specified, the system considers them as one. The relationship between different Dot1p values is OR. After such configurations, all the Dot1p values are arranged in ascending order automatically. The device does not support this item. |
|
Customer 802.1p |
Define a rule to match the customer 802.1p precedence values. If multiple such rules are configured for a class, the new configuration does not overwrite the previous one. You can configure up to eight Dot1p values each time. If multiple identical Dot1p values are specified, the system considers them as one. The relationship between different Dot1p values is OR. After such configurations, all the Dot1p values are arranged in ascending order automatically. |
|
|
MAC |
Source MAC |
Define a rule to match a source MAC address. If multiple such rules are configured for a class, the new configuration does not overwrite the previous one. A rule to match a source MAC address is significant only to Ethernet interfaces. |
|
Destination MAC |
Define a rule to match a destination MAC address. If multiple such rules are configured for a class, the new configuration does not overwrite the previous one. A rule to match a destination MAC address is significant only to Ethernet interfaces. |
|
|
VLAN |
Service VLAN |
Define a rule to match service VLAN IDs. If multiple such rules are configured for a class, the new configuration does not overwrite the previous one. You can configure multiple VLAN IDs each time. If the same VLAN ID is specified multiple times, the system considers them as one. The relationship between different VLAN IDs is logical OR. After such a configuration. You can specify VLAN IDs in either of the following ways: · Enter a range of VLAN IDs, such as 10-500. The number of VLAN IDs in the range is not limited. · Specify a combination of individual VLAN IDs and VLAN ID ranges, such as 3, 5-7, 10. You can specify up to eight VLAN IDs in this way. The device does not support this item. |
|
Customer VLAN |
Define a rule to match customer VLAN IDs. If multiple such rules are configured for a class, the new configuration does not overwrite the previous one. You can configure multiple VLAN IDs each time. If the same VLAN ID is specified multiple times, the system considers them as one. The relationship between different VLAN IDs is logical OR. You can specify VLAN IDs in either of the following ways: · Enter a range of VLAN IDs, such as 10-500. The number of VLAN IDs in the range is not limited. · Specify a combination of individual VLAN IDs and VLAN ID ranges, such as 3, 5-7, 10. You can specify up to eight VLAN IDs in this way. |
|
|
ACL |
ACL IPv4 |
Define an IPv4 ACL-based rule. |
|
ACL IPv6 |
Define an IPv6 ACL-based rule. |
|
Adding a traffic behavior
1. Select QoS > Behavior from the navigation tree.
2. Click the Add tab to enter the page for adding a traffic behavior.
3. Set the traffic behavior name.
4. Click Add.
Figure 11 Adding a traffic behavior
Configuring actions for a traffic behavior
1. Select QoS > Behavior from the navigation tree.
2. Click the Setup tab to enter the page for setting a traffic behavior.
Figure 12 Setting a traffic behavior
3. Configure the traffic behavior actions as described in Table 12.
4. Click Apply.
A progress dialog box appears.
5. Click Close on the progress dialog box when the progress dialog box prompts that the configuration succeeds.
|
Item |
Description |
|||
|
Please select a behavior |
Select an existing behavior in the list. |
|||
|
CAR |
Enable/Disable |
Enable or disable CAR. |
||
|
CIR |
Set the committed information rate (CIR), the average traffic rate. |
|||
|
CBS |
Set the committed burst size (CBS), number of bits that can be sent in each interval. |
|||
|
Red |
Discard |
Set the action to perform for exceeding packets. After selecting the Red box, you can select one of the following options: · Discard—Drops the exceeding packet. · Pass—Permits the exceeding packet to pass through. · Remark DSCP Pass—Sets the DSCP value of the packet and then sends the packet. |
||
|
Pass |
||||
|
Remark DSCP Pass |
||||
|
Remark |
IP Precedence |
Configure the action of marking IP precedence for packets. Select the IP Precedence box and then select the IP precedence value to be marked for packets in the following list. Select Not Set to cancel the action of marking IP precedence. The device does not support this item. |
||
|
Dot1p |
Configure the action of marking 802.1p precedence for packets. Select the Dot1p box and then select the 802.1p precedence value to be marked for packets in the following list. Select Not Set to cancel the action of marking 802.1p precedence. |
|||
|
Local Precedence |
Configure the action of marking local precedence for packets. Select the Local Precedence box and then select the local precedence value to be marked for packets in the following list. Select Not Set to cancel the action of marking local precedence. |
|||
|
DSCP |
Configure the action of marking DSCP values for packets. Select the DSCP box and then select the DSCP value to be marked for packets in the following list. Select Not Set to cancel the action of marking DSCP values. The device does not support this item. |
|||
|
Queue |
EF |
Max Bandwidth |
Configure the maximum bandwidth for Expedited Forwarding (EF). |
The device does not support any queuing mechanisms. |
|
CBS |
Configure the CBS for EF. |
|||
|
Percent |
Configure the percent of available bandwidth for EF. |
|||
|
CBS-Ratio |
Configure the ratio of CBS to CIR for EF. |
|||
|
AF |
Min Bandwidth |
Configure the minimum guaranteed bandwidth for Assured Forwarding (AF). |
||
|
Percent |
Configure the percent of available bandwidth for AF. |
|||
|
WFQ |
Configure WFQ for the default class by entering the total number of fair queues, which must be the power of two. |
|||
|
Filter |
Configure the packet filtering action. After selecting the Filter box, select one item in the following list: · Permit—Forwards the packet. · Deny—Drops the packet. · Not Set—Cancels the packet filtering action. |
|||
|
Accounting |
Configure the traffic accounting action. Select the Accounting box and select Enable or Disable in the following list to enable/disable the traffic accounting action. The device does not support this item. |
|||
Adding a policy
1. Select QoS > QoS Policy from the navigation tree.
2. Click the Add tab to enter the page for adding a policy.
3. Set the policy name.
4. Click Add.
Configuring classifier-behavior associations for the policy
1. Select QoS > QoS Policy from the navigation tree.
2. Click the Setup tab to enter the page for setting a policy.
3. Configure classifier-behavior associations as described in Table 13.
4. Click Apply.
|
Item |
Description |
|
Please select a policy |
Select an existing policy in the list. |
|
Classifier Name |
Select an existing classifier in the list. |
|
Behavior Name |
Select an existing behavior in the list. |
Applying a policy to a port
1. Select QoS > Port Policy from the navigation tree.
2. Click the Setup tab to enter the page for applying a policy to a port.
Figure 15 Applying a policy to a port
3. Select a policy and apply the policy to the specified ports as described in Table 14.
4. Click Apply.
|
Item |
Description |
|
Please select a policy |
Select an existing policy in the list. |
|
Direction |
Set the direction in which you want to apply the policy: · Inbound—Applies the policy to the incoming packets of the specified ports. · Outbound—Applies the policy to the outgoing packets of the specified ports. |
|
Please select port(s) |
Click the ports to which the QoS policy is to be applied in the port list. You can select one or more ports. |
Applying a QoS policy to a WLAN service
1. Select QoS > Service Policy from the navigation tree to enter the service policy page.
2.
Click the 
icon for a WLAN service to enter the service
policy setup page.
Figure 17 Service policy setup
3. Apply the policy to the WLAN service as described in Table 15.
4. Click Apply.
|
Item |
Remarks |
|
Wlan ID |
ID of the WLAN service. |
|
Wlan Service |
Name of the WLAN service. |
|
Inbound Policy |
Apply the QoS policy to the packets received by the WLAN service. |
|
Outbound Policy |
Apply the QoS policy to the packets sent by the WLAN service. |
|
Trust Mode |
Set the priority trust mode: · Untrust—Trusts the port priority. · dscp—Uses the DSCP values of received packets for mapping. · 802.11e—Uses the 802.11e priority of received 802.11 packets for mapping. |
|
QoS Priority |
Set the local precedence value. |
Configuring priority mapping
Priority mapping overview
When a packet arrives, a device assigns a set of QoS priority parameters to the packet based on a certain priority field carried in the packet or the port priority of the incoming port, depending on your configuration. This process is called "priority mapping." During this process, the device may modify the priority of the packet depending on device status. The set of QoS priority parameters decides the scheduling priority and forwarding priority of the packet.
The device provides various types of priority mapping tables, or rather, priority mappings. By looking up a priority mapping table, the device decides which priority value is to assign to a packet for subsequent packet processing.
You can configure priority mapping by configuring the priority trust mode. If packet priority is trusted, the device uses the specified priority field of the incoming packet to look up the priority mapping tables for the set of QoS priority parameters to assign to the packet. Note that, if a received packet does not carry the specified priority field, the device uses the port priority to look up the priority mapping tables for the set of QoS priority parameters to assign to the packet.
Configuration procedure
1. Select QoS > Trust Mode from the navigation tree to enter the priority trust mode configuration page.
Figure 18 Configuring priority trust mode
2. Configure the priority trust mode of the interfaces as described in Table 16.
3. Click Apply.
|
Item |
Description |
|
Please select the interface type |
Select the type of the interfaces to be configured. The interface types available for selection depend on your device model. You can select one or more interfaces of an interface type by clicking them in the interface list. |
|
Trust Mode |
Select the priority trust mode: · Dot1p—Uses the 802.1p priority of received packets for mapping. · Dscp—Uses the DSCP value of received packets for mapping. · Dot11e—Uses the 802.11e priority of received packets for mapping. This option is applicable to only WLAN-BSS interfaces. Support for priority trust modes depends on the interface type. |
ACL and QoS configuration example
Network requirements
As shown in Figure 19, in the WLAN, the FTP server at IP address 10.1.1.1/24 is connected to the AP, and the client accesses the FTP server through the wireless service named service1 of the AP.
Configure an ACL and a QoS policy to prevent the wireless hosts from accessing the FTP server from 8:00 to 18:00 every day:
Add an ACL to prevent the hosts from accessing the FTP server from 8:00 to 18:00 every day.
Configure a QoS policy to drop the packets matching the ACL.
Apply the QoS policy in the inbound direction of the wireless service named service1.
Configuring AP
Before performing the following configurations, make sure the AP has been configured with wireless service service1. For more information about the wireless service configuration, see "Configuring wireless services."
1. Define a time range to cover the time range from 8:00 to 18:00 every day:
a. Select QoS > Time Range from the navigation tree.
b. Click the Add tab.
c. Enter the time range name test-time. Select the Periodic Time Range box. Set the Start Time to 8:00 and the End Time to 18:00. Select the boxes Sun through Sat.
d. Click Apply.
Figure 20 Defining a time range covering 8:00 to 18:00 every day
2. Add an IPv4 advanced ACL:
a. Select QoS > ACL IPv4 from the navigation tree.
b. Click the Add tab.
c. Enter the ACL number 3000.
d. Click Apply.
Figure 21 Adding an IPv4 advanced ACL
3. Define an ACL rule for traffic to the FTP server:
a. Click the Advanced Setup tab.
b. Select 3000 in the ACL list.
c. Select the Rule ID box, and enter rule ID 2.
d. Select Permit in the Action list.
e. Select the Destination IP Address box, and enter IP address 10.1.1.1 and destination wildcard 0.0.0.0.
f. Select test-time in the Time Range list.
g. Click Add.
Figure 22 Defining an ACL rule for traffic to the FTP server
4. Add a class:
a. Select QoS > Classifier from the navigation tree.
b. Click the Add tab.
c. Enter the class name class1.
d. Click Add.
5. Define classification rules:
a. Click the Setup tab.
b. Select the class name class1 in the list. Select the ACL IPv4 box, and select ACL 3000 in the following list.
c. Click Apply.
A progress dialog box appears.
d. Click Close on the progress dialog box when the progress dialog box prompts that the configuration succeeds.
Figure 24 Defining classification rules
6. Add a traffic behavior:
a. Select QoS > Behavior from the navigation tree.
b. Click the Add tab.
c. Enter the behavior name behavior1.
d. Click Add.
Figure 25 Adding a traffic behavior
7. Configure actions for the traffic behavior:
a. Click the Setup tab.
b. Select behavior1 in the list. Select the Filter box, and then select Deny in the following list.
c. Click Apply.
A progress dialog box appears.
d. Click Close when the progress dialog box prompts that the configuration succeeds.
Figure 26 Configuring actions for the behavior
8. Add a policy:
a. Select QoS > QoS Policy from the navigation tree.
b. Click the Add tab.
c. Enter the policy name policy1.
d. Click Add.
9. Configure classifier-behavior associations for the policy:
a. Click the Setup tab.
b. Select policy1. Select class1 in the Classifier Name list. Select behavior1 in the Behavior Name list.
c. Click Apply.
Figure 28 Configuring classifier-behavior associations for the policy
10. Apply the QoS policy in the inbound direction of the wireless service named service1:
a. Select QoS > Service Policy from the navigation tree.
b. Click the 
icon for wireless service service1.
c. Select the Inbound Policy box, and select policy1 from the following list.
d. Click Apply.
Figure 29 Applying the QoS policy in the inbound direction of the wireless service named service1
Verifying the configurations
After you complete these configurations, the QoS policy is successfully applied to the wireless service named service1. The wireless clients cannot access the FTP server at IP address 10.1.1.1/24 from 8:00 to 18:00 every day, but they can do that at any other time.
Configuration guidelines
When you configure ACL and QoS, follow these guidelines:
· You cannot add a rule with the same permit/deny statement as an existing rule in the ACL. Also, you cannot modify a rule to have the same permit/deny statement as an existing rule in the ACL.
· You can only modify the existing rules of an ACL that uses the match order of config. When modifying a rule of such an ACL, you may choose to change just some of the settings, in which case the other settings remain the same.
· When you configure line rate and traffic policing for a behavior, make sure the ratio of CBS to CIR is more than 100:16. Otherwise, the handling for bursty traffic may be affected.
· If an ACL is referenced by a QoS policy for defining traffic classification rules, the operation of the QoS policy varies by interface: The definition of software/hardware interface varies with device models. The specific process is as follows:
¡ If the QoS policy is applied to a software interface and the referenced ACL rule is a deny clause, the ACL rule does not take effect and packets go to the next classification rule.
¡ If the QoS policy is applied to a hardware interface, packets matching the referenced ACL rule are organized as a class and the behavior defined in the QoS policy applies to the class regardless of whether the referenced ACL rule is a deny or permit clause.
· If a QoS policy is applied in the outbound direction of a port, the QoS policy cannot influence local packets. Local packets refer to the important protocol packets that maintain the normal operation of the device. QoS must not process such packets to avoid packet drop.
Configuring wireless QoS
Overview
An 802.11 network offers wireless access based on the CSMA/CA channel contention. All clients accessing the WLAN have equal channel contention opportunities, and all applications carried on the WLAN use the same channel contention parameters. However, a live WLAN is required to provide differentiated access services to address diversified requirements of applications for bandwidth, delay, and jitter.
To provide applications with QoS services, IEEE developed 802.11e for the 802.11-based WLAN architecture.
When IEEE 802.11e was being standardized, Wi-Fi Alliance defined the Wi-Fi Multimedia (WMM) standard to allow QoS provision devices of different vendors to interoperate. WMM makes a WLAN network capable of providing QoS services.
Terminology
WMM
WMM is a wireless QoS protocol designed to preferentially transmit packets with high priority, and guarantees better QoS services for voice and video applications in a wireless network.
EDCA
Enhanced distributed channel access (EDCA) is a channel contention mechanism designed by WMM to preferentially transmit packets with high priority and allocate more bandwidth to such packets.
Access category
WMM uses access categories (ACs) for handling channel contentions. WMM assigns WLAN data to four access categories: AC-VO (voice), AC-VI (video), AC-BE (best-effort), and AC-BK (background), in the descending order of priority. Each access category uses an independent priority queue for transmitting data. When contention occurs, WMM guarantees that a high-priority access category preempts a low-priority access category.
CAC
Connection admission control (CAC) limits the number of clients that are using high-priority access categories (including AC-VO and AC-VI) to guarantee sufficient bandwidth for existing high-priority traffic.
U-APSD
Unscheduled Automatic Power-save Delivery (U-APSD) is a new power saving mechanism defined by WMM to improve the power-saving capability of clients.
SVP
SpectraLink voice priority (SVP) is a voice priority protocol designed by the SpectraLink company to guarantee QoS for voice traffic.
WMM protocol overview
The distributed coordination function (DCF) in 802.11 stipulates that access points (APs) and clients use the CSMA/CA access mechanism. APs or clients listen to the channel before they hold the channel for data transmission. When the specified idle duration of the channel times out, APs or clients randomly select a backoff slot within the contention window to perform backoff. The device that finishes backoff first gets the channel. With 802.11, all devices have the same idle duration and contention window. They are equal when contending for a channel. In WMM, this fair contention mechanism is changed.
EDCA parameters
WMM assigns data packets to four access categories. By allowing a high-priority access category to have more channel contention opportunities than a low-priority access category, WMM offers different service levels to access categories.
WMM defines a set of EDCA parameters for each access category, covering the following:
· Arbitration inter-frame spacing number (AIFSN)—Different from the 802.11 protocol where the idle duration (set using DIFS) is a constant value, WMM can define an idle duration per access category. The idle duration increases as the AIFSN value increases (see Figure 30 for the AIFS durations).
· Exponent form of CWmin (ECWmin) and exponent form of CWmax (ECWmax)—Determine the average backoff slots, which increases as the two values increase (see Figure 30 for the backoff slots).
· Transmission opportunity limit (TXOPLimit)—Indicates the maximum time for which a user can hold a channel after a successful contention. The greater the TXOPLimit is, the longer the user can hold the channel. The value 0 indicates that the user can send only one packet each time it holds the channel.
Figure 30 Per-AC channel contention parameters in WMM
CAC admission policies
CAC requires that a client get the permission of the AP before it can use a high-priority access category for transmission, and guarantees bandwidth to the clients that have gained access. CAC controls real time traffic (AC-VO and AC-VI traffic), but not common data traffic (AC-BE and AC-BK traffic).
To use a high-priority access category, a client must send a request to the AP. The AP returns a positive or negative response based on either of the following admission control policy:
· Channel utilization-based admission policy—The AP calculates the total time that the existing high-priority access categories occupy the channel in one second, and then calculates the time that the requesting traffic will occupy the channel in one second. If the sum of the two values is smaller than or equal to the maximum hold time of the channel, the client can use the requested access category. Otherwise, the request is rejected.
· Users-based admission policy—If the number of clients using high-priority access categories plus the requesting clients is smaller than or equal to the maximum number of high-priority access category clients, the request is accepted. Otherwise, the request is rejected. During calculation, a client is counted once even if it is using both AC-VO and AC-VI.
U-APSD power-save mechanism
U-APSD improves the 802.11 APSD power saving mechanism. When you associate clients with access categories, specify some access categories as trigger-enabled and some access categories as delivery-enabled. Also, specify the maximum number of data packets that can be delivered after receiving a trigger packet.
You can modify both the trigger attribute and the delivery attribute when flows are established by using CAC. When a client sleeps, the delivery-enabled access category packets destined for the client are buffered. The client needs to send a trigger-enabled access category packet to get the buffered packets. After the AP receives the trigger packet, packets in the transmit queue are sent. The number of sent packets depends on the agreement made when the client was admitted. Access categories without the delivery attribute store and transmit packets as defined in the 802.11 protocol.
SVP service
SVP service implements differentiated treatment of SVP packets by mapping each SVP packet (IP protocol number 119) to an access category, which corresponds to a transmit queue with certain priority.
ACK policy
WMM defines two ACK policies:
· Normal ACK—When the no acknowledgement (No ACK) policy is used, the recipient does not acknowledge received packets during wireless packet exchange. This policy can improve transmission efficiency in the environment where communication quality is fine and interference is weak. However, in the environment where communication quality is poor, it can cause increased packet loss and deteriorated communication quality.
Configuring wireless QoS
Enabling wireless QoS
1. Select QoS > Wireless QoS from the navigation tree.
By default, the QoS Service tab is displayed.
2. Select the box in front of the radio unit to be configured.
3. Click Enable.
By default, wireless QoS is enabled.
The WMM protocol is the foundation of the 802.11n and 802.11ac protocols. When the radio is operating in 802.11n (2.4 GHz) or 802.11ac (5 GHz) radio mode, you must enable WMM. Otherwise, the associated clients may fail to communicate.
Setting the SVP service
SVP mapping is applicable to only non-WMM client access.
To set the SVP service:
1. Select QoS > Wireless QoS from the navigation tree.
By default, the QoS Service tab is displayed.
2.
Click the 
icon for the desired radio to enter the page for mapping SVP
service to an access category.
Figure 33 Mapping SVP service to an access category
3. Configure SVP mapping as described in Table 17.
4. Click Apply.
|
Item |
Description |
|
Radio |
Displays the selected radio. |
|
SVP Mapping |
Select the box before SVP Mapping, and then select an access category for the SVP service: · AC-VO. · AC-VI. · AC-BE. · AC-BK. |
Setting CAC admission policy
1. Select QoS > Wireless QoS from the navigation tree.
By default, the QoS Service tab is displayed.
2.
Click the icon for the desired radio to enter the page for setting CAC
admission policy.
Figure 34 Setting CAC admission policy
3. Configure the CAC admission policy as described in Table 18.
4. Click Apply.
|
Item |
Description |
|
Client Number |
Users-based admission policy, or the maximum number of clients allowed to be connected. A client is counted only once, even if it is using both AC-VO and AC-VI. By default, the users-based admission policy applies, with the maximum number of users being 20. |
|
Channel Utilization |
Channel utilization-based admission policy, or the rate of the medium time of the accepted AC-VO and AC-VI traffic to the valid time during the unit time. The valid time is the total time during which data is transmitted. |
Setting radio EDCA parameters for APs
1. Select QoS > Wireless QoS from the navigation tree.
By default, the QoS Service tab is displayed.
2.
Click the icon for the desired radio to enter the page for configuring
wireless QoS.
3.
On the radio EDCA list, click the 
icon for the desired priority type (AC_BK, for example) to enter
the page for setting radio EDCA parameters.
Figure 35 Setting radio EDCA parameters
4. Configure the radio EDCA parameters as described in Table 19.
5. Click Apply.
|
Item |
Description |
|
Radio |
Displays the selected AP's radio. |
|
Priority type |
Displays the priority type. |
|
AIFSN |
Arbitration inter-frame spacing number used by the AP. |
|
TXOP Limit |
Transmission opportunity limit used by the AP. |
|
ECWmin |
Exponent form of CWmin used by the AP. |
|
ECWmax |
Exponent form of CWmax used by the AP. |
|
No ACK |
If you select the box before No ACK, the No ACK policy is used by the AP. By default, the normal ACK policy is used by the AP. |
Table 20 Default radio EDCA parameters
|
Access category |
AIFSN |
ECWmin |
ECWmax |
|
|
AC-BK |
0 |
7 |
4 |
10 |
|
AC-BE |
0 |
3 |
4 |
6 |
|
AC-VI |
94 |
1 |
3 |
4 |
|
AC-VO |
47 |
1 |
2 |
3 |
When you configure the radio EDCA parameters for APs, follow these guidelines:
· ECWmin cannot be greater than ECWmax.
· On an AP operating in 802.11b radio mode, set the TXOP-Limit to 0, 0, 188, and 102 for AC-BK, AC-BE, AC-VI, and AC-VO.
Setting EDCA parameters for wireless clients
1. Select QoS > Wireless QoS from the navigation tree.
By default, the QoS Service tab is displayed.
2.
Click the icon for the desired radio to enter the page for configuring
wireless QoS.
3.
On the client EDCA list, click the icon for the desired priority type (AC_BK, for example) to enter
the page for setting client EDCA parameters.
Figure 36 Setting client EDCA parameters
4. Configure the client EDCA parameters as described in Table 21.
5. Click Apply.
|
Item |
Description |
|
Radio |
Displays the selected AP's radio. |
|
Priority type |
Displays the priority type. |
|
AIFSN |
Arbitration inter-frame spacing number used by clients. |
|
TXOP Limit |
Transmission opportunity limit used by clients. |
|
ECWmin |
Exponent form of CWmin used by clients. |
|
ECWmax |
Exponent form of CWmax used by clients. |
|
CAC |
Enable CAC: · Enable—Enables CAC. · Disable—Disables CAC. AC-VO and AC-VI support CAC, which is disabled by default. This item is not available for AC-BE or AC-BK, because they do not support CAC. |
Table 22 Default EDCA parameters for clients
|
Access category |
TXOP Limit |
AIFSN |
ECWmin |
ECWmax |
|
AC-BK |
0 |
7 |
4 |
10 |
|
AC-BE |
0 |
3 |
4 |
10 |
|
AC-VI |
94 |
2 |
3 |
4 |
|
AC-VO |
47 |
2 |
2 |
3 |
When you configure EDCA parameters for wireless clients, follow these guidelines:
· ECWmin cannot be greater than ECWmax.
· If all clients operate in 802.11b radio mode, set TXOPLimit to 188 and 102 for AC-VI and AC-VO.
· If some clients operate in 802.11b radio mode and some clients operate in 802.11g radio mode in the network, H3C recommends the TXOPLimit parameters in Table 22.
· Once you enable CAC for an access category, it is enabled automatically for all higher priority access categories. For example, if you enable CAC for AC-VI, CAC is also enabled for AC-VO. However, enabling CAC for AC-VO does not enable CAC for AC-VI.
Displaying radio statistics
1. Select QoS > Wireless QoS from the navigation tree.
2. Click the Radio Statistics tab to enter the page displaying radio statistics.
3. Click a radio to see its details.
Figure 37 Displaying radio statistics
|
Field |
Description |
|
Radio interface |
WLAN radio interface. |
|
Client EDCA update count |
Number of client EDCA parameter updates. |
|
QoS mode |
WMM indicates that QoS mode is enabled. None indicates that QoS mode is not enabled. |
|
Radio chip QoS mode |
Radio chip's support for the QoS mode. |
|
Radio chip max AIFSN |
Maximum AIFSN allowed by the radio chip. |
|
Radio chip max ECWmin |
Maximum ECWmin allowed by the radio chip. |
|
Radio chip max TXOPLimit |
Maximum TXOPLimit allowed by the radio chip. |
|
Radio chip max ECWmax |
Maximum ECWmax allowed by the radio chip. |
|
Client accepted |
Number of clients that have been admitted to access the radio, including the number of clients that have been admitted to access the AC-VO and the AC-VI queues. |
|
Total request mediumtime(us) |
Total requested medium time, including that of the AC-VO and the AC-VI queues. |
|
Calls rejected due to insufficient resource |
Number of requests rejected due to insufficient resources. |
|
Calls rejected due to invalid parameters |
Number of requests rejected due to invalid parameters. |
|
Calls rejected due to invalid mediumtime |
Number of requests rejected due to invalid medium time. |
|
Calls rejected due to invalid delaybound |
Number of requests rejected due to invalid delay bound. |
|
Admission Control Policy |
Admission control policy. |
|
Threshold users count |
Threshold used by the admission control policy. |
|
CAC-Free's AC Request Policy |
Response policy used for CAC-disabled ACs. Response Success indicates that the response is successful. |
|
CAC Unauthed Frame Policy |
Policy of processing frames unauthorized by CAC, which can be: · Discard—Drops frames. · Downgrade—Decreases the priority of frames. · Disassociate—Disassociates with the client. |
|
CAC Medium Time Limitation(us) |
Maximum medium time allowed by the CAC policy (in microseconds). |
|
CAC AC-VO's Max Delay(us) |
Maximum voice traffic delay allowed by the CAC policy (in microseconds). |
|
CAC AC-VI's Max Delay(us) |
Maximum video traffic delay allowed by the CAC policy (in microseconds). |
|
SVP packet mapped AC number |
Access category to which SVP packets are mapped. |
|
ECWmin |
N/A |
|
ECWmax |
N/A |
|
AIFSN |
N/A |
|
TXOPLimit |
N/A |
|
Ack Policy |
ACK policy used by an access category. |
|
CAC |
Indicates whether an access category is controlled by CAC: Disabled indicates that the access category is not controlled by CAC, Enabled indicates that the access category is controlled by CAC. |
Displaying client statistics
1. Select QoS > Wireless QoS from the navigation tree.
2. Click the Client Statistics tab to enter the page displaying client statistics.
3. Click a client name to see its details.
Figure 38 Displaying client statistics
|
Field |
Description |
|
MAC address |
MAC address of the client. |
|
SSID |
Service set ID. |
|
QoS Mode |
QoS mode: · WMM—Indicates that the client is a QoS client. · None—Indicates that the client is a non-QoS client. |
|
Max SP length |
Maximum service period. |
|
AC |
Access category. |
|
State |
APSD attribute of an access category: · T—The access category is trigger-enabled. · D—The access category is delivery-enabled. · T | D—The access category is both trigger-enabled and delivery-enabled. · L—The access category is of legacy attributes. |
|
Assoc State |
APSD attribute of the four access categories when a client accesses the AP. |
|
Uplink CAC packets |
Number of uplink CAC packets. |
|
Uplink CAC bytes |
Number of uplink CAC bytes. |
|
Downlink CAC packets |
Number of downlink CAC packets. |
|
Downlink CAC bytes |
Number of downlink CAC bytes. |
|
Downgrade packets |
Number of downgraded packets. |
|
Downgrade bytes |
Number of downgraded bytes. |
|
Discard packets |
Number of dropped packets. |
|
Discard bytes |
Number of dropped bytes. |
Setting rate limiting
The WLAN provides limited bandwidth for each AP. Because the bandwidth is shared by wireless clients attached to the AP, aggressive use of bandwidth by a client will affect other clients. To ensure fair use of bandwidth, rate limit traffic of clients in either of the following approaches:
· Configure the total bandwidth shared by all clients in the same BSS. This is called "dynamic mode." The rate limit of a client is the configured total rate/the number of online clients. For example, if the configure total rate is 10 Mbps and five clients are online, the rate of each client is 2 Mbps.
· Configure the maximum bandwidth that can be used by each client in the BSS. This is called "static mode." For example, if the configured rate is 1 Mbps, the rate limit of each user online is 1 Mbps. When the set rate limit multiplied by the number of access clients exceeds the available bandwidth provided by the AP, no clients can get the guaranteed bandwidth.
To set rate limiting:
1. Select QoS > Wireless QoS from the navigation tree.
2. Click the Client Rate Limit tab.
3.
Select the target WLAN service, and click the icon.
Figure 39 Setting rate limiting
4. Set rate limiting as described in Table 25.
5. Click Apply.
|
Item |
Description |
|
Wireless ID |
ID of the wireless service. |
|
Wireless Service |
Name of the wireless service. |
|
Direction |
Traffic direction: · Inbound—Traffic from clients to the AP. · Outbound—Traffic from the AP to clients. |
|
Mode |
Set a rate limiting mode: · Static—Limits the rate of each client to a fixed value. · Dynamic—Limits the rate of a client to the configured total rate/the number of online clients. |
|
Rate |
Set the rate of the clients: · If you select the static mode, Per-Client Rate is displayed, and the rate is the bandwidth of each client. · If you select the dynamic mode, Total Rate is displayed, and the rate is the total bandwidth of all clients. |
Configuring the bandwidth guarantee function
When traffic is heavy, a BSS without any rate limitation may aggressively occupy the available bandwidth for other BSSs. If you limit the rate of the BSS, it cannot use the idle bandwidth of other BSSs.
To improve bandwidth use efficiency when ensuring bandwidth use fairness among wireless services, use the bandwidth guarantee function. Bandwidth guarantee makes sure all traffic from each BSS can pass through when the network is not congested, and each BSS can get the guaranteed bandwidth when the network is congested. For example, suppose you guarantee SSID1, SSID2, and SSID3 25%, 25%, and 50% of the bandwidth. When the network is not congested, SSID1 can use all idle bandwidth in addition to its guaranteed bandwidth. When the network is congested, SSID1 can use at least its guaranteed bandwidth, 25% of the bandwidth.
|
|
NOTE: The bandwidth guarantee function is not supported in 802.11ac radio mode and takes effect only on the traffic from an AP to a client. |
Setting the reference radio bandwidth
1. Select QoS > Wireless QoS from the navigation tree.
2. Click the Bandwidth Guarantee tab.
Figure 40 Setting the reference radio bandwidth
3. Set the reference radio bandwidth as described in Table 26.
4. Click Apply.
|
Item |
Description |
|
802.11a Mode |
Set the reference radio bandwidth. H3C recommends setting the reference radio bandwidth slightly lower than the maximum available bandwidth. |
|
802.11b Mode |
|
|
802.11g Mode |
|
|
802.11n Mode |
After you set the reference radio bandwidth values, the new settings do not take effect for the radios with bandwidth guarantee enabled. To make the new settings take effect, you must disenable and then enable the radios.
Setting guaranteed bandwidth
1.
Select the desired radio on the bandwidth guarantee setup list, and click
its 
icon
to enter the page for setting guaranteed bandwidth.
Figure 41 Setting guaranteed bandwidth
2. Set the guaranteed bandwidth as described in Table 27.
3. Click Apply.
|
Item |
Description |
|
Guaranteed Bandwidth Percent (%) |
Allocate a percentage of the total radio bandwidth to each wireless service as the guaranteed bandwidth. The total guaranteed bandwidth cannot exceed 100% of the ratio bandwidth. |
Enabling bandwidth guarantee
After the configurations above, the bandwidth guarantee tab appears.
To validate the bandwidth guarantee settings for a radio unit, enable its bandwidth guarantee function.
To enable the bandwidth guarantee function:
1. Select the radio unit in a certain radio mode for which you are enabling bandwidth guarantee.
2. Click Enable.
Figure 42 Enabling the bandwidth guarantee function
Displaying guaranteed bandwidth settings
1. Select QoS > Wireless QoS from the navigation tree.
2. Click the Bandwidth Guarantee tab.
3. Click the specified radio unit to view the wireless services bound to the radio unit and the guaranteed bandwidth setting for each wireless service.
Figure 43 Displaying guaranteed bandwidth settings
Wireless QoS configuration examples
CAC service configuration example
Network requirements
As shown in Figure 44, a WMM-enabled AP accesses the Ethernet. Enable CAC for AC-VO and AC-VI on the AP. To guarantee high priority clients (AC-VO and AC-VI clients) sufficient bandwidth, use the user number-based admission policy to limit the number of access users to 10.
Configuring the wireless service
For related configurations, see "Configuring wireless services." You can follow the steps in the related configuration example to configure the wireless service.
Configuring wireless QoS
1. Select QoS > Wireless QoS from the navigation tree.
By default, the QoS Service tab is displayed.
2. Make sure WMM is enabled.
Figure 45 Wireless QoS configuration page
3.
Select the radio unit to be configured on the
list and click the icon to enter the page for configuring wireless QoS.
4.
On the Client EDCA list, select the priority
type (AC_VO, for example) to be modified, and click the icon
to enter the page for setting client EDCA parameters.
5. Select Enable from the CAC list.
6. Click Apply.
Figure 46 Enabling CAC
7. Enable CAC for AC_VI in the same way. (Details not shown.)
8. Select QoS > Wireless QoS from the navigation tree.
By default, the QoS Service tab is displayed.
9.
Click the icon
for the desired radio unit to enter the page for configuring wireless QoS.
10. Select the Client Number option, and then enter 10.
11. Click Apply.
Figure 47 Setting the CAC client number
Verifying the configuration
If the number of existing clients in the high-priority access categories (AC-VO and AC-VI) plus the number of clients requesting for high-priority access categories is smaller than or equal to the user-defined maximum number of users allowed in high-priority access categories, which is 10 in this example, the request is allowed. The system decreases the priority of the packets from the clients exceeding the maximum number of high-priority AC clients.
Static rate limiting configuration example
Network requirements
As shown in Figure 48, two clients access the WLAN through a SSID named service1. Limit the maximum bandwidth per client to 128 kbps on the AP.
Configuring the wireless service
For the configuration procedure, see "Configuring wireless services." You can follow the related configuration example to configure the wireless service.
Configuring static rate limiting
1. Select QoS > Wireless QoS from the navigation tree.
2. Click the Client Rate Limit tab.
3.
Select the target WLAN
service service1 from the list, and click the icon for the inbound direction.
4. Select Static from the Mode list. Enter 128 in the Per-Client Rate field.
5. Click Apply.
Figure 49 Configuring static rate limiting
Verifying the configuration
· Client1 and Client2 access the WLAN through an SSID named service1.
· Check that traffic from Client1 is rate limited to around 128 kbps, so is traffic from Client2.
Dynamic rate limiting configuration example
Network requirements
As shown in Figure 50, clients access the WLAN through a SSID named service2.
Configure all clients to share 8000 kbps of bandwidth in the outbound direction.
Configuring the wireless service
For the configuration procedure, see "Configuring wireless services." You can follow the related configuration example to configure the wireless service.
Configuring dynamic rate limiting
1. Select QoS > Wireless QoS from the navigation tree.
2. Click the Client Rate Limit tab.
3.
Select the target WLAN
service service2 from the list, and click the icon for the
inbound direction.
4. Select Dynamic from the Mode list. Enter 8000 in the Total Rate field.
5. Click Apply.
Figure 51 Configuring dynamic rate limiting
Verifying the configuration
Check that:
1. When only Client1 accesses the WLAN through SSID service2, its traffic can pass through at a rate as high as 8000 kbps.
2. When both Client1 and Client2 access the WLAN through SSID service2, their traffic flows can each pass through at a rate as high as 4000 kbps.
Bandwidth guarantee configuration example
Network requirements
As shown in Figure 52, three clients use wireless services research, office, and entertain to access the wireless network.
To make sure the enterprise network works properly, guarantee the office service 20% of the bandwidth, the research service 80%, and the entertain service none.
Configuring the wireless services
For the configuration procedure, see "Configuring wireless services." You can follow the related configuration example to configure the wireless services.
Configuring bandwidth guaranteeing
1. Select QoS > Wireless QoS from the navigation tree.
2. Click the Bandwidth Guarantee tab to enter the page for configuring bandwidth guarantee.
3. Set the reference radio bandwidth to 200000 for 802.11n.
4. Click Apply.
Figure 53 Setting the reference radio bandwidth
5.
Click the 
icon
for 802.11n to enter the page
for setting guaranteed bandwidth.
6. Set the guaranteed bandwidth percent to 80 for wireless service research. Set the guaranteed bandwidth percent to 20 for wireless service office. Set the guaranteed bandwidth percent to 0 for wireless service entertain.
7. Click Apply.
After you apply the guaranteed bandwidth settings, the page for enabling bandwidth guarantee appears.
Figure 54 Setting guaranteed bandwidth
8. Select the box specific to 802.11n.
9. Click Enable.
Figure 55 Enabling bandwidth guarantee
Verifying the configuration
· Send traffic from the AP to the three clients at a rate lower than 200000 kbps. The rate of traffic from the AP to the three clients is not limited.
· Send traffic at a rate higher than 40000 kbps from the AP to Client 1 and at a rate higher than 160000 kbps from the AP to Client 2. The total rate of traffic from the AP to all clients exceeds 200000 kbps. Because you have enabled bandwidth guarantee for wireless services research and office, the AP forwards traffic to Client 1 and Client 2 at 40000 kbps and 160000 kbps, respectively, and limits the traffic to Client 3.
Configuration guidelines
· Guaranteed bandwidth in kbps = reference radio bandwidth × guaranteed bandwidth percent.
· Set the reference radio bandwidth slightly lower than the available maximum bandwidth.
· The guaranteed bandwidth configuration applies to only the traffic from the AP to clients.
