Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 01-TAP commands | 127.67 KB |
TAP commands
display qos policy user-defined tap
Use display qos policy user-defined tap to display the configuration of TAP policies.
Syntax
In standalone mode:
display qos policy user-defined tap [ policy-name [ classifier classifier-name ] ] [ slot slot-number ]
In IRF mode:
display qos policy user-defined tap [ policy-name [ classifier classifier-name ] ] [ chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
policy-name: Specifies a QoS policy by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a QoS policy, this command displays the configuration of TAP policies.
classifier classifier-name: Specifies a traffic class by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a traffic class, this command displays all traffic classes.
slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays the configuration of TAP policies for the active MPU. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify this option, the command displays the configuration of TAP policies for the global active MPU. (In IRF mode.)
Examples
# Display the configuration of TAP policies.
<Sysname> display qos policy user-defined tap
User-defined QoS policy information:
Tap policy: tap (ID 100)
Classifier: c (ID 0)
Behavior: b
-none-
|
Field |
Description |
|
none |
No action is configured. |
|
Marking |
Marking action: · Remark destination-ip—Action of marking the destination IPv4 address of packets. · Remark destination-ipv6—Action of marking the destination IPv6 address of packets. · Remark destination-mac—Action of marking the destination MAC address of packets. · Remark source-ip—Action of marking the source IPv4 address of packets. · Remark source-ipv6—Action of marking the source IPv6 address of packets. · Remark source-mac—Action of marking the source MAC address of packets. |
|
strip-header |
Action of stripping the outer Layer 2 header and the outer Layer 3 header. |
|
strip-header position |
Action of stripping the tunnel header from the start of the outer Layer 2 header to the specified position. |
|
strip-header top-most-vlan |
Action of deleting the outer VLAN tag of packets. |
|
strip-header gre |
Action of deleting the GRE header and all outer headers of GRE packets. · header-length—Length of the GRE header to be deleted. · encap-eth-header—Ethernet header information to be encapsulated for the packets with the GRE header and all outer headers stripped. ¡ destination-mac—Destination MAC address to be encapsulated. ¡ source-mac—Source MAC address to be encapsulated. ¡ vlan—VLAN ID to be encapsulated. ¡ dot1p—802.1p priority to be encapsulated. ¡ ethtype-id—Ethtype ID to be encapsulated. |
|
strip-header nvgre |
Action of deleting the GRE header and all outer headers of NVGRE packets. |
|
strip-header vxlan |
Action of deleting the VXLAN header and all outer headers of VXLAN packets. |
|
timestamp-over-ether |
Action of adding the timestamp and Ethernet header for packets. |
|
truncation enable |
Packet truncation is enabled. |
|
Redirecting |
Redirecting action. |
|
Redirect to monitoring-group |
Action of redirecting traffic to a monitoring group. |
display qos tap policy interface
Use display qos tap policy interface to display the configuration and statistics for TAP policies applied to interfaces.
Syntax
In standalone mode:
display qos tap policy interface [ interface-type interface-number ] [ slot slot-number ]
In IRF mode:
display qos tap policy interface [ interface-type interface-number ] [ chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays the configuration and statistics for applied TAP policies on the global active MPU.
slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays the configuration and statistics for applied TAP policies on the active MPU. Only logical interfaces support this option. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays the configuration and statistics for applied TAP policies on the global active MPU. Only logical interfaces support this option. (In IRF mode.)
Examples
# Display the configuration and statistics for the TAP policy applied to the inbound direction of Ten-GigabitEthernet 3/0/1.
<Sysname> display qos tap policy interface ten-gigabitethernet 3/0/1
Interface: Ten-GigabitEthernet3/0/1
Direction: Inbound
Tap policy: tap
Classifier: c
Operator: AND
Rule(s) :
-none-
Behavior: b
-none-
|
Field |
Description |
|
Direction |
Direction in which the TAP policy is applied. |
|
Tap policy |
TAP policy name. |
|
Operator |
Match operator you set for the traffic class. |
|
Rule(s) |
Match criteria. |
For information about other fields, see Table 1.
qos apply tap policy inbound
Use qos apply tap policy inbound to apply a TAP policy to the inbound direction of an interface.
Use undo qos apply tap policy inbound to remove an applied TAP policy.
Syntax
qos apply tap policy policy-name inbound [ inner-match ]
undo qos apply tap policy policy-name inbound [ inner-match ]
Default
No TAP policy is applied to an interface.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
policy-name: Specifies a TAP policy by its name, a case-sensitive string of 1 to 31 characters.
inner-match: Specifies that the traffic class match the inner header information of GRE, NVGRE, and VXLAN packets.
Usage guidelines
For passing VXLAN packets and GRE packets on SC modules prefixed with LSCM2 and SD interface modules, an inbound ACL cannot match the destination MAC, customer-vlan-id, and customer-dot1p fields in the inner or outer header of these packets.
You can apply a TAP policy to only a Layer 2 or Layer 3 Ethernet interface.
The inner-match keyword is supported only on the following modules:
· SC modules prefixed with LSCM2.
· SD interface modules.
· SE interface modules.
· SF interface modules.
Examples
# Apply TAP policy TEST11 to the inbound direction of Ten-GigabitEthernet 3/0/1.
<Sysname> system-view
[Sysname] interface ten-gigabitethernet 3/0/1
[Sysname-Ten-GigabitEthernet3/0/1] qos apply tap policy TEST11 inbound
qos tap policy
Use qos tap policy to create a TAP policy and enter its view, or enter the view of an existing TAP policy.
Use undo qos tap policy to delete a TAP policy.
Syntax
qos tap policy policy-name
undo qos tap policy policy-name
Default
No TAP policies exist.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
policy-name: Specifies a TAP policy name, a case-sensitive string of 1 to 31 characters.
Usage guidelines
To delete a TAP policy that has been applied to an interface, you must first remove the TAP policy from the interface.
Examples
# Create a TAP policy named user5.
<Sysname> system-view
[Sysname] qos tap policy user5
[Sysname-qospolicy-user5]
Related commands
classifier behavior
qos apply tap policy inbound
qos truncation length
Use qos truncation length to set the packet length after truncation.
Use undo qos truncation length to restore the default.
Syntax
qos truncation length length
undo qos truncation length
Default
The packet truncation length is 128 bytes.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
length: Specifies the packet length after truncation in bytes. The value range for this argument is 64 to 144.
Usage guidelines
You can execute this command only after you enable packet truncation in a traffic behavior.
This command truncates packets beginning from the Layer 2 header. The CRC is recalculated for the truncated part, and a new packet is generated. The packet length after truncation is the truncated part plus the CRC length.
To ensure the validity of a large packet header after truncation, set the packet length after truncation to be equal to or greater than the packet header length. A packet header can be large if it contains Options fields or the packet is an encapsulated packet.
Examples
# Set the packet length after truncation to 100 bytes.
<Sysname> system-view
[Sysname] qos truncation length 100
Related commands
truncation enable
remark destination-ip
Use remark destination-ip to configure a destination IPv4 address marking action in a traffic behavior.
Use undo remark destination-ip to restore the default.
Syntax
remark destination-ip ipv4-address
undo remark destination-ip
Default
No destination IPv4 address marking action is configured.
Views
Traffic behavior view
Predefined user roles
network-admin
mdc-admin
Parameters
ipv4-address: Specifies a destination IPv4 address in dotted notation format.
Examples
# Configure traffic behavior behavior1 to mark matching packets with destination IPv4 address 10.0.0.1.
<Sysname> system-view
[Sysname] traffic behavior behavior1
[Sysname-behavior-behavior1] remark destination-ip 10.0.0.1
Related commands
traffic behavior
remark destination-ipv6
Use remark destination-ipv6 to configure a destination IPv6 address marking action in a traffic behavior.
Use undo remark destination-ipv6 to restore the default.
Syntax
remark destination-ipv6 ipv6-address
undo remark destination-ipv6
Default
No destination IPv6 address marking action is configured.
Views
Traffic behavior view
Predefined user roles
network-admin
mdc-admin
Parameters
ipv6-address: Specifies a destination IPv6 address.
Examples
# Configure traffic behavior behavior1 to mark matching packets with destination IPv6 address 3001::1.
<Sysname> system-view
[Sysname] traffic behavior behavior1
[Sysname-behavior-behavior1] remark destination-ipv6 3001::1
Related commands
traffic behavior
remark destination-mac
Use remark destination-mac to configure a destination MAC address marking action in a traffic behavior.
Use undo remark destination-mac to restore the default.
Syntax
remark destination-mac mac-address
undo remark destination-mac
Default
No destination MAC address marking action is configured.
Views
Traffic behavior view
Predefined user roles
network-admin
mdc-admin
Parameters
mac-address: Specifies a destination MAC address in H-H-H format.
Examples
# Configure traffic behavior behavior1 to mark matching packets with destination MAC address 600b-038a-a395.
<Sysname> system-view
[Sysname] traffic behavior behavior1
[Sysname-behavior-behavior1] remark destination-mac 600b-038a-a395
Related commands
traffic behavior
remark source-ip
Use remark source-ip to configure a source IPv4 address marking action in a traffic behavior.
Use undo remark source-ip to restore the default.
Syntax
remark source-ip ipv4-address
undo remark source-ip
Default
No source IPv4 address marking action is configured.
Views
Traffic behavior view
Predefined user roles
network-admin
mdc-admin
Parameters
ipv4-address: Specifies a source IPv4 address in dotted notation format.
Examples
# Configure traffic behavior behavior1 to mark matching packets with source IPv4 address 10.0.0.1.
<Sysname> system-view
[Sysname] traffic behavior behavior1
[Sysname-behavior-behavior1] remark source-ip 10.0.0.1
Related commands
traffic behavior
remark source-ipv6
Use remark source-ipv6 to configure a source IPv6 address marking action in a traffic behavior.
Use undo remark source-ipv6 to restore the default.
Syntax
remark source-ipv6 ipv6-address
undo remark source-ipv6
Default
No source IPv6 address marking action is configured.
Views
Traffic behavior view
Predefined user roles
network-admin
mdc-admin
Parameters
ipv6-address: Specifies a source IPv6 address.
Examples
# Configure traffic behavior behavior1 to mark matching packets with source IPv6 address 3001::1.
<Sysname> system-view
[Sysname] traffic behavior behavior1
[Sysname-behavior-behavior1] remark source-ipv6 3001::1
Related commands
traffic behavior
remark source-mac
Use remark source-mac to configure a source MAC address marking action in a traffic behavior.
Use undo remark source-mac to restore the default.
Syntax
remark source-mac mac-address
undo remark source-mac
Default
No source MAC address marking action is configured.
Views
Traffic behavior view
Predefined user roles
network-admin
mdc-admin
Parameters
mac-address: Specifies a source MAC address in H-H-H format.
Examples
# Configure traffic behavior behavior1 to mark matching packets with source MAC address 600b-038a-a395.
<Sysname> system-view
[Sysname] traffic behavior behavior1
[Sysname-behavior-behavior1] remark source-mac 600b-038a-a395
Related commands
strip-header
Use strip-header to configure a packet header deleting action in a traffic behavior.
Use undo strip-header to restore the default.
Syntax
strip-header [ position { l2 | l3 | l4 } [ offset offset-value ] | top-most-vlan | gre header-length header-length encap-eth-header destination-mac mac-address source-mac mac-address [ vlan vlan-id [ dot1p dot1p-value ] ] ethtype-id ethtype-id | nvgre | vxlan ]
undo strip-header
Default
No packet header deleting action is configured.
Views
Traffic behavior view
Predefined user roles
network-admin
mdc-admin
Parameters
position: Specifies the position that the stripping of the tunnel header ends.
l2: Specifies the outer Layer 2 header as the position.
l3: Specifies the outer Layer 3 header as the position.
l4: Specifies the outer Layer 4 header as the position.
offset offset_value: Specifies the offset from the position, the number of bytes after the position. The value range for the offset_value argument is 1 to 32.
top-most-vlan: Deletes the outer VLAN tag of packets.
gre header-length header-length: Deletes the GRE header and all outer headers of GRE packets. The header-length argument specifies the length of the GRE header, in the range of 4 to 16 bytes.
encap-eth-header: Configures the Ethernet header information to add to original packets.
· destination-mac mac-address: Specifies the destination MAC address in the format of H-H-H.
· source-mac mac-address: Specifies the source MAC address in the format of H-H-H.
· vlan vlan-id: Specifies a VLAN ID in the range of 1 to 4094.
· dot1p dot1p-value: Specifies a 802.1p priority in the range of 0 to 7.
· ethtype-id ethtype-id: Specifies an Ethtype ID in the range of 0x0000 to 0xFFFF.
nvgre: Deletes the GRE header and all outer headers of NVGRE packets.
vxlan: Deletes the VXLAN header and all outer headers of VXLAN packets.
Usage guidelines
The strip-header top-most-vlan command is used to delete the outer VLAN tag in scenarios where the data monitoring device can only receive packets without VLAN tags or with one VLAN tag.
In some scenarios, the data monitoring device (the server) cannot parse GRE, NVGRE, or VXLAN packets. You can delete the headers of the packets in the following ways:
· Use the strip-header position command to delete the headers by self-defining the deleted part. As an example, the strip-header position l3 offset 4 command strips the outer Layer 2 header and the first four bytes of the outer Layer 3 header.
· For VXLAN packets and NVGRE packets, you can also use the strip-header [ nvgre | vxlan ] command to delete the tunnel header and all outer headers.
· For GRE packets, you can also use the strip-header gre command to delete the tunnel header and all outer headers. The GRE header has three optional fields (Checksum, Key, and Sequence Number) and its length is not fixed. You must specify the length of the GRE header to be deleted. You must also configure the Ethernet header information to add to the packets with the tunnel header and all outer headers stripped.
The strip-header command has same effect as the strip-header position l4 command (both strip the outer Layer 2 header and the outer Layer 3 header).
For the SC modules prefixed with LSCM2 and SD interface modules, when you calculate the offset of a GRE header in a GRE or NVGRE packet for a tunnel header stripping action, you need to consider only the length of the basic header. You do not need to consider the key, checksum, or sequence number.
Examples
# Configure traffic behavior aa to delete the outer VLAN tag of packets.
<Sysname> system-view
[Sysname] traffic behavior aa
[Sysname-behavior-aa] strip-header top-most-vlan
# Configure traffic behavior aa to delete the first six bytes of the outer Layer 2 header.
<Sysname> system-view
[Sysname] traffic behavior aa
[Sysname-behavior-aa] strip-header position l2 offset 6
Related commands
traffic behavior
traffic behavior
tap enable
Use tap enable to enable TAP globally.
Use undo tap enable to disable TAP globally.
Syntax
tap enable
undo tap enable
Default
By default, TAP is disabled globally.
Views
System view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
Enable TAP globally if the device acts as a pure TAP device between a production network a monitoring device. After TAP is enabled globally, the device disables unnecessary packet forwarding functions to prevent loops and broadcast storms.
After this feature is configured, the unknown unicast suppression and multicast suppression features will no longer in effect.
Examples
# Enable TAP globally.
<Sysname> system-view
[Sysname] tap enable
timestamp-over-ether
Use timestamp-over-ether to configure a timestamp and Ethernet header adding action in a traffic behavior.
Use undo timestamp-over-ether to restore the default.
Syntax
timestamp-over-ether destination-mac mac-address source-mac mac-address ethtype-id ethtype-id
undo timestamp-over-ether
Default
No timestamp and Ethernet header adding action is configured.
Views
Traffic behavior view
Predefined user roles
network-admin
mdc-admin
Parameters
destination-mac mac-address: Specifies the destination MAC address to be encapsulated, in H-H-H format.
source-mac mac-address: Specifies the source MAC address to be encapsulated, in H-H-H format.
ethtype-id ethtype-id: Specifies the Ethernet protocol number in the range of 0x0000 to 0xFFFF.
Usage guidelines
This command allows the device to perform the following operations:
· Adds a timestamp and an Ethernet header to packets by using the specified destination MAC address, source MAC address, and Ethernet protocol number.
· Recalculates the FCS of the packet.
The data monitoring device identifies packets according to the Ethernet protocol number and calculates the network delay according to the timestamp.
Examples
# Configure traffic behavior aa to add a timestamp and an Ethernet header with destination MAC address 11-22-33, source MAC address 44-55-66, and Ethernet protocol number FF.
<Sysname> system-view
[Sysname] traffic behavior aa
[Sysname-behavior-aa] timestamp-over-ether destination-mac 11-22-33 source-mac 44-55-66 ethtype-id ff
Related commands
traffic behavior
truncation enable
Use truncation enable to enable packet truncation in a traffic behavior.
Use undo truncation enable to disable packet truncation in a traffic behavior.
Syntax
truncation enable
undo truncation enable
Default
Packet truncation is enabled.
Views
Traffic behavior view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
This feature reduces the packet processing pressure on the data monitoring device (the server) or prevents the device from sending packet payloads to the server.
This feature truncates packets beginning from the Layer 2 header. The CRC is recalculated for the truncated part. The packet length after truncation includes the truncated part plus the CRC length and is configured by using the qos truncation length command.
Packets sent to an LSCM1GT48SC0 or SE interface module cannot be truncated.
Examples
# Enable packet truncation in traffic behavior aa.
<Sysname> system-view
[Sysname] traffic behavior aa
[Sysname-behavior-aa] truncation enable
Related commands
qos truncation length
traffic behavior
