08-ACL and QoS Configuration Examples

HomeSupportResource CenterSwitchesH3C S7500E Switch SeriesH3C S7500E Switch SeriesTechnical DocumentsConfigure & DeployConfiguration ExamplesH3C S7500E Switch Series Configuration Examples-R7577P04-6W10008-ACL and QoS Configuration Examples
07-H3C_Priority_Marking_and_Queue_Scheduling_Configuration_Examples

H3C Priority Marking and Queue Scheduling Configuration Examples

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Software version: Release 7577P04

Document version: 6W100-20190330

 

Copyright © 2019 New H3C Technologies Co., Ltd. All rights reserved.

No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of New H3C Technologies Co., Ltd.

Except for the trademarks of New H3C Technologies Co., Ltd., any trademarks that may be mentioned in this document are the property of their respective owners.

The information in this document is subject to change without notice.



Introduction

This document provides examples for configuring priority marking, priority mapping, and queue scheduling profiles.

Prerequisites

The configuration examples in this document were created and verified in a lab environment, and all the devices were started with the factory default configuration. When you are working on a live network, make sure you understand the potential impact of every command on your network.

This document assumes that you have basic knowledge of priority marking, priority mapping, and queue scheduling profiles.

Example: Configuring priority marking and queue scheduling

Network configuration

As shown in Figure 1, a company uses dual uplinks to interconnect its headquarters and branches.

The company uses three service types in its intranets:

·          Video service—Uses network segment 10.1.0.0/16 (10.1.1.0/24 for the headquarters, 10.1.2.0/24 for branch A, 10.1.3.0/24 for branch B, 10.1.4.0/24 for branch C, 10.1.5.0/24 for branch D, 10.1.6.0/24 for branch E, and 10.1.7.0/24 for branch F).

·          Production service—Uses network segment 10.2.0.0/16 (10.2.1.0/24 for the headquarters, 10.2.2.0/24 for branch A, 10.2.3.0/24 for branch B, 10.2.4.0/24 for branch C, 10.2.5.0/24 for branch D, 10.2.6.0/24 for branch E, and 10.2.7.0/24 for branch F).

·          Voice service—Uses network segment 10.3.0.0/16 (10.3.1.0/24 for the headquarters, 10.3.2.0/24 for branch A, 10.3.3.0/24 for branch B, 10.3.4.0/24 for branch C, 10.3.5.0/24 for branch D, 10.3.6.0/24 for branch E, and 10.3.7.0/24 for branch F).

Configure priority marking and queue scheduling so the video service, production service, and voice service are scheduled at a ratio of 2:1:1 when congestion occurs.

Figure 1 Network diagram

 

Analysis

To configure priority marking and queue scheduling, you must perform the following tasks:

·          To assign different traffic types to different queues, mark different local precedence values for the service types.

·          To schedule the three services at a ratio of 2:1:1, assign their queues to one WRR group and configure weights for these queues.

Restrictions and guidelines

When you configure priority marking and queue scheduling, follow these restrictions and guidelines:

For queue scheduling to be accurate, make sure the queue IDs in a WRR group are continuous.

Procedures

Configuring Device SI

1.       Configure a QoS policy on Ten-GigabitEthernet 1/0/3 to assign different traffic types to different queues:

# Create ACL 3000 to match video traffic, and create a behavior to mark the video traffic with local precedence 2.

<DeviceS1> system-view

[DeviceS1] acl advanced 3000

[DeviceS1-acl-ipv4-adv-3000] rule 0 permit ip source 10.1.1.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

[DeviceS1-acl-ipv4-adv-3000] quit

[DeviceS1] traffic classifier video

[DeviceS1-classifier-video] if-match acl 3000

[DeviceS1-classifier-video] quit

[DeviceS1] traffic behavior video

[DeviceS1-behavior-video] remark local-precedence 2

[DeviceS1-behavior-video] quit

# Create ACL 3001 to match production traffic, and create a behavior to mark the production traffic with local precedence 3.

[DeviceS1] acl advanced 3001

[DeviceS1-acl-ipv4-adv-3001] rule 0 permit ip source 10.2.1.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

[DeviceS1-acl-ipv4-adv-3001] quit

[DeviceS1] traffic classifier production

[DeviceS1-classifier-production] if-match acl 3001

[DeviceS1-classifier-production] quit

[DeviceS1] traffic behavior production

[DeviceS1-behavior-production] remark local-precedence 3

[DeviceS1-behavior-production] quit

# Create ACL 3002 to match voice traffic, and create a behavior to mark the voice traffic with local precedence 4.

[DeviceS1] acl advanced 3002

[DeviceS1-acl-ipv4-adv-3002] rule 0 permit ip source 10.3.1.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

[DeviceS1-acl-ipv4-adv-3002] quit

[DeviceS1] traffic classifier voice

[DeviceS1-classifier-voice] if-match acl 3002

[DeviceS1-classifier-voice] quit

[DeviceS1] traffic behavior voice

[DeviceS1-behavior-voice] remark local-precedence 4

[DeviceS1-behavior-voice] quit

# Create a QoS policy named policy1, and associate the three traffic classes with their respective traffic behaviors.

[DeviceS1] qos policy policy1

[DeviceS1-qospolicy-policy1] classifier video behavior video

[DeviceS1-qospolicy-policy1] classifier production behavior production

[DeviceS1-qospolicy-policy1] classifier voice behavior voice

[DeviceS1-qospolicy-policy1] quit

# Apply the QoS policy policy1 to the inbound direction of Ten-GigabitEthernet 1/0/3.

[DeviceS1] interface ten-gigabitethernet 1/0/3

[DeviceS1-Ten-GigabitEthernet1/0/3] qos apply policy policy1 inbound

[DeviceS1-Ten-GigabitEthernet1/0/3] quit

2.       Configure a queue scheduling profile on Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2:

# Create a queue scheduling profile named qm1 for WRR. Configure the weights of queue 2 (for video traffic), queue 3 (for production traffic), and queue 4 (for voice traffic) as 2, 1, and 1, respectively.

[DeviceS1] qos qmprofile qm1

[DeviceS1-qmprofile-qm1] queue 2 wrr group 1 byte-count 2

[DeviceS1-qmprofile-qm1] queue 3 wrr group 1 byte-count 1

[DeviceS1-qmprofile-qm1] queue 4 wrr group 1 byte-count 1

[DeviceS1-qmprofile-qm1] quit

# Apply the queue scheduling profile qm1 to Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2.

[DeviceS1] interface ten-gigabitethernet 1/0/1

[DeviceS1-Ten-GigabitEthernet1/0/1] qos apply qmprofile qm1

[DeviceS1-Ten-GigabitEthernet1/0/1] quit

[DeviceS1] interface ten-gigabitethernet 1/0/2

[DeviceS1-Ten-GigabitEthernet1/0/2] qos apply qmprofile qm1

[DeviceS1-Ten-GigabitEthernet1/0/2] quit

Configuring Device S2

# Configure Device S2 in the same way Device S1 is configured. (Details not shown.)

Configuring Device A1

1.       Configure a QoS policy on Ten-GigabitEthernet 1/0/3 to assign different traffic types to different queues:

# Create ACL 3000 to match video traffic, and create a behavior to mark the video traffic with local precedence 2.

<Device A1> system-view

[DeviceA1] acl advanced 3000

[DeviceA1-acl-ipv4-adv-3000] rule 0 permit ip source 10.1.2.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

[DeviceA1-acl-ipv4-adv-3000] quit

[DeviceA1] traffic classifier video

[DeviceA1-classifier-video] if-match acl 3000

[DeviceA1-classifier-video] quit

[DeviceA1] traffic behavior video

[DeviceA1-behavior-video] remark local-precedence 2

[DeviceA1-behavior-video] quit

# Create ACL 3001 to match production traffic, and create a behavior to mark the production traffic with local precedence 3.

[DeviceA1] acl advanced 3001

[DeviceA1-acl-ipv4-adv-3001] rule 0 permit ip source 10.2.2.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

[DeviceA1-acl-ipv4-adv-3001] quit

[DeviceA1] traffic classifier production

[DeviceA1-classifier-production] if-match acl 3001

[DeviceA1-classifier-production] quit

[DeviceA1] traffic behavior production

[DeviceA1-behavior-production] remark local-precedence 3

[DeviceA1-behavior-production] quit

# Create ACL 3002 to match voice traffic, and create a behavior to mark the voice traffic with local precedence 4.

[DeviceA1] acl advanced 3002

[DeviceA1-acl-ipv4-adv-3002] rule 0 permit ip source 10.3.2.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

[DeviceA1-acl-ipv4-adv-3002] quit

[DeviceA1] traffic classifier voice

[DeviceA1-classifier-voice] if-match acl 3002

[DeviceA1-classifier-voice] quit

[DeviceA1] traffic behavior voice

[DeviceA1-behavior-voice] remark local-precedence 4

[DeviceA1-behavior-voice] quit

# Create a QoS policy named policy1, and associate the three classes of traffic with their respective traffic behaviors.

[DeviceA1] qos policy policy1

[DeviceA1-qospolicy-policy1] classifier video behavior video

[DeviceA1-qospolicy-policy1] classifier production behavior production

[DeviceA1-qospolicy-policy1] classifier voice behavior voice

[DeviceA1-qospolicy-policy1] quit

# Apply the QoS policy policy1 to the inbound direction of Ten-GigabitEthernet 1/0/3.

[DeviceA1] interface ten-gigabitethernet 1/0/3

[DeviceA1-Ten-GigabitEthernet1/0/3] qos apply policy policy1 inbound

[DeviceA1-Ten-GigabitEthernet1/0/3] quit

2.       Configure a queue scheduling profile on Ten-GigabitEthernet 1/0/1:

# Create a queue scheduling profile named qm1 for WRR. Configure the weights of queue 2 (for video traffic), queue 3 (for production traffic), and queue 4 (for voice traffic) as 2, 1, and 1, respectively.

[DeviceA1] qos qmprofile qm1

[DeviceA1-qmprofile-qm1] queue 2 wrr group 1 byte-count 2

[DeviceA1-qmprofile-qm1] queue 3 wrr group 1 byte-count 1

[DeviceA1-qmprofile-qm1] queue 4 wrr group 1 byte-count 1

[DeviceA1-qmprofile-qm1] quit

# Apply the queue scheduling profile qm1 to Ten-GigabitEthernet 1/0/1.

[DeviceA1] interface ten-gigabitethernet 1/0/1

[DeviceA1-Ten-GigabitEthernet1/0/1] qos apply qmprofile qm1

[DeviceA1-Ten-GigabitEthernet1/0/1] quit

Configuring other devices

# Configure Device A2, Device F1, and Device F2 in the same way Device A1 is configured. (Details not shown.)

Verifying the configuration

Verify the configuration on any device, for example, Device S1.

# Verify the QoS policy applied to Ten-GigabitEthernet 1/0/3.

[DeviceS1] display qos policy interface ten-gigabitethernet 1/0/3

  Interface: Ten-GigabitEthernet1/0/3

  Direction: Inbound

  Policy: policy1

   Classifier: video

     Operator: AND

     Rule(s) :

      If-match acl 3000

     Behavior: video

      Marking:

        Remark local-precedence 2

   Classifier: production

     Operator: AND

     Rule(s) :

      If-match acl 3001

     Behavior: production

      Marking:

        Remark local-precedence 3

   Classifier: voice

     Operator: AND

     Rule(s) :

      If-match acl 3002

     Behavior: voice

      Marking:

        Remark local-precedence 4

# Verify the configuration of queue scheduling profiles.

[DeviceS1] display qos qmprofile configuration

Queue management profile: qm1 (ID 1)

 Queue ID    Type    Group    Schedule-unit    Schedule-value    Bandwidth

 ---------------------------------------------------------------------------

 be          SP      N/A      N/A              N/A                N/A

 af1         SP      N/A      N/A              N/A                N/A

 af2         WRR     1        byte-count       2                  N/A

 af3         WRR     1        byte-count       1                  N/A

 af4         WRR     1        byte-count       1                  N/A

 ef          SP      N/A      N/A              N/A                N/A

 cs6         SP      N/A      N/A              N/A                N/A

 cs7         SP      N/A      N/A              N/A                N/A

Configuration files

·          Device S1:

#

qos qmprofile qm1

 queue af2 wrr group 1 byte-count 2

 queue af3 wrr group 1 byte-count 1

 queue af4 wrr group 1 byte-count 1

#

traffic classifier production operator and

 if-match acl 3001

#

traffic classifier video operator and

 if-match acl 3000

#

traffic classifier voice operator and

 if-match acl 3002

#

traffic behavior production

 remark local-precedence 3

#

traffic behavior video

 remark local-precedence 2

#

traffic behavior voice

 remark local-precedence 4

#

qos policy policy1

 classifier video behavior video

 classifier production behavior production

 classifier voice behavior voice

#

interface Ten-GigabitEthernet1/0/1

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Ten-GigabitEthernet1/0/2

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Ten-GigabitEthernet1/0/3

 port link-mode bridge

 qos apply policy policy1 inbound

#

acl advanced 3000

 rule 0 permit ip source 10.1.1.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

#

acl advanced 3001

 rule 0 permit ip source 10.2.1.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

#

acl advanced 3002

 rule 0 permit ip source 10.3.1.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

#

return

·          Device S2:

#

qos qmprofile qm1

 queue af2 wrr group 1 byte-count 2

 queue af3 wrr group 1 byte-count 1

 queue af4 wrr group 1 byte-count 1

#

traffic classifier production operator and

 if-match acl 3001

#

traffic classifier video operator and

 if-match acl 3000

#

traffic classifier voice operator and

 if-match acl 3002

#

traffic behavior production

 remark local-precedence 3

#

traffic behavior video

 remark local-precedence 2

#

traffic behavior voice

 remark local-precedence 4

#

qos policy policy1

 classifier video behavior video

 classifier production behavior production

 classifier voice behavior voice

#

interface Ten-GigabitEthernet1/0/1

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Ten-GigabitEthernet1/0/2

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Ten-GigabitEthernet1/0/3

 port link-mode bridge

 qos apply policy policy1 inbound

#

acl advanced 3000

 rule 0 permit ip source 10.1.1.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

#

acl advanced 3001

 rule 0 permit ip source 10.2.1.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

#

acl advanced 3002

 rule 0 permit ip source 10.3.1.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

#

return

·          Device A1:

#

qos qmprofile qm1

 queue af2 wrr group 1 byte-count 2

 queue af3 wrr group 1 byte-count 1

 queue af4 wrr group 1 byte-count 1

#

traffic classifier production operator and

 if-match acl 3001

#

traffic classifier video operator and

 if-match acl 3000

#

traffic classifier voice operator and

 if-match acl 3002

#

traffic behavior production

 remark local-precedence 3

#

traffic behavior video

 remark local-precedence 2

#

traffic behavior voice

 remark local-precedence 4

#

qos policy policy1

 classifier video behavior video

 classifier production behavior production

 classifier voice behavior voice

#

interface Ten-GigabitEthernet1/0/1

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Ten-GigabitEthernet1/0/3

 port link-mode bridge

 qos apply policy policy1 inbound

#

acl advanced 3000

 rule 0 permit ip source 10.1.2.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

#

acl advanced 3001

 rule 0 permit ip source 10.2.2.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

#

acl advanced 3002

 rule 0 permit ip source 10.3.2.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

#

return

·          Device A2:

#

qos qmprofile qm1

 queue af2 wrr group 1 byte-count 2

 queue af3 wrr group 1 byte-count 1

 queue af4 wrr group 1 byte-count 1

#

traffic classifier production operator and

 if-match acl 3001

#

traffic classifier video operator and

 if-match acl 3000

#

traffic classifier voice operator and

 if-match acl 3002

#

traffic behavior production

 remark local-precedence 3

#

traffic behavior video

 remark local-precedence 2

#

traffic behavior voice

 remark local-precedence 4

#

qos policy policy1

 classifier video behavior video

 classifier production behavior production

 classifier voice behavior voice

#

interface Ten-GigabitEthernet1/0/1

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Ten-GigabitEthernet1/0/3

 port link-mode bridge

 qos apply policy policy1 inbound

#

acl advanced 3000

 rule 0 permit ip source 10.1.2.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

#

acl advanced 3001

 rule 0 permit ip source 10.2.2.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

#

acl advanced 3002

 rule 0 permit ip source 10.3.2.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

#

return

·          Device F1:

#

qos qmprofile qm1

 queue af2 wrr group 1 byte-count 2

 queue af3 wrr group 1 byte-count 1

 queue af4 wrr group 1 byte-count 1

#

traffic classifier production operator and

 if-match acl 3001

#

traffic classifier video operator and

 if-match acl 3000

#

traffic classifier voice operator and

 if-match acl 3002

#

traffic behavior production

 remark local-precedence 3

#

traffic behavior video

 remark local-precedence 2

#

traffic behavior voice

 remark local-precedence 4

#

qos policy policy1

 classifier video behavior video

 classifier production behavior production

 classifier voice behavior voice

#

interface Ten-GigabitEthernet1/0/2

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Ten-GigabitEthernet1/0/3

 port link-mode bridge

 qos apply policy policy1 inbound

#

acl advanced 3000

 rule 0 permit ip source 10.1.7.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

#

acl advanced 3001

 rule 0 permit ip source 10.2.7.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

#

acl advanced 3002

 rule 0 permit ip source 10.3.7.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

#

return

·          Device F2:

#

qos qmprofile qm1

 queue af2 wrr group 1 byte-count 2

 queue af3 wrr group 1 byte-count 1

 queue af4 wrr group 1 byte-count 1

#

traffic classifier production operator and

 if-match acl 3001

#

traffic classifier video operator and

 if-match acl 3000

#

traffic classifier voice operator and

 if-match acl 3002

#

traffic behavior production

 remark local-precedence 3

#

traffic behavior video

 remark local-precedence 2

#

traffic behavior voice

 remark local-precedence 4

#

qos policy policy1

 classifier video behavior video

 classifier production behavior production

 classifier voice behavior voice

#

interface Ten-GigabitEthernet1/0/2

 port link-mode bridge

 qos apply qmprofile qm1

#

interface Ten-GigabitEthernet1/0/3

 port link-mode bridge

 qos apply policy policy1 inbound

#

acl advanced 3000

 rule 0 permit ip source 10.1.7.0 0.0.0.255 destination 10.1.0.0 0.0.255.255

#

acl advanced 3001

 rule 0 permit ip source 10.2.7.0 0.0.0.255 destination 10.2.0.0 0.0.255.255

#

acl advanced 3002

 rule 0 permit ip source 10.3.7.0 0.0.0.255 destination 10.3.0.0 0.0.255.255

#

return

Related documentation

·          H3C S7500E Switch Series ACL and QoS Configuration Guide-R757X

·          H3C S7500E ACL and QoS Command Reference-R757X