08-ACL and QoS Configuration Examples

HomeSupportResource CenterSwitchesH3C S7500E Switch SeriesH3C S7500E Switch SeriesTechnical DocumentsConfigure & DeployConfiguration ExamplesH3C S7500E Switch Series Configuration Examples-R7577P04-6W10008-ACL and QoS Configuration Examples
05-H3C_GTS_and_Rate_Limiting_Configuration_Examples

H3C GTS and Rate Limiting Configuration Examples

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Software version: Release 7577P04

Document version: 6W100-20190330

 

Copyright © 2019 New H3C Technologies Co., Ltd. All rights reserved.

No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of New H3C Technologies Co., Ltd.

Except for the trademarks of New H3C Technologies Co., Ltd., any trademarks that may be mentioned in this document are the property of their respective owners.

The information in this document is subject to change without notice.



Introduction

This document provides GTS and rate limiting configuration examples.

Prerequisites

The configuration examples in this document were created and verified in a lab environment, and all the devices were started with the factory default configuration. When you are working on a live network, make sure you understand the potential impact of every command on your network.

This document assumes that you have basic knowledge of GTS and rate limiting.

Example: Configuring GTS and rate limiting

Network configuration

As shown in Figure 1, the 15-Mbps dedicated line transmits the FTP traffic, business-specific application traffic, and IP voice traffic between the headquarters and branch of a company.

The following traffic policing settings have been configured on the edge device (Device B) of the headquarters:

·          CIR of 10 Mbps for IP voice traffic.

·          CIR of 3 Mbps for business-specific application traffic.

·          CIR of 7 Mbps for FTP traffic.

Configure traffic shaping on the edge device (Device A) of the branch to buffer excess traffic of each traffic type.

Configure rate limiting on Device A to limit the outgoing traffic rate to 15 Mbps.

Figure 1 Network diagram

 

Analysis

To meet the network requirements, you must perform the following tasks:

·          To implement GTS, first determine the queue that transmits a type of traffic. In this example, the priorities of these types of traffic are not provided. You need to use priority marking to manually assign packets to different queues.

·          You can manually assign packets to queues by marking DSCP values, 802.1p priority values, or local precedence values. To keep the contents of packets unchanged, mark local precedence values for packets.

Procedures

Before configuring GTS and rate limiting, make sure there is network connectivity between the branch and headquarters.

This section does not describe the configurations for enabling network connectivity.

Configuring priority marking

1.        Create three traffic classes to match the three traffic types:

# Configure basic IPv4 ACL 2000 to match IP voice traffic (traffic from subnet 192.168.3.0/24).

<DeviceA> system-view

[DeviceA] acl basic 2000

[DeviceA-acl-ipv4-basic-2000] rule permit source 192.168.3.0 0.0.0.255

[DeviceA-acl-ipv4-basic-2000] quit

# Create a class named voice, and use ACL 2000 as the match criterion.

[DeviceA] traffic classifier voice

[DeviceA-classifier-voice] if-match acl 2000

[DeviceA-classifier-voice] quit

# Configure basic IPv4 ACL 2001 to match application traffic (traffic from subnet 192.168.2.0/24).

[DeviceA] acl basic 2001

[DeviceA-acl-ipv4-basic-2001] rule permit source 192.168.2.0 0.0.0.255

[DeviceA-acl-ipv4-basic-2001] quit

# Create a class named service, and use ACL 2001 as the match criterion.

[DeviceA] traffic classifier service

[DeviceA-classifier-service] if-match acl 2001

[DeviceA-classifier-service] quit

# Configure advanced IPv4 ACL 3000 to match FTP traffic (traffic from subnet 192.168.1.0/24 and with destination port number 20).

[DeviceA] acl advanced 3000

[DeviceA-acl-ipv4-adv-3000] rule permit tcp destination-port eq 20 source 192.168.1.0 0.0.0.255

[DeviceA-acl-ipv4-adv-3000] quit

# Create a class named ftp, and use ACL 3000 as the match criterion.

[DeviceA] traffic classifier ftp

[DeviceA-classifier-ftp] if-match acl 3000

[DeviceA-classifier-ftp] quit

2.        Create three traffic behaviors:

# Create a behavior named voice, and configure the behavior to mark packets with local precedence 6 (corresponding to queue 6).

[DeviceA] traffic behavior voice

[DeviceA-behavior-voice] remark local-precedence 6

[DeviceA-behavior-voice] quit

# Create a behavior named service, and configure the behavior to mark packets with local precedence 4 (corresponding to queue 4).

[DeviceA] traffic behavior service

[DeviceA-behavior-service] remark local-precedence 4

[DeviceA-behavior-service] quit

# Create a behavior named ftp, and configure the behavior to mark packets with local precedence 2 (corresponding to queue 2).

[DeviceA] traffic behavior ftp

[DeviceA-behavior-ftp] remark local-precedence 2

[DeviceA-behavior-ftp] quit

3.        Configure and apply a QoS policy:

# Create a QoS policy named shaping, and associate the three classes with their respective behaviors in the QoS policy.

[DeviceA] qos policy shaping

[DeviceA-qospolicy-shaping] classifier voice behavior voice

[DeviceA-qospolicy-shaping] classifier service behavior service

[DeviceA-qospolicy-shaping] classifier ftp behavior ftp

[DeviceA-qospolicy-shaping] quit

# Apply the QoS policy shaping to the inbound direction of Ten-GigabitEthernet 1/0/2.

[DeviceA] interface Ten-GigabitEthernet 1/0/2

[DeviceA-Ten-GigabitEthernet1/0/2] qos apply policy shaping inbound

[DeviceA-Ten-GigabitEthernet1/0/2] quit

Configuring GTS

# Configure GTS on Ten-GigabitEthernet 1/0/1 to set the CIR to 10 Mbps for queue 6 (IP voice traffic).

[DeviceA] interface Ten-GigabitEthernet 1/0/1

[DeviceA-Ten-GigabitEthernet1/0/1] qos gts queue 6 cir 10240

# Configure GTS on Ten-GigabitEthernet 1/0/1 to set the CIR to 3 Mbps for queue 4 (application traffic).

[DeviceA-Ten-GigabitEthernet1/0/1] qos gts queue 4 cir 3072

# Configure GTS on Ten-GigabitEthernet 1/0/1 to set the CIR to 7 Mbps for queue 2 (FTP traffic).

[DeviceA-Ten-GigabitEthernet1/0/1] qos gts queue 2 cir 7168

Configuring rate limiting

# Configure rate limiting on Ten-GigabitEthernet 1/0/1 to set the CIR to 15 Mbps for outgoing traffic.

[DeviceA-Ten-GigabitEthernet1/0/1] qos lr outbound cir 15360

Verifying the configuration

# Verify the priority marking settings of Ten-GigabitEthernet 1/0/2.

<Device> display qos policy interface inbound

Interface: Ten-GigabitEthernet1/0/2

  Direction: Inbound

  Policy: shaping

   Classifier: voice

     Operator: AND

     Rule(s) :

      If-match acl 2000

     Behavior: voice

      Marking:

        Remark local-precedence 6

   Classifier: service

     Operator: AND

     Rule(s) :

      If-match acl 2001

     Behavior: service

      Marking:

        Remark local-precedence 4

   Classifier: ftp

     Operator: AND

     Rule(s) :

      If-match acl 3000

     Behavior: ftp

      Marking:

        Remark local-precedence 2

# Verify the GTS settings on Ten-GigabitEthernet 1/0/1.

<Device> display qos gts interface

Interface: Ten-GigabitEthernet1/0/1

 Rule: If-match queue 6

  CIR 10240 (kbps), CBS 640000 (Bytes)

 Rule: If-match queue 4

  CIR 3072 (kbps), CBS 192000 (Bytes)

 Rule: If-match queue 2

  CIR 7168 (kbps), CBS 448000 (Bytes)

# Verify the rate limiting settings on Ten-GigabitEthernet 1/0/1.

<Device> display qos lr interface                          

Interface: Ten-GigabitEthernet1/0/1                                              

Direction: Outbound                                                            

 CIR 15360 (kbps),  CBS 960000 (Bytes)

Configuration files

#

acl basic 2000

 rule 0 permit source 192.168.3.0 0.0.0.255

#

acl basic 2001

 rule 0 permit source 192.168.2.0 0.0.0.255

#

acl advanced 3000

 rule 0 permit tcp source 192.168.1.0 0.0.0.255 destination-port eq ftp-data

#

traffic classifier ftp operator and

 if-match acl 3000

#

traffic classifier service operator and

 if-match acl 2001

#

traffic classifier voice operator and

 if-match acl 2000

#

traffic behavior ftp

 remark local-precedence 2

#

traffic behavior service

 remark local-precedence 4

#

traffic behavior voice

 remark local-precedence 6

#

qos policy shaping

 classifier voice behavior voice

 classifier service behavior service

 classifier ftp behavior ftp 

#

interface Ten-GigabitEthernet1/0/1

 port link-mode bridge

 qos lr outbound cir 15360 cbs 960000

 qos gts queue 6 cir 10240 cbs 640000                                          

 qos gts queue 4 cir 3072 cbs 192000                                           

 qos gts queue 2 cir 7168 cbs 448000                                           

#

interface Ten-GigabitEthernet1/0/2

 port link-mode bridge

 qos apply policy shaping inbound

#

return

Related documentation

·          H3C S7500E  Switch Series ACL and QoS Configuration Guide-R757X

·          H3C S7500E Switch Series ACL and QoS Command Reference-R757X