Vous êtes sur la page 1sur 145

HUAWEI NetEngine5000E Core Router V800R003C00

Configuration Guide - QoS


Issue Date 01 2012-06-30

HUAWEI TECHNOLOGIES CO., LTD.

Copyright Huawei Technologies Co., Ltd. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions


and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders.

Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute the warranty of any kind, express or implied.

Huawei Technologies Co., Ltd.


Address: Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China http://www.huawei.com support@huawei.com

Website: Email:

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

About This Document

About This Document


Intended Audience
This document provides the basic concepts, configuration procedures, and configuration examples in different application scenarios of the QoS feature supported by the NE5000E device. This document describes how to configure the QoS feature. This document is intended for: l l l l Data configuration engineers Commissioning engineers Network monitoring engineers System maintenance engineers

Related Versions (Optional)


The following table lists the product versions related to this document. Product Name HUAWEI NetEngine5000E Core Router Version V800R003C00

Symbol Conventions
The symbols that may be found in this document are defined as follows. Symbol Description Indicates a hazard with a high level of risk, which if not avoided, will result in death or serious injury. Indicates a hazard with a medium or low level of risk, which if not avoided, could result in minor or moderate injury.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

ii

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

About This Document

Symbol

Description Indicates a potentially hazardous situation, which if not avoided, could result in equipment damage, data loss, performance degradation, or unexpected results. Indicates a tip that may help you solve a problem or save time. Provides additional information to emphasize or supplement important points of the main text.

Command Conventions (Optional)


The command conventions that may be found in this document are defined as follows. Convention Boldface Italic [] { x | y | ... } [ x | y | ... ] { x | y | ... }* Description The keywords of a command line are in boldface. Command arguments are in italics. Items (keywords or arguments) in brackets [ ] are optional. Optional items are grouped in braces and separated by vertical bars. One item is selected. Optional items are grouped in brackets and separated by vertical bars. One item is selected or no item is selected. Optional items are grouped in braces and separated by vertical bars. A minimum of one item or a maximum of all items can be selected. Optional items are grouped in brackets and separated by vertical bars. Several items or no item can be selected. The parameter before the & sign can be repeated 1 to n times. A line starting with the # sign is comments.

[ x | y | ... ]* &<1-n> #

Change History
Updates between document issues are cumulative. Therefore, the latest document issue contains all updates made in previous issues.

Changes in Issue 01 (2012-06-30)


The initial commercial release.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. iii

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

Contents

Contents
About This Document.....................................................................................................................ii 1 QoS Overview................................................................................................................................1
1.1 Introduction to QoS............................................................................................................................................2 1.1.1 Traditional Packets Transmission Application..........................................................................................2 1.1.2 New Applications Requirements...............................................................................................................2 1.2 End-to-End QoS Model......................................................................................................................................3 1.2.1 Best-Effort Service Model.........................................................................................................................3 1.2.2 Integrated Service Model...........................................................................................................................3 1.2.3 Differentiated Service Model....................................................................................................................4

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit.....................................9


2.1 Introduction to Traffic Policing, Traffic Shaping, and Interface Rate Limit....................................................11 2.2 Traffic Policing, Traffic Shaping and Interface Rate Limit Supported by the NE5000E................................15 2.3 Configuring Interface-Based Traffic Policing..................................................................................................15 2.4 Configuring Traffic Policing Based on Complex Traffic Classification..........................................................17 2.4.1 Defining Traffic Classifiers.....................................................................................................................18 2.4.2 Defining a Traffic Behavior and Configuring Traffic Policing Actions.................................................20 2.4.3 Defining a Traffic Policy.........................................................................................................................21 2.4.4 Applying a Traffic Policy........................................................................................................................21 2.4.5 Checking the Configuration.....................................................................................................................22 2.5 Configuring Traffic Shaping............................................................................................................................24 2.6 Configuring Interface-based Rate Limit...........................................................................................................28 2.7 Maintaining Traffic Policing, Traffic Shaping and Interface-based Rate limit................................................29 2.7.1 Clearing Statistics on CAR......................................................................................................................29 2.8 Configuration Examples...................................................................................................................................30 2.8.1 Example for Configuring Traffic Policing, Traffic Shaping, and Interface-based Rate Limit................30

3 Congestion Avoidance Configuration.....................................................................................35


3.1 Introduction to Congestion Avoidance.............................................................................................................36 3.2 Congestion Avoidance Supported by the NE5000E.........................................................................................37 3.3 Configuring WRED..........................................................................................................................................37 3.3.1 Configuring WRED Templates...............................................................................................................38 3.3.2 Applying WRED.....................................................................................................................................39 3.3.3 Checking the Configuration.....................................................................................................................40 Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. iv

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

Contents

3.4 Configuration Example.....................................................................................................................................41 3.4.1 Example for Configuring Congestion Avoidance...................................................................................41

4 Class-based QoS Configuration...............................................................................................44


4.1 Class-based QoS Overview..............................................................................................................................46 4.2 Class-based QoS Supported by the NE5000E..................................................................................................48 4.3 Configuring CTC-based Traffic Policies for IP Packets..................................................................................48 4.3.1 Defining a Traffic Classifier....................................................................................................................49 4.3.2 Defining a Traffic Behavior and Configuring Actions............................................................................52 4.3.3 Defining a Policy and Specifying a Behavior for a Classifier in the Policy............................................56 4.3.4 Applying a Traffic Policy........................................................................................................................57 4.3.5 Enabling the Statistical Function of a Traffic Policy..............................................................................58 4.3.6 Checking the Configuration.....................................................................................................................59 4.4 Configuring Priority Mappings for IP Packets.................................................................................................60 4.5 Configuring CTC-based Traffic Policies for VLAN Packets...........................................................................64 4.5.1 Configuring Rules for Mapping VLAN Frame Priorities.......................................................................65 4.5.2 Configuring VLAN Priorities..................................................................................................................66 4.5.3 Defining a Traffic Policy and Specifying Its Traffic Behaviors..............................................................66 4.5.4 Applying a Traffic Policy........................................................................................................................67 4.5.5 Enabling the Statistical Function of a Traffic Policy..............................................................................68 4.5.6 Checking the Configuration.....................................................................................................................69 4.6 Configuring Priority Mappings for VLAN Packets.........................................................................................70 4.7 Configuring Priority Mappings for MPLS Packets..........................................................................................72 4.8 Maintaining Class-based QoS Configuration...................................................................................................74 4.8.1 Clearing Statistics of a Traffic Policy......................................................................................................74 4.9 Configuration Example.....................................................................................................................................75 4.9.1 Example for Configuring a Traffic Policy Based on Complex Traffic Classification............................75 4.9.2 Example for Configuring CTC-based Traffic Policies for VLAN Packets.............................................84 4.9.3 Example for Configuring Priority Mappings for VLAN Packets Traffic Based on Simple Traffic Classification....................................................................................................................................................86 4.9.4 Example for Configuring Priority Mappings Based on Simple Traffic Classification (MPLS).............90

5 QPPB Configuration...................................................................................................................94
5.1 QPPB Overview...............................................................................................................................................95 5.2 QPPB Supported by the NE5000E...................................................................................................................95 5.3 Configuring Source-Based QPPB....................................................................................................................97 5.3.1 Configuring Routing Policies on a BGP Route Sender...........................................................................99 5.3.2 Configuring Routing Policies on a BGP Route Receiver......................................................................100 5.3.3 Configuring Traffic Behaviors on a Route Receiver.............................................................................102 5.3.4 Configuring QPPB Local Policies on a BGP Route Receiver...............................................................103 5.3.5 Applying a QPPB Local Policy to an Interface.....................................................................................103 5.3.6 Checking the Configuration...................................................................................................................104 5.4 Configuring Destination-Based QPPB...........................................................................................................105 5.4.1 Configuring Routing Policies on a BGP Route Sender.........................................................................107 Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. v

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

Contents

5.4.2 Configuring Routing Policies on a BGP Route Receiver......................................................................108 5.4.3 Configuring Traffic Behaviors on a Route Receiver.............................................................................109 5.4.4 Configuring QPPB Local Policies on a BGP Route Receiver...............................................................110 5.4.5 Applying a QPPB Local Policy to an Interface.....................................................................................111 5.4.6 Checking the Configuration...................................................................................................................112 5.5 Maintaining QPPB..........................................................................................................................................113 5.5.1 Clearing Statistics About a QPPB Policy..............................................................................................113 5.6 Configuration Examples.................................................................................................................................113 5.6.1 Example for Configuring QPPB............................................................................................................113

6 MPLS DiffServ-Mode Configuration....................................................................................120


6.1 MPLS DiffServ Models Overview.................................................................................................................121 6.2 MPLS Pipe/Short Pipe Supported by the NE5000E.......................................................................................124 6.3 Configuring the Uniform/Pipe Mode for MPLS TE......................................................................................124 6.4 Configuring the Uniform/Pipe Mode for the MPLS Penultimate Hop..........................................................125 6.5 Configuring the Pipe/Short Pipe Mode for VPNs..........................................................................................126 6.6 Configuration Examples.................................................................................................................................127 6.6.1 Examples for Configuring MPLS Diff-Serv Modes..............................................................................127

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

vi

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

1 QoS Overview

1
About This Chapter
1.2 End-to-End QoS Model This section describes the end-to-end service of QoS.

QoS Overview

This chapter describes the performance measurement of services provided by the service provider. It also introduces some QoS solutions, such as RSVP and Diff-Serv Model. 1.1 Introduction to QoS This section describes the basic concepts of the Quality of Service (QoS), traditional packet delivery services, new demands resulting from new services, and QoS features supported by the product.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

1 QoS Overview

1.1 Introduction to QoS


This section describes the basic concepts of the Quality of Service (QoS), traditional packet delivery services, new demands resulting from new services, and QoS features supported by the product. Quality of service (QoS) is used to assess the ability of the supplier to meet the customer demands. In the Internet, QoS is used to assess the ability of the network to transmit packets. The network provides a wide variety of services and therefore, QoS should be assessed from different aspects. QoS generally refers to the analysis of the issues related to the process of sending packets such as, bandwidth, delay, jitter, and packet loss ratio.

1.1.1 Traditional Packets Transmission Application


It is difficult to ensure QoS in the traditional IP network. Because routers in the network handle all the packets equally and adopt First In First Out (FIFO) method to transfer packets. Resources used for forwarding packets are allocated based on the arrival sequence of the packets. All packets share the bandwidth of networks and routers. Resources are allocated according to the arrival time of the packets. This policy is called best effort (BE) . The device in this mode tries its best to transmit packets to the destination. The BE mode, however, does not ensure any improvement in delay time, jitter, packet loss ratio, and high reliability. The traditional BE mode applies only to services such as World Wide Web (WWW), file transfer, and email, which have no specific request for bandwidth and jitter.

1.1.2 New Applications Requirements


With the rapid development of the network, increasing number of networks are connected to the Internet. The Internet expands greatly in size, scope, and users. The use of the Internet as a platform for data transmission and implementation of various applications is on the rise. Further, the service providers also want to develop new services for more profits. Apart from traditional applications such as WWW, email, and File Transfer Protocol (FTP), the Internet has expanded to accommodate other services such as E-learning, telemedicine, videophone, videoconference, and video on demand. Enterprise users want to connect their branches in different areas through VPN technologies to implement applications such as accessing corporate databases or managing remote devices through Telnet. These new applications put forward special requirements for bandwidth, delay, and jitter. For example, videoconference and video on demand require high bandwidth, low delay, and low jitter. Telnet stresses on low delay and priority handling in the event of congestion. As new services spring up, the number of requests for the service capability of IP networks has been on the rise. Users expect improved service transmission to the destination and also better quality of services. For example, IP networks are expected to provide dedicated bandwidth, reduce packet loss ratio, avoid network congestion, control network flow, and set the preference of packets to provide different QoS for various services. All these demand better service capability from the network, and QoS is just an answer to the requirements.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 2

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

1 QoS Overview

1.2 End-to-End QoS Model


This section describes the end-to-end service of QoS. Different service models are provided for user services to ensure QoS according to users' requirements and the quality of the network. The common service models are as follows: l l l Best-Effort service model Integrated service model Differentiated service model

1.2.1 Best-Effort Service Model


The BE service model is applicable to the services that are insensitive to the delay and has lower requirements for reliability. BE is realized through the FIFO mechanism. Best-Effort is an indiscriminate and the simplest service model. Application programs can, without notifying the network or obtaining any approval from the network, send any number of packets at any time. For the Best-Effort service, the network tries its best to send packets, but cannot ensure the performance such as delay and reliability. The Best-Effort model is the default service model of the Internet and can be applied to most networks, such as FTP and email, through the First-in-First-out (FIFO) queue.

1.2.2 Integrated Service Model


In the integrated service model, the application program applies to the network for specific service, and does not send packets until the arrival of confirmation that the network has reserved resources for it. The integrated service model is called IntServ for short. IntServ is an integrated service model and can meet various QoS requirements. In this service model, before sending packets, an application program needs to apply for specific services through signaling. The application program first notifies the network of its traffic parameters and the request for special service qualities such as bandwidth and delay. After receiving the confirmation of the network that resources have been reserved for packets, the application program begins sending packets. The sent packets are controlled within the range specified by the flow parameters. After receiving the request for resources from the application program, the network checks the resource allocation. That is, based on the request and current available resources, the network determines whether to allocate resources for the application program or not. Once the network confirms that resources are allocated for the packets, and as long as the packets are controlled within the range specified by the flow parameters, the network is certain to meet the QoS requirements of the application program. The network maintains a state for each flow that is specified by the source and destination IP addresses, interface number, and protocol number. Based on the state, the network classifies packets and performs traffic policing, queuing, and scheduling to fulfil its commitment to the application program. Integrated service can provide the following services: l Guaranteed service: provides the preset bandwidth and delay to meet the requirements of the application program. For example, a 10 Bit/s bandwidth and a delay less than one second can be provided for Voice over IP (VoIP) services. Controlled-load service: If network overload occurs, packets can still be provided with the service similar to that provided in the absence of network overload. That is, when traffic
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 3

Issue 01 (2012-06-30)

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

1 QoS Overview

congestion occurs on the network, less delay and high pass rate are ensured for the packets of certain application programs.

1.2.3 Differentiated Service Model


In the differentiated service model, the application program does not need to send its request for network resources before sending packets. Instead, the application program notifies network nodes of its QoS requirements by setting QoS parameters in the IP header. The differentiated service model is called DiffServ for short. In the model, the application program does not need to send its request for network resource before sending the packets. The application program informs network nodes of its demand for QoS by using QoS parameters in the IP packet header. Then routers along the path obtain the demand by analyzing the header of the packet. To implement Diff-Serv, the access router classifies packets and marks the class of service (CoS) in the IP packet header. The downstream routers then identify the CoS and forward the packets on the basis of CoS. Diff-Serv is therefore a class-based QoS solution.

Diff-Serv Model in IP Network


l Diff-Serv Networking The network node that implements Diff-Serv is called a DS node. A group of DS nodes that adopt the same service policy and the same per-hop behavior (PHB) is called a DS domain. See Figure 1-1. DS nodes are classified into the following two modes: DS border node(DS node1 and DS node2): Connects DS domain with non-DS domain. This node controls traffic and sets Differentiated Services CodePoint (DSCP) value in packets according to the Traffic Conditioning Agreement (TCA). DS interior node(DS node3): Connects a DS border node with other interior nodes or connects interior nodes in a DS domain. This node carries out only the simple traffic classification and traffic control based on the DSCP value. Figure 1-1 Diff-Serv networking diagram

DS domain DS node1 DS node2

DS node3

Non-DS domain

Non-DS domain

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

1 QoS Overview

DS Field and DSCP The Type of Service (ToS) octet in IPv4 packet header is defined in RFC791, RFC134, and RFC1349. As shown in Figure 1-2, the ToS octet contains the following fields: Precedence: It is of three bits (bits 0 through 2). It indicates the precedence of the IP packet. D bit: It is of one bit and indicates delay. T bit: It is of one bit and indicates throughput. R bit: It is of one bit and indicates reliability. C bit: It is of one bit and indicates cost. The highest bit of ToS field has to be 0. The router first checks the IP precedence of packets to implement QoS. The other bits are not fully used. The ToS octet of IPv4 packet header is redefined in RFC2474, called DS field. As shown in Figure 1-2: Bits 0 through 5 in DS field are used as DSCP. Bit 6 and bit 7 are the reserved bits. Bits 0 through 2 are Class Selector CodePoint (CSCP), which indicate a type of DSCP. DS node selects PHB according to the DSCP value. Figure 1-2 ToS field and DS field

IPv4 ToS 0 1 2 3 4 5 6 7 Precedence DTRC 0

DS Field 0 1 2 3 4 5 6 7 CSCP DSCP unused

The DSCP field within the DS field is capable of conveying 64 distinct codepoints. The codepoint space is divided into three pools as shown in Table 1-1. Table 1-1 Classification of DSCP Code Pool 1 2 3 Code Space xxxxx0 xxxx11 xxxx01 Usage Standard action EXP/LU (experiment or local use) EXP/LU (can be used as the extended space for future standard action)

Code pool 1 (xxxxx0) is used for standard action, code pool 2 (xxxx11) and code pool 3 (xxxx01) are used for experiment or future extension. l Standard PHB The DS node implements the PHB behavior on the data flow. The network administrator can configure the mapping from DSCP to PHB. When a packet is received, the DS node detects its DSCP to find the mapping from DSCP to PHB. If no matching mapping is found, the DS node selects the default PHB (Best-Effort, DSCP=000000) to forward the packet. All the DS nodes support the default PHB.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 5

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

1 QoS Overview

The following are the four standard PHBs defined by the IETF: Class selector (CS), Expedited forwarding (EF), Assured forwarding (AF) and Best-Effort (BE). The default PHB is BE. CS PHB Service levels defined by the CS are the same as the IP precedence used on the network. The value of the DSCP is XXX000 where the value of "X" is either 1 or 0. When the value of DSCP is 000000, the default PHB is selected. EF PHB EF means that the flow rate should never be less than the specified rate from any DS node. EF PHB cannot be re-marked in DS domain except on border node. New DSCP is required to meet EF PHB features. EF PHB is defined to simulate the forwarding of a virtual leased line in the DS domain to provide the forwarding service with low drop ratio, low delay, and high bandwidth. AF PHB AF PHB allows traffic of a user to exceed the order specification agreed by the user and the ISP. It ensures that traffic within the order specification is forwarded. The traffic exceeding the specification is not simply dropped, but is forwarded at lower service priorities. Four classes of AF: AF1, AF2, AF3, and AF4 are defined. Each class of AF can be classified into three different dropping priorities. AF codepoint AFij indicates AF class is i (1<=i<=4) and the dropping priority is j (1<=j<=3). When providing AF service, the carrier allocates different bandwidth resource for each class of AF. A special requirement for AF PHB is that the traffic control cannot change the packet sequence in a data flow. For instance, in traffic policing, different packets in a service flow are marked with different dropping priorities even if the packets belong to the same AF class. Although the packets in different service flows have different dropping ratio, their sequence remains unchanged. This mechanism is especially applicable to the transmission of multimedia service. BE PHB BE PHB is the traditional IP packet transmission that focuses only on reachability. All routers support BE PHB. l Recommended DSCP Different DS domains can have self-defined mapping from DSCP to PHB. RFC2474 recommends code values for BE, EF, AFij, and Class Selector Codepoints (CSCP). CSCP is designed to be compatible with IPv4 precedence model. BE: DSCP=000000 EF: DSCP=101110 AFij codepoint AFij codepoint is shown in Table 1-2. Table 1-2 AF codepoint Service Class AF(i=4)
Issue 01 (2012-06-30)

Low Dropping Priority, j=1 100010

Medium Dropping Priority, j=2 100100

High Dropping Priority, j=3 100110


6

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

1 QoS Overview

Service Class AF(i=3) AF(i=2) AF(i=1)

Low Dropping Priority, j=1 011010 010010 001010

Medium Dropping Priority, j=2 011100 010100 001100

High Dropping Priority, j=3 011110 010110 001110

In traffic policing: If j=1, the packet color is marked as green. If j=2, the packet color is marked as yellow. If j=3, the packet color is marked as red. The first three bits of the same AF class are identical. For example, the first three bits of AF1j are 001; that of AF3j are 011, that of AF4j are 100. Bit 3 and bit 4 indicate the dropping priority which has three valid values including 01, 10, and 11. The greater the Bit value, the higher the dropping priority. Class selector codepoint In the Diff-Serv standard, the CSCP is defined to make the DSCP compatible with the precedence field of the IPv4 packet header. The routers identify the priority of the packets through IP precedence. The IP precedence and the CSCP parameters map with each other. The user should configure the values for these parameters. In CSCP, the higher the value of DSCP=xxx000 is, the lower the forwarding delay of PHB is. The default mapping between CSCP and IPv4 precedence is shown in Table 1-3. Table 1-3 The default mapping between IPv4 precedence and CSCP IPv4 Precedence 0 1 2 3 4 5 6 7 CSCP (in binary) 000000 001000 010000 011000 100000 101000 110000 111000 CSCP (in dotted decimal) 0 8 16 24 32 40 48 56 Service Class BE AF1 AF2 AF3 AF4 EF EF EF

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

1 QoS Overview

Diff-Serv Model in the MPLS Network


l EXP field Defined in RFC3032, MPLS packet header is shown in Figure 1-3. EXP field is of three bits. Its value ranges from 0 to 7 and indicates the traffic type. By default, EXP corresponds to IPv4 priority. Figure 1-3 Position of EXP field

MPLS Header 0 1 2 3..... LABEL 20 21 22 23 EXP S TTL 31

Processing QoS Traffic in MPLS Domain Processing QoS Traffic on the Ingress Device On the Ingress device of MPLS domain, you can limit the data flow by setting the Committed Access Rate (CAR) to ensure that the data flow complies with MPLS bandwidth regulations. Besides, you can assign different priorities to the IP packets according to certain policies. One-to-one mapping can be achieved since the IP precedence field and the EXP field are both 3 bits. In Diff-Serv domain, however, the DSCP field of IP packet is 6 bits, which is different from the length of EXP and thus leads to many-to-one mapping. It is defined that the first 3 bits of DSCP (that is, CSCP) are mapped with EXP. Processing QoS Traffic on the Device in the MPLS Domain When forwarding the MPLS label, the LSR in MPLS carries out queue scheduling according to the EXP field in the labels of packets that are received. This ensures that packets with higher priority enjoy better service. Processing QoS Traffic on the Egress Device On the Egress device of MPLS domain, you need to map EXP field to DSCP field of IP packet. By standard, the first 3 bits of DSCP (that is, CSCP) take the value of EXP, and the last 3 bits take 0.

It should be noted that QoS is an end-to-end solution, while MPLS only ensures that data can enjoy the services regulated in SLA. After the data enters the IP network, IP network ensures QoS.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

About This Chapter


This section describes the basic concepts and implementation of traffic policing, traffic shaping, and interface rate limit. 2.1 Introduction to Traffic Policing, Traffic Shaping, and Interface Rate Limit Traffic policing, traffic shaping, and interface rate limit are three key factors in implementing QoS. Traffic policing controls the total traffic and burst traffic that enter or leave a network from a specified link; traffic shaping controls the total traffic and burst traffic that are forwarded from a network to a specified link; interface rate limit implements traffic control by limiting the rates at which traffic is received and sent by an interface. These three QoS factors work together to ensure the stability of a network. 2.2 Traffic Policing, Traffic Shaping and Interface Rate Limit Supported by the NE5000E In the NE5000E, traffic policing, traffic shaping, and interface rate limit are implemented by means of CAR, buffer, and token bucket. Using the preceding methods, devices can buffer packets and can therefore implement traffic policing and traffic shaping. 2.3 Configuring Interface-Based Traffic Policing By means of traffic policing, the total traffic and burst traffic that enter or leave a network from a specified link can be controlled. Where pre-defined conditions are met, for example, the traffic volume from a specified link is too huge, traffic policing controls the traffic from the specified link accordingly, for example, by dropping some packets or lowering the priority of processing packets from the specified link. 2.4 Configuring Traffic Policing Based on Complex Traffic Classification This section describes how to configure traffic policing based on the complex traffic classification (CTC), which is also called the CTC-based traffic policing. 2.5 Configuring Traffic Shaping The function of traffic shaping is similar to that of traffic policing. Traffic shaping mainly buffers packets that need to be dropped by traffic policing by means of buffer and token bucket. 2.6 Configuring Interface-based Rate Limit This section describes how to control the rate at which traffic is forwarded on an interface by configuring interface-based rate limit.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 9

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

2.7 Maintaining Traffic Policing, Traffic Shaping and Interface-based Rate limit This section describes how to clear statistics on traffic policing, shaping and interface-based rate limit. 2.8 Configuration Examples This section provides detailed examples for configuring traffic policing, traffic shaping, and interface rate limit in terms of application scenarios and configuration commands.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

10

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

2.1 Introduction to Traffic Policing, Traffic Shaping, and Interface Rate Limit
Traffic policing, traffic shaping, and interface rate limit are three key factors in implementing QoS. Traffic policing controls the total traffic and burst traffic that enter or leave a network from a specified link; traffic shaping controls the total traffic and burst traffic that are forwarded from a network to a specified link; interface rate limit implements traffic control by limiting the rates at which traffic is received and sent by an interface. These three QoS factors work together to ensure the stability of a network.

Traffic Policing
Traffic policing (TP) is used to monitor the volume of the traffic that enters a network and keep it within a reasonable range. In addition, TP optimizes network resources and protects the interests of carriers by penalizing the traffic that exceeds the rate limit. l CAR The common method is to restrict the traffic rate of certain types of packets through Committed Access Rate (CAR). For example, Hypertext Transfer Protocol (HTTP) packets can be kept from taking up more than 50% of the network bandwidth. Packets are first classified according to pre-defined matching rules. Packets that comply with the specified rate limit are forwarded directly. Packets that exceed the specifications are dropped or have their priorities re-marked. l Token Bucket CAR uses token buckets (TBs) to implement traffic policing, as shown in Figure 2-1. The token bucket can be regarded as a container of tokens with a pre-defined capacity. The system puts tokens into the bucket at a defined rate. If the token bucket is full, no more tokens can be added. Figure 2-1 Traffic policing according to CAR

Put tokens to the bucket at a defined rate The packets sent through Continue to forward this interface the packets

Classification Token bucket Dropped packets

The process is as follows:


Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 11

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

1. 2.

As long as there are enough tokens in the bucket, packets are forwarded, with the number of tokens in the bucket decreasing based on the length of the packets. If the token bucket does not hold enough tokens for sending packets, packets are dropped or have their priority values re-marked. Traffic policing with a single token bucket A single token bucket can implement traffic policing where traffic measurement is relatively simple. When a single token bucket is used, packets are forwarded based on the availability of tokens in the token bucket. One token is used to forward one byte of data. If there are enough tokens available to forward a packet, the packet is regarded as conforming and is marked green. Otherwise, the packet is regarded as nonconforming or over the limit, and is marked red. The following are the two parameters used in traffic policing with a single token bucket: Committed Information Rate (CIR): the rate at which tokens are put into the bucket, that is, the permitted average traffic rate at which packets are forwarded. Committed Burst Size (CBS): the size of the token bucket, that is, the maximum traffic size that is allowed for each burst. The burst size must be set greater than the maximum packet length. Each time a packet arrives, the packet is measured. If there are enough tokens in the bucket, it indicates that the traffic rate is within the allowed range. In this case, the number of tokens equal to the byte size of the forwarded packet. If there are not enough tokens in the bucket, it indicates that too many tokens are required and the traffic rate is beyond the allowed range. Traffic policing with two token buckets You can use two token buckets to measure traffic in more complex conditions and implement more flexible traffic policing. These two buckets are called the C bucket and the P bucket. Tokens are put into the C bucket at a rate of the CIR and its size is called CBS. Tokens are put into the P bucket places tokens at a rate of Peak Information Rate (PIR) and its size is called Peak Burst Size (PBS). Each time the traffic is measured, the following rules are applied: If there are enough tokens in the C bucket, packets are marked green. If there are not enough tokens in the C bucket but enough tokens in the P bucket, packets are marked yellow. If tokens in neither of the buckets are enough, packets are marked red. The parameters used in traffic policing with two token buckets are described as follows: CIR: the rate at which tokens are put into the C bucket, that is, the permitted average traffic rate of C bucket. CBS: the capacity of the C bucket, that is, the maximum amount of traffic allowed by the C bucket on a instantaneous basis. PIR: the rate at which tokens are put into the P bucket, that is, the permitted average traffic rate of P bucket. PBS: the capacity of the P bucket, that is, the maximum amount of traffic allowed by the P bucket on a instantaneous basis. The NE5000E uses two algorithms, that is, srTCM and trTCM, to implement traffic policing with two token buckets. The algorithms have two working modes, Color-

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

12

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

blind and Color-aware. The color-blind mode is more commonly used. For details, refer to "QoS Overview." l Traffic Policing Action According to different measurement results, TP implements the pre-configured policing actions, which are described as follows: Pass: Forwards the packets evaluated as "conforming" or re-forwards the service marked Differentiated Services Code Point (DSCP) for Diff-Serv. Discard: Drops the packets evaluated as "nonconforming." Remark: Changes the precedence of a packet that is evaluated as "nonconforming" and then forwards it. l Statistical Function It is necessary to control and measure users' traffic on a network. But the traditional method of statistics based on the interface has the following disadvantages: Of the upstream traffic, only the traffic before CAR operation can be measured. It is impossible to measure the actual traffic of users and the packet loss that occurs when the traffic rate exceeds the bandwidth limit. Of the downstream traffic, only the interface traffic after CAR operation at the egress can be measured. Forwarded and dropped traffic cannot be measured. To analyze how users' traffic exceeds the limit, carriers have to collect statistics again after CAR before being able to advise users to buy a higher bandwidth based on statistical data. With the interface-based CAR statistics function, the NE5000E can measure and record the traffic after upstream CAR operation, that is, the actual access traffic of a company user or an Internet bar, as well as the forwarded and dropped packets after downstream CAR operation. This can help carriers better understand users' network traffic.

Traffic Shaping
Traffic shaping (TS) is a pro-active way to adjust the traffic output rate. A typical application of TS is to control the volume and burst of outgoing traffic based on the network connection. Thus the packets can be transmitted at a uniform rate. TS is implemented by using the buffer and token bucket. As shown in Figure 2-2, after classification, packets are processed as follows: l l Packets that do not go through traffic shaping are directly forwarded. For the packets that go through traffic shaping, when no General Traffic Shaping (GTS) queue exists, the length of packets is compared with the number of tokens in the token bucket. If there are enough tokens for these packets, the packets are sent. If there are not enough tokens, the GTS queue is enabled where packets are cached. Tokens are put in the token bucket at the user-defined rate, and packets in the GTS queue are removed and sent periodically. As packets are sent, the number of tokens reduces based on the byte size of packets. During this course of sending packets, the byte size of packets is compared with the number of tokens in the token bucket. The number of tokens in the token bucket stops decreasing when all the packets in the GTS queue are sent or can no longer be sent. When the GTS queue exists, packets that go through traffic shaping enter the queue directly, waiting to be scheduled at fixed intervals by the GTS queue. If the GTS queue is full when new packets arrive at the queue, the packets are dropped.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 13

l l
Issue 01 (2012-06-30)

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

Figure 2-2 Traffic shaping process

Packets sent through this interface

Put tokens to the bucket at a defined rate Continue to forward

Classification

Token bucket

Queue Dropped packets

As shown in Figure 2-3, Router A sends packets to Router B. Router B performs TP on the packets, and directly drops the nonconforming packets. Figure 2-3 Traffic shaping diagram

RouterA

RouterB

Physical line

To reduce the number of packets that are unnecessarily dropped, you can implement TS on the output interface of Router A. Packets beyond the traffic limit set by TS are cached in Router A. When able to send the next batch of packets, TS gets the cached packets from the buffered queues and sends them out. In this way, all the packets sent to Router B conform with its traffic regulation. The main differences between TS and TP are as follows: l l
Issue 01 (2012-06-30)

TS buffers the packets which exceed the traffic limits. When there are enough tokens in the token bucket, these buffered packets are sent out at a uniform rate. TS may increase delay but TP causes almost no extra delay in packet forwarding.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 14

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

Interface-based Rate Limit


TS is supported in the IP layer and takes effect only on the packets that pass through the IP layer. If users demand to limit the rate of all the packets sent by an interface, Limit-Rate (LR) is preferred. Compared with TS, LR can restrict all packets that pass through a physical interface or a tunnel interface.

2.2 Traffic Policing, Traffic Shaping and Interface Rate Limit Supported by the NE5000E
In the NE5000E, traffic policing, traffic shaping, and interface rate limit are implemented by means of CAR, buffer, and token bucket. Using the preceding methods, devices can buffer packets and can therefore implement traffic policing and traffic shaping. The NE5000E supports traffic policing and shaping, and interface rate limit, including: l l l l Interface-based traffic policing using the statistical function of CAR. Traffic after the CAR operation can be measured. Traffic policing on the basis of complex traffic classification (CTC). The class of service (CoS) and color of a packet are re-marked after traffic policing. Traffic shaping for the outgoing traffic on interfaces. Interface rate limit on the outbound.

2.3 Configuring Interface-Based Traffic Policing


By means of traffic policing, the total traffic and burst traffic that enter or leave a network from a specified link can be controlled. Where pre-defined conditions are met, for example, the traffic volume from a specified link is too huge, traffic policing controls the traffic from the specified link accordingly, for example, by dropping some packets or lowering the priority of processing packets from the specified link.

Applicable Environment
If users' traffic is not limited, continuous burst data from numerous users can make the network congested. To fully utilize network resources and better serve more users, the traffic of users must be limited. Traffic policing is a traffic control method that limits network traffic and control the usage of network resources by monitoring traffic specifications on the network. Traffic policing can be implemented on both inbound interfaces and outbound interfaces. Interface-based traffic policing controls all traffic that enters an interface without considering the types of packet. This method is used on the router located at the core of a network. The router has the following features in interface-based traffic policing.
NOTE

l The router supports the querying of CAR statistics only on POS interfaces, GE interfaces, GE subinterface, Eth-Trunk interface, Eth-Trunk sub-interfaces and IP-Trunk interface. l Interface-based traffic policing does not differentiate between unicast, multicast, and broadcast packets.

The NE5000E supports the configuring of traffic policing for both the incoming and outgoing traffic on a Layer 3 main interface. Traffic policing can be classified into two types: traffic
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 15

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

policing using a single token bucket and traffic policing using two token buckets. You can choose the type of traffic policing based on your network conditions. l l If the network traffic is simple, you can configure the single-bucket traffic policing, using the parameters cir and cbs. If the network traffic is complex, you can configure the two-bucket traffic policing, using the parameters cir, pir, cbs, and pbs.

Pre-configuration Tasks
Before configuring the interface-based traffic policing, complete the following tasks: l l l l Configuring the physical parameters of interfaces Configuring the link layer attributes of interfaces to ensure their operation Configuring IP addresses for interfaces Enabling routing protocols and ensuring that routers interwork with each other

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


interface interface-type interface-number

The interface view is displayed. Step 3 Run:


qos car { cir cir-value [ pir pir-value ] } [ cbs cbs-value pbs pbs-value ] [ green { pass [ service-class class color color ] } | yellow { discard | pass [ service-class class color color ] } | red { discard | pass [ service-class class color color ] } ] * { inbound | outbound }

The interface is configured with CAR.


NOTE

l If the class of service (CoS) of a packet is re-marked as EF, BE, CS6, or CS7, the packet can be remarked only in green. l Only the pass action is applicable to yellow packets on the LPUE, LPUI, LPUR, and LPUM, and both the pass and discard actions are applicable to yellow packets on the LPUF-100, LPUI-100, and LPUF-200. l When an interface is configured with both interface-based CAR and traffic classification-based CAR actions, the number of packets and bytes on which traffic classification-based CAR actions are performed is not counted in the interface-based CAR statistics. l When both the traffic classification-based CAR and the interface-based CAR are configured, only the traffic classification-based CAR statistics are collected; when both the broadcast suppression and the interface-based CAR are configured, only the CAR statistics on broadcast suppression are collected; when CAR is configured for both packets sent to the CPU and packets sent to the interface, only the CAR statistics on packets sent to the CPU are collected. l Interface-based CAR can not be configured on the member interface of trunk.

Step 4 Run:
commit

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

16

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

The configuration is committed. ----End

Verify the configuration.


Run the following commands to check the previous configuration. l l Run the display interface [ interface-type [ interface-number ]] command to view the traffic information of the interface. Run the display car statistics interface interface-type interface-number [.sub-interface ] { inbound | outbound } command to view CAR statistics for the specified direction of the Layer 3 interface.

If the configuration is successful: you can view statistics on traffic in the specified direction on a specified interface by running the display car statistics interface interface-type interface-number [.sub-interface ] { inbound | outbound } command. The statistics include the amount of passed traffic and the rate at which the traffic is forwarded, in packets and bytes, and the amount of discarded traffic and the rate at which the traffic is discarded, in packets and bytes.
<HUAWEI> display car statistics interface pos 1/0/0 outbound interface Pos1/0/0 outbound Committed Access Rate: CIR 200(Kbps), PIR 0(Kbps), CBS 400(byte), PBS 500(byte) Conform Action: pass Yellow Action: pass Exceed Action: discard Passed: 840 bytes, 15 packets Dropped: 56 bytes, 1 packets Last 30 seconds passed rate: 0 bps, 0 pps Last 30 seconds dropped rate: 0 bps, 0 pps

2.4 Configuring Traffic Policing Based on Complex Traffic Classification


This section describes how to configure traffic policing based on the complex traffic classification (CTC), which is also called the CTC-based traffic policing.

Applicable Environment
There are a large number of users in the network and they send data constantly. If users' traffic is not limited, continuous burst data from numerous users can make the network congested. As a result, the running and service quality of the network are affected to a great extent. To ensure the availability of bandwidth resources regardless of whether the network is idle or congested, traffic control needs to be implemented on one or several types of packet. You can combine complex traffic classification and traffic control to configure CTC-based traffic policing policies. Then, apply the policies to the inbound interface to restrict the traffic of the specific packets within a reasonable range. In this manner, limited network resources are better utilized.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

17

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


NOTE

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

Complex traffic classification refers to classifying packets according to the source IP address, source port number, protocol number, destination IP address, and destination port number. It is usually configured at the edge of the network.

Pre-configuration Tasks
Before configuring CTC-based traffic policing, you need to complete the following tasks: l l l l Configuring the physical parameters of interfaces Configuring the link layer attributes of interfaces to ensure their normal operation Configuring IP addresses for interfaces Enabling the routing protocol for communication between devices

Configuration Procedures
Figure 2-4 Flowchart of configuring CTC-based traffic policing
Defining a Traffic Classifier Defining a Traffic Behavior and Configuring Actions Defining a Policy and Specifying a Behavior for a Classifier in the Policy Applying a Traffic Policy Mandatory procedure Optional procedure

2.4.1 Defining Traffic Classifiers


You need to configure traffic classification before configuring traffic class-based QoS. The traffic classification can be configured based on ACL, IP precedence, protocol type, MAC address, protocol address, and so on.

Context
Do as follows on the router:

Procedure
l Defining traffic classifiers based on Layer 3 or Layer 4 information
NOTE

If traffic is classed on the basis of Layer 3 or Layer 4 information, traffic policies can be applied to only Layer 3 interface.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

18

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

1.

Run:
system-view

The system view is displayed. 2. Run:


traffic classifier classifier-name [ operator { and | or } ]

A traffic classifier is defined and the traffic classifier view is displayed. 3. Define desired matching rules on the router according to your requirements. To set a matching rule to classify traffic based on the ACL number, run the ifmatch [ ipv6 ] acl { acl-number | name acl-name } command. To set a matching rule to classify traffic based on the DSCP value, run the ifmatch [ ipv6 ] dscp dscp-value command. To set a matching rule to classify traffic based on the TCP flag, run the if-match tcp syn-flag tcpflag-value command. To set a matching rule to classify traffic based on the IP precedence, run the ifmatch ip-precedence ip-precedence command. To define a matching rule to classify traffic based on the MPLS EXP value, run the if-match mpls-exp exp-value command. To match all packets, run the if-match [ ipv6 ] any command. To define a matching rule to classify traffic based on the value of the next IPv6 header, run the if-match ipv6 next-header command. To set a matching rule to classify traffic based on the source IPv6 address, run the if-match ipv6 source-address ipv6-address prefix-length command. To set a matching rule to classify traffic based on the destination IPv6 address, run the if-match ipv6 destination-address ipv6-address prefix-length command.
NOTE

To match IPv6 packets, you must specify the key word ipv6 when you choose a matching rule in Step 3. A matching rule defined to match packets based on source or destination addresses is valid with IPv6 packets, but not with IPv4 packets.

If you set more than one matching rule for the same classifier, you can set their logical relations by specifying the parameter operator in Step 2. and: A packet belongs to the class defined by the classifier only when it matches all the rules. or: A packet belongs to the class defined by the classifier if it matches one of the rules. By default, the value of the logic operator of the rules is or. 4. Run:
commit

The configuration is committed. l Defining traffic classifiers based on Layer 2 information


NOTE

If traffic is classed on the basis of Layer 2 information, the key word link-layer must be specified in the command line when a traffic policy is applied.

1.

Run:
system-view

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

19

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

The system view is displayed. 2. Run:


traffic classifier classifier-name [ operator { and | or } ]

A traffic classifier is defined and the traffic classifier view is displayed. 3. Define desired matching rules on the router according to your requirements. To set a matching rule to classify traffic based on the source MAC address, run the if-match source-mac mac-address command. To set a matching rule to classify traffic based on the destination MAC address, run the if-match destination-mac mac-address command. To set a matching rule to classify traffic based on the 8021p value of VLAN packets, run the if-match 8021p 8021p-value command. If you set more than one matching rule for the same classifier, you can set their logical relations by specifying the parameter operator in Step 2. For detailed instructions, refer to the previous section. 4. Run:
commit

The configuration is committed. ----End

2.4.2 Defining a Traffic Behavior and Configuring Traffic Policing Actions


Configure traffic policing actions for difference traffic classifier.

Context
Do as follows on the router:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


traffic behavior behavior-name

A traffic behavior is configured and the traffic behavior view is displayed. Step 3 Run:
car { cir cir-value [ pir pir-value ] } [ cbs cbs-value pbs pbs-value ] [ green { discard | pass [ service-class class color color ] } | yellow { discard | pass [ service-class class color color ] } | red { discard | pass [ service-class class color color ] } ] *

A traffic policing action is configured.


NOTE

The discard action can be applied to packets colored yellow only on the LPUF-100 and LPUI-100. The discard action cannot be applied to packets colored green.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

20

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

In Step 3, choose parameters according to your requirement: l To configure traffic policing with a single token bucket, select cir and cbs, and set the value of pbs to 0. l To configure traffic policing with double token buckets, select cir, cbs, and pbs. l To configure traffic policing with dual rates and dual token buckets, select cir, pir, cbs, and pbs. Step 4 Run:
commit

The configuration is committed. ----End

Follow-up Procedure
The NE5000E supports the re-marking of the priority and color of packets after traffic policing. If the class of service value of a packet is re-marked to EF, BE, CS6, or CS7, its color can only be re-marked to green.

2.4.3 Defining a Traffic Policy


After traffic classifiers and traffic behaviors are defined, traffic classifiers and traffic behaviors need to be associated to form traffic policies.

Context
Do as follows on the router:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


traffic policy policy-name

A traffic policy is defined and the traffic policy view is displayed. Step 3 Run:
classifier classifier-name behavior behavior-name [ precedence precedence-value ]

A traffic behavior is associated with a specified traffic class in the traffic policy. Step 4 Run:
commit

The configuration is committed. ----End

2.4.4 Applying a Traffic Policy


A class-based policy does not take effect unless it is applied to an interface.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 21

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


interface interface-type interface-number

The interface view is displayed. Step 3 Run:


traffic-policy policy-name { inbound [ link-layer | mpls-layer ] | outbound [ linklayer ] }

A traffic policy is applied to the interface.


NOTE

On the LPUE and LPUI, the traffic policy can be applied only to the upstream IPv6 packets on an interface.

If you specify link-layer, the router first performs rule-matching according to Layer 2 information and implements a corresponding traffic action. If Layer 2 information of a packet does not match the traffic rule, the system performs rule-matching according to Layer 3 information and implements a corresponding traffic action. If you specify the keyword mpls-layer, a router performs complex traffic classification based on the MPLS information of the packets. By default, the NE5000E performs complex traffic classification based on Layer 3 or Layer 4 information and other information. When applying a traffic policy to a Layer 3 interface, you can perform traffic classification based on Layer 2, Layer 3, or Layer 4 information about packets. In Step 3, you can select the corresponding parameter as required. l To perform complex traffic classification based on Layer 2 information about packets, select the parameter link-layer. l To configure complex traffic classification for the incoming traffic, select the parameter inbound. l To configure complex traffic classification for the outgoing traffic, select the parameter outbound. Step 4 Run:
commit

The configuration is committed. ----End

2.4.5 Checking the Configuration


After CTC-based traffic policing is successfully configured, you can view the traffic classifiers, traffic behaviors, binding between traffic classifiers and behaviors in the specified traffic policy, configured traffic policies and their application, and configured queues and their application.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 22

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

Procedure
l l l l Run the display interface [ interface-type [ interface-number ] ] command to view the information about the traffic on the interface. Run the display traffic behavior { system-defined | user-defined } [ behavior-name ] command to view information about the configured traffic behaviors. Run the display traffic classifier { system-defined | user-defined } [ classifier-name ] command to view information about the configured traffic classifiers. Run the display traffic policy { system-defined | user-defined } [ policy-name [ classifier classifier-name ] ] command to view information about the association between all or the specified traffic classifiers and traffic behaviors in traffic policies.

----End

Example
If the configuration is successful: l The names of the configured traffic behaviors and the configured actions are displayed if you run the display traffic behavior command.
<HUAWEI> display traffic behavior user-defined User Defined Behavior Information: Behavior: database Description: Redirecting: Redirect ip-nextHop 20.13.9.3 Behavior: huawei Marking: Remark ip precedence 4 Committed Access Rate: CIR 1000 (Kbps), PIR 0 (Kbps), CBS 10000 (byte), PBS 0 (byte) Conform Action: pass Yellow Action: pass Exceed Action: discard

The names of the configured traffic classifiers, matching rules, and the logical relationship between the matching rules are displayed if you run the display traffic classifier command.
<HUAWEI> display traffic classifier user-defined User Defined Classifier Information: Classifier: database Description: Operator: or Rule(s) : if-match acl 3000 Classifier: huawei Operator: and Rule(s) : if-match ip-precedence 3

The name of the configured traffic policy and the associations between the configured traffic classifiers and the configured traffic behaviors are displayed if you run the display traffic policy command.
<HUAWEI> display traffic policy user-defined User Defined Traffic Policy Information: Policy: test Description: Step: 5 Share-mode Classifier: test Precedence: 5 Behavior: test Committed Access Rate: CIR 1000 (Kbps), PIR 0 (Kbps), CBS 33333 (byte), PBS 33332 (byte) Conform Action: pass

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

23

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

Yellow Action: pass Exceed Action: pass Marking: remark ip-precedence 5 Redirecting: redirect ip-nextHop 1.1.1.1 interface GigabitEthernet3/0/0 Classifier: default-class Precedence: 65535 Behavior: be -none-

2.5 Configuring Traffic Shaping


The function of traffic shaping is similar to that of traffic policing. Traffic shaping mainly buffers packets that need to be dropped by traffic policing by means of buffer and token bucket.

Applicable Environment
When the traffic load on the network is quite heavy, nonconforming packets are directly discarded. If the data traffic sent from the upstream device is too much, the downstream network may be congested or a great number of packets are directly dropped. To prevent this situation, you can configure traffic shaping (TS) on the outbound interface of the upstream router to limit the traffic and prevent bursts from a connection on a network. In this manner, packets can be transmitted at an even rate. This improves the allocation of bandwidth resources between the upstream network and the downstream network. Traffic shaping is usually carried out using buffers and token buckets. Therefore, when the rate for sending packets is too high, the packets that exceed the specifications are not directly dropped. Instead, such packets are placed in buffer queues. With the control of token buckets, buffered packets are sent at an even rate when the network is idle based on queue scheduling priorities. In this manner, the retransmission in case of packet dropping is prevented.
NOTE

Differentiated service (DiffServ) is mainly used to guarantee the bandwidth for behavior aggregate (BA) data streams. The NE5000E allocates resources to the services of different classes such as expedited forwarding (EF) and assured forwarding (AF) through the predefined queue scheduling mechanism. Users do not need to configure queue management.

Currently, the NE5000E supports traffic shaping only for the outgoing traffic on interfaces.

Pre-configuration Tasks
Before configuring traffic shaping, complete the following tasks: l l l l Configuring the physical parameters of interfaces Configuring the link layer attributes of interfaces to ensure their normal operation Configuring IP addresses for interfaces Enabling the routing protocol for communication between devices

Procedure
l Configuring Traffic Shaping in the Interface View 1. Run:
system-view

The system view is displayed.


Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 24

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

2.

Run:
interface interface-type interface-number

The interface view is displayed. 3. Run:


qos queue service-class [ priority priority ] [ cir { cir-value | cirpercentage percentage } ] [ pir { pir-value | pir-percentage percentage } ] outbound

The Class of Service (CoS), Committed Information Rate (CIR), and Peak Information Rate (PIR) are set.
NOTE

By default, the respective values of cir-percentage for BE, AF1, AF2, AF3, AF4, EF, CS6 and CS7 queues are 10, 10, 10, 15, 15, 10, 5 and 5. The remaining 20% bandwidth is reserved by the system. The sum of the values of cir-percentage for all types of queues cannot exceed 100%. That is, the sum of the configured bandwidth cannot exceed the interface bandwidth. Otherwise, the system prompts a bandwidth error. If the network does not have a certain type of traffic, it is recommended that the value of cirpercentage for this type of queue be set to 0 so that the system does not reserve bandwidth for traffic of this type. For example, if no AF2 traffic exists on the network, run the qos queue af2 cir cir-percentage 0 outbound command. When the CIR is 0 and the PIR is not 0 for a WFQ queue, most packets are dropped if traffic is congested; packets are properly forwarded if traffic is not congested. When the PIR is not 0 for a PQ queue, the CIR can be set to any value, and packets are properly forwarded regardless of whether traffic congestion occurs.

4.

Run:
commit

The configuration is committed. l Configuring Traffic Shaping for MTI in the Slot View 1. Run:
system-view

The system view is displayed. 2. Run:


slot slot-id

The slot view is displayed. 3. Run:


port shaping shaping-value bind mtunnel

Traffic shaping is configured for MTI that is bound to the distributed multicast VPN. 4. Run:
commit

The configuration is committed. ----End

Checking the Configuration


Run the following commands to check the previous configuration.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 25

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

l l

Run the display interface [ interface-type [ interface-number ] ] command to view information about the traffic on the interface. Run the display qos queue configuration interface interface-type interface-number outbound command to view information about the configurations of QoS queues on the interface. Run the display qos queue [ interface interface-type interface-number [ service-class ] ] command to view information about the statistics about all queues or the queue with a specific CoS on the interface.
NOTE

In the case of the NE5000E, you can view statistics on QoS queues by running the display qos queue command only if all boards on the NE5000E are LPUE, LPUI, LPUF-100, LPUI-100, LPUR, LPUM, LPUF-200.

By using the display qos queue configuration interface interface-type interface-number outbound command, you can view information about the configurations of QoS queues on a specified interface.
<HUAWEI> display qos queue configuration interface gigabitethernet 1/0/0 outbound GigabitEthernet1/0/0 be current configuration: Priority: 1 CirValue: 100 CirPercent: 10 PirValue: 1000 PirPercent: 100 af1 current configuration: Priority: 1 CirValue: 100 CirPercent: 10 PirValue: 1000 PirPercent: 100 af2 current configuration: Priority: 1 CirValue: 100 CirPercent: 10 PirValue: 1000 PirPercent: 100 af3 current configuration: Priority: 1 CirValue: 150 CirPercent: 15 PirValue: 1000 PirPercent: 100 af4 current configuration: Priority: 1 CirValue: 150 CirPercent: 15 PirValue: 1000 PirPercent: 100 ef current configuration: Priority: 0 CirValue: 100 CirPercent: 10 PirValue: 1000 PirPercent: 100 cs6 current configuration: Priority: 0 CirValue: 50 CirPercent: 5

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

26

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


PirValue: 1000 PirPercent: 100 cs7 current configuration: Priority: 0 CirValue: 50 CirPercent: 5 PirValue: 1000 PirPercent: 100

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

By using the display qos queue [ interface interface-type interface-number [ service-class ] ] command, you can view information about the statistics about all queues or the queue with a specific CoS on a specified interface.
<HUAWEI> display qos queue The interface :GigabitEthernet3/0/0 [be] Pass: 0 Discard: 0 Last 30 seconds pass rate: 0 Last 30 seconds discard rate: 0 [af1] Pass: Discard: Last 30 seconds pass rate:

packets, packets, pps, pps,

0 bytes 0 bytes 0 bps 0 bps 1,364,480 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps

13,120 packets, 0 packets, 0 pps,

Last 30 seconds discard rate: 0 pps, [af2] Pass: Discard: Last 30 seconds pass rate: Last 30 seconds discard rate: 0 pps, [af3] Pass: Discard: Last 30 seconds pass rate: Last 30 seconds discard rate: 0 pps, [af4] Pass: Discard: Last 30 seconds pass rate: Last 30 seconds discard rate: 0 pps, [ef] Pass: Discard: Last 30 seconds pass rate: Last 30 seconds discard rate: 0 pps, [cs6] Pass: Discard: Last 30 seconds pass rate: Last 30 seconds discard rate: 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps,

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

27

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit


0 pps, 0 bps 2,731,768 bytes 0 bytes 0 bps 0 bps

[cs7] Pass: Discard: Last 30 seconds pass rate:

26,267 packets, 0 packets, 0 pps,

Last 30 seconds discard rate: 0 pps,

2.6 Configuring Interface-based Rate Limit


This section describes how to control the rate at which traffic is forwarded on an interface by configuring interface-based rate limit.

Applicable Environment
To avoid network congestion, you can configure the interface-based rate limit to control the total traffic on physical interfaces. Interface-based rate limit applies to only outgoing traffic on interfaces.

Pre-configuration Tasks
Before configuring interface-based rate limit, complete the following tasks: l l l Configuring the physical parameters of interfaces Configuring the link layer attributes of interfaces to ensure their normal operation Configuring IP addresses for interfaces

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


interface interface-type interface-number

The interface view is displayed. Step 3 Run:


qos lr cir cir-value

Interface-based rate limit is configured. Step 4 Run:


commit

The configuration is committed. ----End

Checking the Configuration


Run the following commands to check the previous configuration.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 28

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

l l

Run the display interface [ interface-type interface-number ] command to view information about the traffic on the interface.
<HUAWEI> display interface gigabitethernet 1/0/1 GigabitEthernet1/0/1 current state : UP Line protocol current state : UP Last line protocol up time : 2010-10-25 17:34:51 Description: HUAWEI, GigabitEthernet1/0/1 Interface (ifindex: 6, vr: 0) Route Port,The Maximum Transmit Unit is 1500 Internet Address is 1.0.0.1/24 IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 0002-0002-0002 The Vendor PN is PD100-TXLEB The Vendor Name is Santur Corp. Transceiver max BW: 43000Mbps, Transceiver Mode: single mode WaveLength: 0nm, Transmission Distance: 10000m Rx Optical Power: -40.00dBmTx Optical Power: -40.00dBm Loopback: none, LAN full-duplex mode, Pause Flowcontrol: Receive Enable and Send Enable Last physical up time : 2010-10-25 17:27:25 Last physical down time : 2010-10-25 17:17:24 Current system time: 2010-10-25 18:11:44 Statistics last cleared:never Last 300 seconds input rate 25600 bits/sec, 0 packets/sec Last 300 seconds output rate 25600 bits/sec, 0 packets/sec Input: 960300 bytes, 100 packets Output: 960200 bytes, 100 packets Input: Unicast: 100 packets, Multicast: 0 packets Broadcast: 0 packets, JumboOctets: 0 packets CRC: 0 packets, Symbol: 0 packets Overrun: 0 packets, InRangeLength: 0 packets LongPacket: 100 packets, Jabber: 0 packets, Alignment: 0 packets Fragment: 0 packets, Undersized Frame: 0 packets RxPause: 0 packets Output: Unicast: 100 packets, Multicast: 0 packets Broadcast: 0 packets, JumboOctets: 100 packets Lost: 0 packets, Overflow: 0 packets, Underrun: 0 packets System: 0 packets, Overruns: 0 packets TxPause: 0 packets Last 300 seconds input utility rate: 0.01% Last 300 seconds output utility rate: 0.01%

2.7 Maintaining Traffic Policing, Traffic Shaping and Interface-based Rate limit
This section describes how to clear statistics on traffic policing, shaping and interface-based rate limit.

2.7.1 Clearing Statistics on CAR


This section describes how to clear statistics on CAR.

Context
To clear CAR statistics of a specified interface, run the following reset commands in the user view.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

29

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

Procedure
l Run the reset car statistics interface interface-type interface-number [.sub-interface ] { inbound | outbound } command to clear CAR statistics for the specified direction of the specified Layer 3 interface. Run the reset counters qos queue [ interface interface-type interface-number [ serviceclass ] ] command to clear the statistics on QoS queue scheduling of all types of queue or a specified type of queue on the specified interface.

----End

2.8 Configuration Examples


This section provides detailed examples for configuring traffic policing, traffic shaping, and interface rate limit in terms of application scenarios and configuration commands.

2.8.1 Example for Configuring Traffic Policing, Traffic Shaping, and Interface-based Rate Limit
This part takes the traffic control scenario of the NE5000E as an example. It describes how to configure traffic policing, traffic shaping, and interface rate limit to control the overall traffic volume that is received or forwarded, and to control the rate of specified packets.

Networking Requirements

CAUTION
On a single NE5000E, an interface is numbered in the format of slot number/card number/ interface number. In the multi-chassis scenario, an interface is numbered in the format of chassis ID/slot number/card number/interface number. This requires the chassis ID to be specified along with the slot number. POS 3/0/0 of Router A is connected to POS 1/0/0 of Router B. Server, PC1, and PC2 can access the Internet through Router A and Router B. Server, PC1, and GE 1/0/0 of Router A are on the same network segment. PC2 and GE 2/0/0 of Router A are on the same network segment. The traffic from Server and PC1 to GE 1/0/0 is controlled on Router A as follows: l A bandwidth of up to 6 Mbit/s is assured for the traffic from Server. The default bandwidth is 5 Mbit/s. For traffic whose rate exceeds 5 Mbit/s but is less than or equal to 6 Mbit/s, packets are normally forwarded. When the traffic rate exceeds 6 Mbit/s, the nonconforming traffic is treated and forwarded as BE traffic flows. The rate limit on the traffic from PC1 is 2 Mbit/s. When the traffic rate exceeds the rate limit, the nonconforming traffic is dropped.

In addition, the POS 3/0/0 and POS 2/0/0 respectively on Router A and Router B have the following requirements for sending and receiving packets:
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 30

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

l l

The rate of the EF traffic arriving at Router B through POS 3/0/0 of Router A is limited to 20 Mbit/s. When the traffic rate exceeds the rate limit, the nonconforming traffic is dropped. The rate of the EF traffic arriving at the Internet through POS 2/0/0 of Router B is limited to 30 Mbit/s. When the traffic rate exceeds the rate limit, the nonconforming traffic is dropped. The rate of the total traffic arriving at the Internet through POS 2/0/0 of Router B is limited to 50 Mbit/s. When the traffic rate exceeds the rate limit, the nonconforming traffic is dropped.

Figure 2-5 Networking diagram for configuring traffic shaping

Server

PC1 RouterB POS1/0/0 2.1.1.3/24 PC2 POS3/0/0 2.1.1.2/24 GE2/0/0

Internet POS2/0/0 2.2.2.1/24

1.1.1.1/8

1.1.1.2/8 Ethernet GE1/0/0

RouterA

Configuration Notes
During the configuration, pay attention to the following: l l If the CoS of a packet is re-marked as EF, BE, CS6, or CS7, the packet can be re-marked only in green. To display the statistics about a traffic policy, you can enable statistics for the traffic policy by running the statistics enable command.

Configuration Roadmap
The configuration roadmap is as follows: 1. 2. 3. On the inbound interface GE 1/0/0 of Router A, configure CTC-based traffic policing for traffic from Server and PC1. On the outbound interface POS 3/0/0 of Router A, configure traffic shaping so that the rate of the traffic that arrives at Router B is limited to 20 Mbit/s. On the outbound interface POS 2/0/0 of Router B, configure traffic shaping so that the rate of the traffic from POS 2/0/0 to the Internet is limited to 30 Mbit/s. In the traffic shaping, CS6 and CS7 traffic undergoes the Weighted Fair Queuing (WFQ) queue scheduling. The bandwidth percentages of AF1, AF2, AF3, AF4, and BE traffic at the CIR are respectively 5%, 5%, 10%, 10%, and 40%; the percentages of EF traffic at CIR and PIR are respectively 20% and 30%.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 31

Issue 01 (2012-06-30)

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

4.

On the outbound interface POS 2/0/0 of Router B, configure interface-based rate limit so that the rate of the traffic from this interface is limited to 50 Mbit/s.

Data Preparation
To complete the configuration, you need the following data: l l l l ACL numbers, traffic classifier names, traffic behavior names, traffic policy names, and the interfaces where the traffic policies are applied, for the traffic of Server and PC1 CIR, PIR, CBS, and PBS Interface where traffic shaping is configured and the traffic rate for traffic shaping Traffic rate for traffic shaping and the interface where traffic shaping is configured

Procedure
Step 1 Configure IP addresses for interfaces (The detailed configuration is not mentioned here). Step 2 Configure Router A. # Configure ACL rules for matching data flows from Server and PC1.
<routerA> system-view [~routerA] acl number 2001 [~routerA-acl-basic-2001] rule permit source 1.1.1.1 0.0.0.0 [~routerA-acl-basic-2001]commit [~routerA-acl-basic-2001] quit [~routerA] acl number 2002 [~routerA-acl-basic-2002] rule permit source 1.1.1.2 0.0.0.0 [~routerA-acl-basic-2002] commit [~routerA-acl-basic-2002] quit

# Configure traffic classifiers and define ACL-based traffic classifier matching rules.
[~routerA] traffic classifier class1 [~routerA-classifier-class1] if-match acl 2001 [~routerA-classifier-class1] commit [~routerA-classifier-class1] quit [~routerA] traffic classifier class2 [~routerA-classifier-class2] if-match acl 2002 [~routerA-classifier-class2] commit [~routerA-classifier-class2] quit

# Define a traffic behavior. Set the bandwidth for the traffic from Server to 5 Mbit/s and the maximum bandwidth to 6 Mbit/s. For traffic whose rate exceeds 5 Mbit/s but is lower than or equal to 6 Mbit/s, the traffic is directly forwarded. When the traffic rate exceeds 6 Mbit/s, the nonconforming traffic is treated and forwarded as BE traffic flows.
[~routerA] traffic behavior behavior1 [~routerA-behavior-behavior1] car cir 5000 pir 6000 green pass yellow pass red pass service-class be color green [~routerA-behavior-behavior1] commit [~routerA-behavior-behavior1] quit

# Define a traffic behavior. Set the rate limit on the traffic from PC1 to 2 Mbit/s. When the traffic rate exceeds 2 Mbit/s, the nonconforming traffic is dropped.
[~routerA] traffic behavior behavior2 [~routerA-behavior-behavior2] car cir 2000 green pass yellow discard red discard [~routerA-behavior-behavior2] commit [~routerA-behavior-behavior2] quit

# Define a traffic policy to associate traffic classifiers with traffic behaviors.


Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 32

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

[~routerA] traffic policy policy1 [~routerA-trafficpolicy-policy1] classifier class1 behavior behavior1 [~routerA-trafficpolicy-policy1] classifier class2 behavior behavior2 [~routerA-trafficpolicy-policy1] commit [~routerA-trafficpolicy-policy1] quit

# Apply the traffic policy to GE 1/0/0.


[~routerA] interface gigabitethernet 1/0/0 [~routerA-GigabitEthernet1/0/0] undo shutdown [~routerA-GigabitEthernet1/0/0] traffic-policy policy1 inbound [~routerA-GigabitEthernet1/0/0] commit

# Configure traffic shaping on POS 3/0/0 of Router A to shape the traffic sent from this interface (dropping traffic whose rate is greater than 20 Mbit/s) so that the packet loss ratio on POS 1/0/0 of Router B is lowered.
[~routerA] interface pos 3/0/0 [~routerA-Pos3/0/0] undo shutdown [~routerA-Pos3/0/0] qos queue ef cir 20 outbound [~routerA-Pos3/0/0] commit

Step 3 Configure traffic shaping on POS 2/0/0 of Router B.


<routerB> system-view [~routerB] interface pos2/0/0 [~routerB-Pos2/0/0] undo shutdown [~routerB-Pos2/0/0] qos queue cs6 priority 1 outbound [~routerB-Pos2/0/0] qos queue cs7 priority 1 outbound [~routerB-Pos2/0/0] qos queue af1 cir cir-percentage 5 outbound [~routerB-Pos2/0/0] qos queue af2 cir cir-percentage 5 outbound [~routerB-Pos2/0/0] qos queue af3 cir cir-percentage 10 outbound [~routerB-Pos2/0/0] qos queue af4 cir cir-percentage 10 outbound [~routerB-Pos2/0/0] qos queue ef cir cir-percentage 20 pir pir-percentage 30 outbound [~routerB-Pos2/0/0] qos queue be cir cir-percentage 40 outbound [~routerB-Pos2/0/0] commit [~routerB-Pos2/0/0] return

Step 4 Configure interface-based rate limit on POS 2/0/0 of Router B to limit the rate of the traffic from this interface to the Internet.
[~routerB] interface pos2/0/0 [~routerB-Pos2/0/0] qos lr cir 50 [~routerB-Pos2/0/0] commit [~routerB-Pos2/0/0] return

Step 5 Verify the configuration. Run the display interface and display qos queue interface pos 2/0/0 commands to view interface-based traffic statistics on Router B. ----End

Configuration Files
l Configuration file of Router A
# sysname routerA # acl number 2001 rule 5 permit source 1.1.1.1 0 acl number 2002 rule 5 permit source 1.1.1.2 0 # traffic classifier class1 operator or if-match acl 2001 traffic classifier class2 operator or if-match acl 2002

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

33

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

2 Traffic Policing, Traffic Shaping, and Interface-based Rate Limit

# traffic behavior behavior1 car cir 5000 pir 6000 green pass yellow pass red pass service-class be color green traffic behavior behavior2 car cir 2000 green pass yellow discard red discard # traffic policy policy1 classifier class1 behavior behavior1 precedence 5 classifier class2 behavior behavior2 precedence 10 # interface GigabitEthernet1/0/0 undo shutdown ip address 1.1.1.3 255.255.255.0 traffic-policy policy1 inbound # interface Pos3/0/0 undo shutdown ip address 2.1.1.2 255.255.255.0 qos queue ef cir 20 outbound # ospf 1 area 0.0.0.0 network 1.1.1.0 0.255.255.255 network 2.1.1.0 0.0.0.255 # return

Configuration file of Router B


# sysname routerB # interface Pos 2/0/0 undo shutdown ip address 2.2.2.1 255.255.255.0 qos queue cs6 priority 1 outbound qos queue cs7 priority 1 outbound qos queue af1 cir cir-percentage 5 outbound qos queue af2 cir cir-percentage 5 outbound qos queue af3 cir cir-percentage 10 outbound qos queue af4 cir cir-percentage 10 outbound qos queue ef cir cir-percentage 20 pir pir-percentage 20 outbound qos queue be cir cir-percentage 40 outbound qos lr cir 50 # ospf 1 area 0.0.0.0 network 2.2.2.0 0.0.0.255 network 2.1.1.0 0.0.0.255 # return

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

34

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

3 Congestion Avoidance Configuration

Congestion Avoidance Configuration

About This Chapter


This chapter describes how to avoid congestion on the network through bandwidth adjustment, and provides several traffic discard policies in case of congestion on the network.
NOTE

This feature is supported only by physical system (PS).

3.1 Introduction to Congestion Avoidance Congestion avoidance is a traffic control mechanism that is used to prevent the network from being overloaded by means of traffic scheduling. With this mechanism, the router can monitor the usage of network resources and discard packets when the network congestion is intensifying. The traditional packet discard mechanism uses the Tail-Drop method, which may lead to global TCP synchronization. RED and WRED, however, are free from global TCP synchronization. 3.2 Congestion Avoidance Supported by the NE5000E The congestion avoidance mechanism supported by the NE5000E is implemented by using the WRED algorithm, which identifies QoS information contained in the packet header, including the IP precedence, DSCP, and MPLS EXP. The WRED algorithm can set the queue length filter coefficient and discard probability of traffic based on its precedence, DSCP, or MPLS EXP. In this manner, packets with different priorities are treated differently. 3.3 Configuring WRED Using WRED, you can set thresholds for random packet discard. This can avoid the situation in which the rates of multiple TCP connections are lowered at the same time, thus avoiding TCP global synchronization. 3.4 Configuration Example This section describes congestion avoidance in terms of its application scenarios and configuration commands.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

35

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

3 Congestion Avoidance Configuration

3.1 Introduction to Congestion Avoidance


Congestion avoidance is a traffic control mechanism that is used to prevent the network from being overloaded by means of traffic scheduling. With this mechanism, the router can monitor the usage of network resources and discard packets when the network congestion is intensifying. The traditional packet discard mechanism uses the Tail-Drop method, which may lead to global TCP synchronization. RED and WRED, however, are free from global TCP synchronization. Congestion avoidance is a traffic control mechanism used to avoid network overload by adjusting network traffic. With this mechanism, the router can monitor the usage of network resources and discard packets when the network congestion intensifies. Compared with the end-to-end traffic control, congestion avoidance involves the traffic load of more service flows in the router. When dropping packets, the router can cooperate with traffic control actions on the source end, such as TCP traffic control, to adjust the load of the network to a reasonable state.

Traditional Packet-Dropping Policy


In the traditional tail-drop policy, all the newly received packets are dropped when a queue reaches its maximum length. This method may lead to global TCP synchronization. When queues drop the packets of several TCP connections at the same time, the TCP connections start to adjust their traffic simultaneously. There is a possibility that all the TCP connection sources begin the slow start process to perform congestion avoidance. Then, all the TCP connection sources start to build up traffic, causing the traffic to peak at a certain time. As a result of global TCP synchronization, traffic on the network fluctuates cyclically.

RED and WRED


Random Early Detection (RED) or WRED algorithms are used to avoid the global TCP synchronization. The RED algorithm sets the upper and lower limits for each queue and specifies the following rules: l l l When the length of a queue is below the lower limit, no packet is dropped. When the length of a queue exceeds the upper limit, all the incoming packets are dropped. When the length of a queue is between the lower and upper limits, the incoming packets are dropped randomly. A random number is set for each received packet. The random number is compared with the drop probability of the current queue, and the packet is dropped when the random number is larger than the drop probability. The longer the queue, the higher the discard probability.

Unlike RED, the random number in WRED is based on the IP precedence of IP packets. WRED keeps a lower drop probability for the packet that has a higher IP precedence. RED and WRED employ the random packet drop policy to avoid global TCP synchronization. When the packets of a TCP connection are dropped and sent at a lower rate, the packets of other TCP connections are still being sent at a relatively higher rate. There are always some TCP connections whose packets are sent at a relatively higher rate, improving the utilization of network bandwidth.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 36

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

3 Congestion Avoidance Configuration

If packets of a queue are dropped by directly comparing the length of the queue with the upper and lower limits (which set the absolute length threshold of the queue), burst data is given unfair treatment and the transmission of data stream is affected. The average queue length is used to set the relative value for comparing the queue length threshold and average queue length. The average length of a queue is the average length of the queue through a low pass filter. It reflects queue changes and is not sensitive to burst changes in the queue length, thus avoiding the unfair treatment for burst data streams. Using Weighted Fair Queuing (WFQ), you can set the minimum threshold, maximum threshold and packet discard probability for every queue to provide different drop policies for different classes of packets. The relationship between WRED and queue mechanism is shown in Figure 3-1. Figure 3-1 Relationship between the WRED and queue mechanism

Packets sent throught this interface

WRED Drop

queue1 weight1 queue2 weight2

sent packets

queueN-1 weightN-1 Classification queueN weightN

sent queue Dispatching

Dropped packets

3.2 Congestion Avoidance Supported by the NE5000E


The congestion avoidance mechanism supported by the NE5000E is implemented by using the WRED algorithm, which identifies QoS information contained in the packet header, including the IP precedence, DSCP, and MPLS EXP. The WRED algorithm can set the queue length filter coefficient and discard probability of traffic based on its precedence, DSCP, or MPLS EXP. In this manner, packets with different priorities are treated differently. The NE5000E adopts the Weighted Random Early Detection (WRED) algorithm to implement congestion avoidance by applying WRED templates to various types of service.

3.3 Configuring WRED


Using WRED, you can set thresholds for random packet discard. This can avoid the situation in which the rates of multiple TCP connections are lowered at the same time, thus avoiding TCP global synchronization.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 37

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

3 Congestion Avoidance Configuration

Applicable Environment
Due to limited memory resources, packets that exceed specifications are traditionally discarded in the case of network congestion. When a large number of TCP packets are discarded, TCP connections will time out. As a result, TCP slow start and congestion avoidance are triggered so as to reduce the forwarding of packets by TCP. When the packets of several TCP connections are discarded at the same time, slow start and congestion avoidance of the TCP connections occur simultaneously, leading to what is called the global TCP synchronization. Thus, these TCP connections simultaneously send fewer packets to the queue so that the rate of incoming packets is lower than the rate of outgoing packets, reducing the bandwidth usage. To avoid global TCP synchronization, you can set queues to discard packets randomly by using the WRED mechanism. Random packet discarding of WRED can prevent multiple TCP connections from reducing their transmit rates at the same time, thus avoiding global TCP synchronization. In addition, the bandwidth can be efficiently utilized.
NOTE

WRED is usually used together with WFQ.

Pre-configuration Tasks
Before configuring WRED, complete the following tasks: l l l l Configuring the physical parameters of interfaces Configuring the link layer attributes of interfaces to ensure their normal operation Configuring IP addresses for interfaces Enabling the routing protocol for communication between devices

Configuration Procedures
Figure 3-2 Flowchart of configuring WRED
Configuring WRED Templates

Applying WRED Mandatory procedure Optional procedure

3.3.1 Configuring WRED Templates


Configure the lower percentage threshold, upper percentage threshold, and discarding probability for packets of different colors in WRED templates.

Context
With a WRED template, you can set the parameters for processing packets of three colors, that is, red, yellow, and green. Generally, green packets have the smallest discarding probability and the highest thresholds (both lower and higher); yellow packets have the medium discarding
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 38

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

3 Congestion Avoidance Configuration

probability and thresholds; the red packets have the highest discarding probability and the lowest thresholds. By configuring a WRED template, you can set the upper threshold, lower threshold, and discarding probability for queues. l l l When the length of a queue is below the lower percentage threshold, no packet is dropped. When the length of a queue is between the lower and upper percentage thresholds, incoming packets are dropped randomly. The longer the queue, the higher the discarding probability. When the length of a queue exceeds the upper percentage threshold, all the incoming packets are dropped.

You can configure limits and discarding probability for packets of every color. By default, the system provides a maximum of eight class queue WRED templates. Among them, one is the default template (the lower percentage threshold, the upper percentage threshold and the discarding percentage are all 100) and the other seven templates can be created by users.
NOTE

l If you do not configure a port-wred object, the system uses the default tail-drop policy. l You can configure the smallest upper and lower percentage thresholds for the queue containing red packets, medium upper and lower percentage thresholds for the queue containing yellow packets, and the highest upper and lower percentage thresholds for the queue containing green packets. l In actual configurations, it is recommended that the lower percentage threshold for WRED start from 50%, with the thresholds for packets of different colors being adjusted accordingly. The recommended discarding probability is 100%.

Do as follows on the router:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


wred wred-name

A WRED template is created, and the WRED template view is displayed. Step 3 Run:
color { green | yellow | red } low-limit low-limit-percentage high-limit limit-percent discard-percent discard-percent high-

The lower percentage threshold, upper percentage threshold, and discarding probability are set for packets of different colors. Step 4 Run:
commit

The configuration is committed. ----End

3.3.2 Applying WRED


Apply the configured WRED templates to the specified type of service.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 39

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

3 Congestion Avoidance Configuration

Context
Do as follows on the router that is configured with WRED templates.

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


queue service-type wred wred-name [ high-speed | low-speed ]

A WRED template is applied to the specified type of service. Step 3 Run:


commit

The configuration is committed. ----End

3.3.3 Checking the Configuration


Check the configuration information of configured WRED.

Procedure
l l Running the display wred configuration [ verbose [ wred-name ] ] command, you can view the discard parameters of the specified WRED template. Running the display queue configuration command, you can view the WRED templates that are applied to all types of service.

----End

Example
Run the display wred configuration [ verbose [ wred-name ] ] command to view the parameters of the specified WRED template.
<HUAWEI> display wred configuration verbose template wred name : template color low-limit high-limit discard-percent green 70 100 100 yellow 60 90 100 red 50 80 100

Run the display queue configuration command to view the WRED templates that are applied to all types of service.
<HUAWEI> display queue configuration queue be wred template queue af1 wred test high-speed queue af3 wred test low-speed

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

40

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

3 Congestion Avoidance Configuration

3.4 Configuration Example


This section describes congestion avoidance in terms of its application scenarios and configuration commands.

3.4.1 Example for Configuring Congestion Avoidance


This part describes how to configure congestion avoidance in a typical application scenarios. The device monitors the use of network resources, and starts to discard packets when it determines that congestion is intensifying.

Networking Requirements

CAUTION
On a single NE5000E, an interface is numbered in the format of slot number/card number/ interface number. In the multi-chassis scenario, an interface is numbered in the format of chassis ID/slot number/card number/interface number. This requires the chassis ID to be specified along with the slot number. As shown in Figure 3-3, Router A sends data to Router C through Router B. The data consists of mission-critical data, voice data, and non-mission-critical data. On Router B, the rate of the inbound interface POS1/0/0 on is greater than that of the outbound interface GE 2/0/0. Therefore, congestion may occur on GE 2/0/0 and may be intensifying. When congestion intensifies on the network, packets need to be dropped based on their service level. In this scenario, WRED and queue scheduling need to be configured on Router B. Figure 3-3 Networking diagram of configuring congestion avoidance

POS1/0/0 RouterA RouterB

GE2/0/0 RouterC

Configuration Notes
When configuring congestion avoidance, pay attention to the following: None.

Configuration Roadmap
The configuration roadmap is as follows:
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 41

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

3 Congestion Avoidance Configuration

1. 2.

Configure a WRED template to set the lower threshold, upper threshold, and discarding percentage for discarding packets. On Router B, configure WRED templates for class queues of varying service levels.

Data Preparation
To complete the configuration, you need the following data: l l WRED template name, lower and upper thresholds, discarding percentage, and packet color in each queue Service levels of class queues to which WRED discarding policies are applied

Procedure
Step 1 Configure WRED templates on Router B.
<routerB> system-view [~routerB] wred pw [~routerB-wred-queue-template-pw] color green low-limit 80 high-limit 100 discardpercentage 100 [~routerB-wred-queue-template-pw] color yellow low-limit 70 high-limit 90 discardpercentage 100 [~routerB-wred-queue-template-pw] color red low-limit 60 high-limit 80 discardpercentage 100 [~routerB-wred-queue-template-pw] commit [~routerB-wred-queue-template-pw] quit [~routerB] wred pw1 [~routerB-wred-queue-template-pw1] color green low-limit 70 high-limit 100 discardpercentage 100 [~routerB-wred-queue-template-pw1] color yellow low-limit 60 high-limit 90 discardpercentage 100 [~routerB-wred-queue-template-pw1] color red low-limit 50 high-limit 80 discardpercentage 100 [~routerB-wred-queue-template-pw1] commit [~routerB-wred-queue-template-pw1] quit [~routerB] wred pw2 [~routerB-wred-queue-template-pw2] color green low-limit 60 high-limit 90 discardpercentage 100 [~routerB-wred-queue-template-pw2] color yellow low-limit 50 high-limit 80 discardpercentage 100 [~routerB-wred-queue-template-pw2] color red low-limit 40 high-limit 70 discardpercentage 100 [~routerB-wred-queue-template-pw2] commit [~routerB-wred-queue-template-pw2] quit

After the preceding configuration, you can run the display wred configuration verbose command to view the parameters of the configured WRED templates.
<routerB> display wred wred name : pw color low-limit green 80 yellow 70 red 60 wred name : pw1 color low-limit green 70 yellow 60 red 50 wred name : pw2 color low-limit green 60 yellow 50 red 40 configuration verbose high-limit 100 90 80 high-limit 100 90 80 high-limit 90 80 70 discard-percent 100 100 100 discard-percent 100 100 100 discard-percent 100 100 100

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

42

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

3 Congestion Avoidance Configuration

Step 2 On Router B apply WRED templates to class queues of varying service levels.
<routerB> system-view [~routerB] queue ef wred pw [~routerB] queue af1 wred pw1 [~routerB] queue af3 wred pw1 [~routerB] queue be wred pw2 [~routerB] commit [~routerB] return

After the preceding configuration, run the display queue configuration command to view the WRED templates that are applied to all types of service.
<routerB> display queue configuration queue ef wred pw queue af1 wred pw1 queue af3 wred pw1 queue be wred pw2

Step 3 Verify the configuration. When there is traffic transiting the network, run the display qos queue [ interface interfacetype interface-number [ service-class ] ] command on Router B. The command output shows that the traffic volumes of varying service levels increase rapidly. With the rapid increase in traffic volume, the volume of discarded traffic also increases rapidly according to the configured WRED discarding parameters. ----End

Configuration File
l Configuration file of Router B
# sysname routerB # wred pw color green low-limit 80 high-limit 100 discard-percentage 100 color yellow low-limit 70 high-limit 90 discard-percentage 100 color red low-limit 60 high-limit 80 discard-percentage 100 wred pw1 color green low-limit 70 high-limit 100 discard-percentage 100 color yellow low-limit 60 high-limit 90 discard-percentage 100 color red low-limit 50 high-limit 80 discard-percentage 100 wred pw2 color green low-limit 60 high-limit 90 discard-percentage 100 color yellow low-limit 50 high-limit 80 discard-percentage 100 color red low-limit 40 high-limit 70 discard-percentage 100 # queue ef wred pw queue af1 wred pw1 queue af3 wred pw1 queue be wred pw2 # interface pos1/0/0 ip address 10.1.1.1 255.255.255.0 undo shutdown # interface GigabitEthernet2/0/0 ip address 20.1.1.1 255.255.255.0 undo shutdown # return

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

43

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

4
About This Chapter

Class-based QoS Configuration

This chapter describes the configuration of traffic policy based on complex traffic classification as well as the priority mapping in simple traffic classification. In addition, this chapter also provides configuration examples. 4.1 Class-based QoS Overview Class-based QoS classifies traffic according to certain rules and associates traffic classes with specified traffic behaviors, forming various traffic policies. Through the application of these policies on interfaces, class-based traffic policing, traffic shaping, congestion management, and precedence re-marking are implemented. 4.2 Class-based QoS Supported by the NE5000E The NE5000E supports the use of class-based QoS in implementing traffic policing, traffic shaping, congestion management, and precedence re-marking. 4.3 Configuring CTC-based Traffic Policies for IP Packets This section describes how to configure CTC-based traffic policies for IP packets and applicable environment. 4.4 Configuring Priority Mappings for IP Packets This section describes how to configure priority mappings for IP packets and the application environment of this function. 4.5 Configuring CTC-based Traffic Policies for VLAN Packets This section describes how to configure CTC-based traffic policies for VLAN packets. 4.6 Configuring Priority Mappings for VLAN Packets This section describes how to configure priority mappings for VLAN packets and the application environment of this function. 4.7 Configuring Priority Mappings for MPLS Packets This section describes how to configure priority mappings for MPLS packets and the application environment of this function. 4.8 Maintaining Class-based QoS Configuration This section describes how to clear statistics of traffic policies. 4.9 Configuration Example
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 44

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

This section provides typical examples for configuring class-based QoS.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

45

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

4.1 Class-based QoS Overview


Class-based QoS classifies traffic according to certain rules and associates traffic classes with specified traffic behaviors, forming various traffic policies. Through the application of these policies on interfaces, class-based traffic policing, traffic shaping, congestion management, and precedence re-marking are implemented. The NE5000E supports Diff-Serv and provides standard forwarding services such as EF and AF for users. These forwarding services are implemented on the basis of traffic management measures such as traffic classification, traffic policing, traffic shaping, and congestion avoidance. The NE5000E supports traffic policies with the above measures and mapping between QoS fields in the IP header and the MPLS header. Traffic policies include CTC-based traffic policies, traffic policies based on simple traffic classification, and internal traffic policies of the router. l Using CTC-based traffic policies, the system implements traffic policing, re-marking, packet filtering, policy-based routing, and traffic sampling according to the class of the traffic. CTC-based traffic policies are generally configured on the router at the edge of a DiffServ domain. Traffic policies based on simple traffic classification re-set the service level, color, and discarding priority according to the tags carried by packets. Simple traffic classification is generally configured on the router that is located near the core of a network. Internal traffic policies on the router control the traffic from the LPU to the MPU and therefore ensure that the MPU is in a secure and stable state.
NOTE

l DiffServ is mainly used to guarantee the bandwidth for behavior aggregate (BA) data streams. The NE5000E allocates resources to the services of different classes such as expedited forwarding (EF) and assured forwarding (AF) through the predefined queue scheduling mechanism. Users do not need to configure queue management. l The priority of CTC-based traffic policies is higher than that of traffic policies based on simple traffic classification.

Traffic Classification
Traffic classification is used to identify packets that have the same characteristics according to specific rules. It is the basis for providing differentiated services. Traffic classification consists of complex traffic classification and simple traffic classification: l Simple traffic classification The simple traffic classification refers to classifying packets according to the IP precedence or DSCP value of the IP packet, the EXP value of the MPLS packet, or the 802.1p priority of the VLAN packet. It is used to simply identify the traffic that has the specific precedence or class of service. l Complex traffic classification The complex traffic classification refers to classifying packets according to more complex rules, for example, the rules combining the link layer, the network layer, and the transport layer information such as the source MAC address, destination MAC address, source IP address, destination IP address, acl number, protocol type, and TCP/UDP port number.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 46

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

Traffic Behavior
Traffic classification is the basis of providing differentiated services. Traffic classification is meaningful only after it is associated with traffic control actions. The NE5000E supports the following traffic actions and the combination of these traffic actions: l Deny/Permit Deny/Permit is the simplest traffic control action. It enables the NE5000E to control traffic by discarding packets or allowing packets to pass through. l Mark This traffic control action is used to set the precedence field in a packet. The precedence field in a packet varies with the network type. For example, packets carry the 802.1p field in the VLAN, the DSCP field in the DiffServ network, and the EXP field in the MPLS network. Therefore, the router must be able to mark the precedences of packets according to their network types. Usually, devices at the border of a network mark the precedence of the incoming packets. Devices inside the network provide corresponding QoS services according to the precedences marked by border devices, or re-mark the precedences according to its own standard. l Redirect The redirect action indicates that the device does not forward packets according to the original destination addresses of the packets but forwards the packets to a specified next hop or Label Switched Path (LSP). In this manner, policy-based routing is implemented. l Traffic policing It is a traffic control action used to limit the traffic and the resource used by the traffic by monitoring the volume of the traffic. With traffic policing, the router can discard, re-mark the color or precedence of, or implement other QoS measures over the packets that exceed the specifications. l Security It refers to implementing such measures as Unicast Reverse Path Forwarding (URPF), port mirroring, or traffic statistics on packets. Security actions are not QoS measures but can be used together with QoS actions to improve the security of the network.

Precedence Mapping
The precedence field in a packet varies with the network type. For example, a packet carries the 802.1p field in the VLAN, the DSCP field in the Diff-Serv network, and the EXP field in the MPLS network. When a packet passes through different networks, the gateway must be configured with mappings between various types of precedence values to retain the original precedence of the packet. When the NE5000E serves as the gateway joining different networks, the external precedences in the packets arriving at the NE5000E are all mapped to the internal precedences of the NE5000E. When the NE5000E sends out these packets, the internal precedences are mapped back to the original external precedences of the packets.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

47

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

4.2 Class-based QoS Supported by the NE5000E


The NE5000E supports the use of class-based QoS in implementing traffic policing, traffic shaping, congestion management, and precedence re-marking. The NE5000E supports class-based QoS to carry out: l l Traffic policing based on complex traffic classification, re-marking, policy-based routing, load balancing, URPF, NetStream, and mirroring. Mapping of priorities of services between networks based on simple traffic classification.

4.3 Configuring CTC-based Traffic Policies for IP Packets


This section describes how to configure CTC-based traffic policies for IP packets and applicable environment.

Applicable Environment
To manage or limit the traffic that goes into or flows in a network according to the class of service, you need to configure QoS traffic policies based on the complex traffic classification. That is, you need to provide differentiated services according to parameters such as DSCP, protocol type, IP address, or port number in the packet. In this way, traffic from different users, such as voice services, video services, and data services can be served differently in terms of bandwidth, delay, and precedence. CTC-based traffic policies are usually configured on the router located at the edge of the network, whereas traffic policies that are based on simple traffic classification are configured on the router located near the core of a network.

Pre-configuration Tasks
Before configuring CTC-based traffic policies for IP packets, you need to complete the following tasks: l l l l Configuring the physical parameters of interfaces Configuring the link layer attributes of interfaces to ensure their normal operation Configuring IP addresses for interfaces Enabling the routing protocol for communication between devices

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

48

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

Configuration Procedures
Figure 4-1 Flowchart of configuring CTC-based traffic policies for IP packets
Defining a Traffic Classifier Defining a Traffic Behavior and Configuring Actions Defining a Policy and Specifying a Behavior for a Classifier in the Policy Applying a Traffic Policy
Enabling the Statistical Function of a Traffic Policy

Mandatory procedure Optional procedure

4.3.1 Defining a Traffic Classifier


You need to configure traffic classification before configuring class-based QoS. The traffic classification can be configured based on ACL, IP precedence, protocol type, MAC address, protocol address, and so on.

Procedure
l Defining traffic classifiers based on Layer 3 or Layer 4 information Do as follows on the router: 1. Run:
system-view

The system view is displayed. 2. Run:


traffic classifier classifier-name [ operator { and | or } ]

A traffic classifier is defined and the traffic classifier view is displayed. 3. Choose the required matching rule according to your needs: To set a matching rule to classify traffic based on the ACL number, run the ifmatch [ ipv6 ] acl { acl-number | name acl-name } command. To define a matching rule to classify traffic based on a DSCP value, run the ifmatch [ ipv6 ] dscp dscp-value command. To define a matching rule to classify traffic based on the TCP flag value, run the if-match tcp syn-flag tcpflag-value command.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 49

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

To define a matching rule to classify traffic based on the precedence of an IP packet, run the if-match ip-precedence ip-precedence command. To define a matching rule to classify traffic based on the MPLS EXP value, run the if-match mpls-exp exp-value command. To define a matching rule to all packets, run the if-match [ ipv6 ] any command. To define a matching rule to classify traffic based on the value of the next IPv6 header, run the if-match ipv6 next-header command. To set a matching rule to classify traffic based on the source IPv6 address, run the if-match ipv6 source-address ipv6-address prefix-length command. To define a matching rule to classify traffic based on a destination IPv6 address, run the if-match ipv6 destination-address ipv6-address prefix-length command.
NOTE

For IPv6 packets, you need to specify the keyword ipv6 when defining a matching rule in Step 3. A matching rule defined to match packets based on source or destination addresses is valid with IPv6 packets, but not with IPv4 packets. You can define different ACL rules as required, including protocol type, source address, destination address, and ToS in packets. The if-match acl command filters packets according to ACL rules defined in the rule command and then performs traffic actions accordingly.

If you define multiple matching rules in one traffic classifier, you can set the logical relationship between the matching rules by specifying the parameter operator in Step 2. and: A packet belongs to the classifier only when it matches all the rules. or: A packet belongs to the classifier if it matches any one of the rules. By default, the value of the logic operator of the rules is or. 4. Run:
commit

The configuration is committed. l Defining traffic classifiers based on Layer 2 information Do as follows on the router: 1. Run:
system-view

The system view is displayed. 2. Run:


traffic classifier classifier-name [ operator { and | or } ]

The traffic class is defined and the traffic class view is displayed. 3. Define desired matching rules on the router according to your requirements. To set a matching rule to classify traffic based on the ACL number, run the ifmatch [ ipv6 ] acl { acl-number | name acl-name } command. To set a matching rule to classify VLAN packets based on the 802.1p priority, run the if-match 8021p 8021p-value command. To set a matching rule to classify traffic based on the source MAC address, run the if-match source-mac mac-address command.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 50

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

To set a matching rule to classify traffic based on the destination MAC address, run the if-match destination-mac mac-address command. If you set more than one matching rule for the same classifier, you can set their logical relations by specifying the parameter operator in Step 2. For detailed instructions, refer to the previous section. If multiple traffic classifiers are configured in one traffic policy, the traffic behaviors corresponding to these traffic classifiers are implemented in different orders. When multiple traffic classifiers match the different fields of an IP packets, the traffic behavior of the traffic classifier that is first bound to a traffic policy is preferentially implemented. For example, as shown in Table 4-1, Policy 1 defines two traffic classifiers and their corresponding traffic behaviors. If a packet matches all the two traffic classification rules, behavior 1 is performed on the packet. That is, the 802.1p value of the packet is re-marked to 1. Table 4-1 Traffic classifiers and behaviors defined in Policy 1 Traffic Classifier Classifier 1 Matching Rule Matching the destination MAC address Matching the source MAC address Traffic Behavior Behavior 1 Traffic Action Re-marking the 8021p value to 1 Re-marking the 8021p value to 3

Classifier 3

Behavior 3

Multiple traffic rules can match the same field of an IP packet, but no packet can match multiple traffic classifiers once. This means that only the traffic action in the traffic classifier that matches the traffic rule is performed on the packet. For example, as shown in Table 4-2, Policy 2 defines three traffic classifiers and their corresponding traffic behaviors. Multiple traffic rules can match the fields of the same IP packet, but no packet can match multiple traffic rules once. This means that only the traffic action in the traffic classifier that matches the traffic rule is performed on the packet. Table 4-2 Traffic classifiers and behaviors defined in Policy 2 Traffic Classifier Classifier 1 Matching Rule Matching the destination MAC address 1-1-1 Matching the destination MAC address 2-2-2 Traffic Behavior Behavior 1 Traffic Action Re-marking the 8021p value to 1 Re-marking the 8021p value to 2

Classifier 2

Behavior 2

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

51

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

Traffic Classifier Classifier 3

Matching Rule Matching the destination MAC address 3-3-3

Traffic Behavior Behavior 3

Traffic Action Re-marking the 8021p value to 3

Multiple traffic classifiers can match the same protocol field or different protocol fields. Traffic classifiers matching the fields of the same IP packet do not conflict. If traffic classifiers in a traffic policy match different fields of an IP packet, the traffic behavior in the traffic classifier that is first bound to the traffic policy is performed. For example, as shown in Table 4-3, Policy 3 defines three traffic classifiers and their corresponding traffic behaviors. In Policy 3, Classifier 1 and Classifier 3 match the same IP packet field, but do not conflict with each other. When a packet matches both Classifier 1 and Classifier 2, the traffic behavior in Classifier 1 is performed on the packet. when a packet matches both Classifier 2 and Classifier 3, the traffic behavior in Classifier 2 is performed on the packet. Table 4-3 Traffic classifiers and behaviors defined in Policy 3 Traffic Classifier Classifier 1 Matching Rule Matching the destination MAC address 1-1-1 Matching the source MAC address 2-2-2 Matching the destination MAC address 3-3-3 Traffic Behavior Behavior 1 Traffic Action Re-marking the 8021p value to 1 Re-marking the 8021p value to 2 Re-marking the 8021p value to 3

Classifier 2 Classifier 3

Behavior 2 Behavior 3

4.

Run:
commit

The configuration is committed. ----End

4.3.2 Defining a Traffic Behavior and Configuring Actions


This section describes the traffic behaviors support by NE5000E and how to configure.

Context
The NE5000E supports various types of traffic behaviors. You can choose one or more behaviors to meet your requirements.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 52

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

Procedure
l Configuring Packet Filtering Actions Do as follows on the router: 1. Run:
system-view

The system view is displayed. 2. Run:


traffic behavior behavior-name

A traffic behavior is configured and the traffic behavior view is displayed. 3. Run:
permit/deny

Packets are allowed or forbidden to pass.


NOTE

If both the if-match any and deny parameters are configured in a complex traffic classification rule, the device discards all packets, including protocol packets, that flow through an interface. Therefore, use caution when configuring both the if-match any and deny parameters in a traffic classification rule. If the permit or deny action is configured in both the rule command and the traffic behavior view, only packets that are permitted by the rule command are processed according to the configured traffic behavior. If the deny action is configured in either the rule command or the traffic behavior view, all matched packets are discarded.

4.

Run:
commit

The configuration is committed. l Configuring Traffic Policing Actions Do as follows on the router: 1. Run:
system-view

The system view is displayed. 2. Run:


traffic behavior behavior-name

A traffic behavior is configured and the traffic behavior view is displayed. 3. Run:
car { cir cir-value [ pir pir-value ] } [ cbs cbs-value pbs pbs-value ] [ green { discard | pass [ service-class class color color ] } | yellow { discard | pass [ service-class class color color ] } | red { discard | pass [ service-class class color color ] } ] *

A traffic policing action is configured. After you configure a traffic policing action for a traffic policy, the traffic policy can be applied to both incoming and outgoing traffic on an interface. The original qos car command that is configured on an interfaces affected after a traffic policy configured with traffic policing action is applied to the interface.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 53

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

This command is cyclic in nature. That is, if this command is configured for multiple times, only the last configuration takes effect.
NOTE

If the CoS of a packet is re-marked as EF, BE, CS6, or CS7, the packet can be re-marked only in green. Only the pass action is applicable to yellow packets on the LPUE, LPUI, LPUR, and LPUM, and both the pass and discard actions are applicable to yellow packets on the LPUF-100, LPUI-100, and LPUF-200.

4.

Run:
commit

The configuration is committed. l Setting the Forcible traffic classification Do as follows on the router: 1. Run:
system-view

The system view is displayed. 2. Run:


traffic behavior behavior-name

A traffic behavior is configured and the traffic behavior view is displayed. 3. Run:
service-class service-class color color

Packets with a certain CoS are colored. 4. Run:


commit

The configuration is committed. l Setting the Packet Precedence Do as follows on the router: 1. Run:
system-view

The system view is displayed. 2. Run:


traffic behavior behavior-name

A traffic behavior is configured and the traffic behavior view is displayed. 3. Configure the router as follows: To re-mark the precedence of IP packets, run the remark ip-precedence ipprecedence command. To re-mark the DSCP value of IP packets, run the remark [ ipv6 ] dscp dscpvalue command. To re-mark the precedence of VLAN packets, run the remark 8021p 8021pvalue command.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 54

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


NOTE

4 Class-based QoS Configuration

To re-mark the DSCP value of IPv6 packets, run the remark ipv6 dscp dscp-value command. The remark 8021p 8021p-value command takes effect with only incoming traffic on the router.

4.

Run:
commit

The configuration is committed. l Setting Packet Forwarding Actions

CAUTION
l Redirecting of packets to the public network LSP can be configured only on the ingress node of the MPLS network, and cannot be configured on other nodes such as transit or egress. l Redirecting of packets to the public network LSP can be configured for only singletagged MPLS packets. Do as follows on the router: 1. Run:
system-view

The system view is displayed. 2. Run:


traffic behavior behavior-name

A traffic behavior is configured and the traffic behavior view is displayed. 3. Configure the router as follows: To directly forward packets without redirecting them, run the permit command in the traffic behavior view. To directly drop packets without redirecting them, run the deny command in the traffic behavior view. To redirect packets to a single next hop, run the redirect ip-nexthop ip-address [ interface interface-type interface-number [.subinterface-number] ] command. To redirect packets to multiple next hops, run the redirect ipv4-multinhp nhp ip-address interface interface-type interface-number { nhp ip-address interface interface-type interface-number } &<1-16> [ loadbalance ] command. To redirect IP packets to the public network LSP, run the redirect lsp public destipv4-address [ nexthop-address | interface interface-type interface-number [.subinterface-number] | secondary ] command. To redirect packets to a specified VPN group, run the redirect vpn-group vpngroup-name command.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

55

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


NOTE

4 Class-based QoS Configuration

To redirect IPv6 packets to a single next hop, run the redirect ipv6-nexthop command. To redirect IPv6 packets to multiple hop, run the redirect ipv6-multinhp command. When the redirection policy in the traffic behavior is a Discard policy, the IP address and outbound interface of the next hop must be specified. When the redirection policy in the traffic behavior is a Forward policy, the IP address of the next hop must be specified. In IPv6 application, the IP address of the next hop specified for a Discard policy must be an IPv6 link-local address or an IPv6 unicast address; the IP address of the next hop specified for a Forward policy can be only an IPv6 unicast address.

The action deny and other traffic actions are mutually exclusive. Traffic that is configured with the deny action cannot be further processed unless the traffic is configured with the permit action. 4. Run:
commit

The configuration is committed. l Configuring the Load Balancing Mode Do as follows on the router: 1. Run:
system-view

The system view is displayed. 2. Run:


traffic behavior behavior-name

A traffic behavior is configured and the traffic behavior view is displayed. 3. Run:
load-balance flow

The load balancing mode is set to be flow-by-flow. 4. Run:


commit

The configuration is committed. ----End

4.3.3 Defining a Policy and Specifying a Behavior for a Classifier in the Policy
After traffic classifiers and traffic behaviors are defined, traffic classifiers and traffic behaviors need to be associated to form traffic policies.

Context
Do as follows on the router:

Procedure
Step 1 Run:
system-view

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

56

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

The system view is displayed. Step 2 Run:


traffic policy policy-name

A traffic policy is defined and the traffic policy view is displayed. Step 3 Run:
classifier classifier-name behavior behavior-name [ precedence precedence-value ]

A traffic behavior is specified for the specified traffic classifier in the traffic policy and the precedence of the traffic policy is also specified. Step 4 (Option) Run:
step step-number

The step between policies is specified. Step 5 Run:


commit

The configuration is committed. ----End

4.3.4 Applying a Traffic Policy


A class-based policy does not take effect unless it is applied to an interface.

Context
Do as follows on the router:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


interface interface-type interface-number

The interface view is displayed. Step 3 Run:


traffic-policy policy-name { inbound [ link-layer | mpls-layer ] | outbound [ linklayer ] }

A traffic policy is applied to the interface.


NOTE

On the LPUE and LPUI, the traffic policy can be applied only to the upstream IPv6 packets on an interface.

If you specify link-layer, the router first performs rule-matching according to Layer 2 information and implements a corresponding traffic action. If Layer 2 information of a packet does not match the traffic rule, the system performs rule-matching according to Layer 3 information and implements a corresponding traffic action.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 57

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

If you specify the keyword mpls-layer, a router performs complex traffic classification based on the MPLS information of the packets.
NOTE

The keyword mpls-layer is supported on the inbound interface of the LPUI-100, and LPUF-100.

By default, the router performs complex traffic classification based on Layer 3 or Layer 4 information and other information. Step 4 Run:
commit

The configuration is committed. ----End

4.3.5 Enabling the Statistical Function of a Traffic Policy


The statistical function of a traffic policy should be enabled when check the statistic information.

Context
Do as follows on the router that is configured with traffic policies:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


traffic policy policy-name

The view of a specified traffic policy is displayed. Step 3 Run:


statistics enable

The statistical function of the traffic policy is enabled. Step 4 Run:


share-mode

The shared mode is specified for the traffic policy.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

58

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


NOTE

4 Class-based QoS Configuration

Step 3 is optional. To save memory, the statistical function of traffic policies is disabled by default. To display the statistics about a traffic policy, you can enable statistics for the traffic policy by running the statistics enable command. Step 4 is optional. The default attribute of a policy is shared. l After a traffic policy is applied to an interface, you cannot change the mode of the traffic policy, whether its attribute is shared or unshared. Before changing the shared or unshared mode of the traffic policy, you must disable the traffic policy on the interface. l If a shared traffic policy is applied to different interfaces, this shared traffic policy collects statistics on the traffic of all the interfaces as a whole. That is, the shared traffic policy does not collect statistics on the traffic of interfaces individually. l If an unshared traffic policy is applied to different interfaces, this unshared traffic policy collects statistics on the traffic of the interfaces individually. l A traffic policy collects statistics on incoming traffic and outgoing traffic individually, whether its attribute is shared or unshared.

Step 5 Run:
commit

The configuration is committed. ----End

4.3.6 Checking the Configuration


After class-based QoS is successfully configured, you can view the traffic classifiers, traffic behaviors, binding between traffic classifiers and behaviors in the specified traffic policy, configured traffic policies and their application, and configured queues and their application.

Procedure
l l l l Run the display interface [ interface-type [ interface-number ] ] command to view the information about the traffic on the interface. Run the display traffic behavior { system-defined | user-defined } [ behavior-name ] command to view information about the configured traffic behaviors. Run the display traffic classifier { system-defined | user-defined } [ classifier-name ] command to view information about the configured traffic classifiers. Run the display traffic policy { system-defined | user-defined } [ policy-name [ classifier classifier-name ] ] command to view information about the association between all or the specified traffic classifiers and traffic behaviors in traffic policies. Run the display traffic policy statistics interface interface-type interface-number [ .subinterface ] { inbound | outbound } [ verbose { classifier-based | rule-based } [ class class-name ] ] command to view traffic statistics of traffic policies that are configured on the interface.

----End

Example
If the configuration is successful: l Running the display traffic behavior command, you can view the name of the configured traffic behavior and its actions.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 59

Issue 01 (2012-06-30)

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

l l l

Running the display traffic classifier command, you can view the name of the configured traffic classifier and its matching rules, as well as the logic operator of the rules. Running the display traffic policy command, you can view the association between traffic classifiers and traffic behaviors in a traffic policy. Running the display traffic policy statistics command, you can view the traffic statistics of traffic policies that are configured on the interface.
<HUAWEI> display traffic policy statistics interface gigabitethernet 1/0/0 inbound Info: The statistics is shared because the policy is shared. Interface: GigabitEthernet1/0/0 Traffic policy inbound: test Traffic policy applied at 2007-08-30 18:30:20 Statistics enabled at 2007-08-30 18:30:20 Statistics last cleared: Never Rule number: 7 IPv4, 1 IPv6 Current status: OK! Item Packets Bytes ------------------------------------------------------------------Matched 1,000 100,000 +--Passed 500 50,000 +--Dropped 500 50,000 Missed 500 50,000 Last 30 seconds rate Item pps bps ------------------------------------------------------------------Matched 1,000 100,000 +--Passed 500 50,000 +--Dropped 500 50,000 Missed 500 50,000

4.4 Configuring Priority Mappings for IP Packets


This section describes how to configure priority mappings for IP packets and the application environment of this function.

Context
Traffic policy based on simple traffic classification is used to map the precedence of traffic on one type of network to another type. That is, to transmit the traffic in the other network according to the original precedence. When the NE5000E serves as the border router for different networks, the original external priorities (DSCP values) in the IP packets that go into the NE5000E are all mapped to the internal priorities of the router represented by service classes of DiffServ and colors. When the NE5000E sends out the packet, the internal priority is mapped back to the external priority. Simple traffic classification is usually implemented on the core devices of the network. It can be implemented on both physical and logical interfaces. If implemented on the logical interface, simple traffic classification can limit traffic congestion on member ports of the logical interface and restrict the precedence of packets on the logical interface. A Diff-Serv (DS) domain is a group of Diff-Serv nodes that adopt the same service policies and implement the same PHB aggregate. The precedence of packets is usually accepted or re-defined on the core router. On the border router in the IP domain or MPLS domain, DSCP and EXP also need to be mapped.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 60

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

The simple traffic classification can map the internal precedence to the external precedence, and the external precedence to the internal precedence. However, mapping between traffic of the same type, for example, IP traffic or MPLS traffic, is not supported.
NOTE

Using the qos default-service-class command, you can configure the upstream traffic on the interface to enter the specific queues and provide service. By default, the traffic enters the queues with the service class as BE. After this command is run, other packets cannot be enabled to enter the queues, and simple traffic classification cannot be enabled.

Do as follows on the router:

Pre-configuration Tasks
Before configuring traffic shaping, complete the following tasks: l l l l Configuring the physical parameters of interfaces Configuring the link layer attributes of interfaces to ensure their normal operation Configuring IP addresses for interfaces Enabling the routing protocol for communication between devices

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


diffserv domain { ds-domain-name | default }

A DS domain is defined and the DS domain view is displayed. Step 3 Define traffic policies on the router based on the actual situation. l To define a traffic policy for incoming IP traffic, run the ip-dscp-inbound dscp-value phb service-class [ color ] command. l To define a traffic policy for outgoing IP traffic, run the ip-dscp-outbound service-class color map dscp-value command. The system predefines a domain named default for IP packets. You are not allowed to delete the default domain. If the priority mapping in Step 3 is not set in the DS domain, the system uses the default mapping. The default domain describes the default mappings between the DSCP values, QoS service classes, and colors for IP packets. You can change the mappings in as required. In the default domain, the DSCP values of the packets from an upstream device are mapped to QoS service classes and colors. Their mappings are shown in Table 4-4. The QoS service classes and colors of the packets entering a downstream device are mapped to DSCP values. Their mappings are shown in Table 4-5.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

61

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

Table 4-4 Default mappings between DSCP values and service classes in the default domain DSCP 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Service BE BE BE BE BE BE BE BE AF1 BE AF1 BE AF1 BE AF1 BE AF2 BE AF2 BE AF2 BE AF2 BE AF3 BE AF3 BE AF3 Color Green Green Green Green Green Green Green Green Green Green Green Green Yellow Green Red Green Green Green Green Green Yellow Green Red Green Green Green Green Green Yellow DSCP 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 Service AF4 BE AF4 BE AF4 BE AF4 BE EF BE BE BE BE BE EF BE CS6 BE BE BE BE BE BE BE CS7 BE BE BE BE Color Green Green Green Green Yellow Green Red Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

62

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

DSCP 29 30 31

Service BE AF3 BE

Color Green Red Green

DSCP 61 62 63

Service BE BE BE

Color Green Green Green

Table 4-5 shows the default mappings between internal service classes, colors, and DSCP values for IP packets. Table 4-5 Default mappings between service classes and DSCP values Service BE AF1 AF1 AF1 AF2 AF2 AF2 AF3 AF3 AF3 AF4 AF4 AF4 EF CS6 CS7 Color Green Green Yellow Red Green Yellow Red Green Yellow Red Green Yellow Red Green Green Green DSCP 0 10 12 14 18 20 22 26 28 30 34 36 38 46 48 56

Step 4 Run:
commit

The configuration is committed. Step 5 Run:


quit

Return to the system view.


Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 63

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

Step 6 Run:
interface interface-type interface-number

The interface view is displayed. Step 7 Run:


trust upstream { ds-domain-name | default }

The DS domain is bound to the interface, and simple traffic classification is enabled on the interface. Step 8 Run:
commit

The configuration is committed. ----End

4.5 Configuring CTC-based Traffic Policies for VLAN Packets


This section describes how to configure CTC-based traffic policies for VLAN packets.

Applicable Environment
To manage or limit the traffic that goes into or flows in a network according to the class of service, you need to configure QoS traffic policies based on the complex traffic classification. That is, you need to provide differentiated services according to the VLAN attributes of packets. In this way, traffic from different users, such as voice services, video services, and data services can be served differently in terms of bandwidth, delay, and precedence. After VLAN QoS is used for the traffic entering the VLAN network, the traffic can either retain its QoS attributes of the previous network, or has its QoS attributes modified according to the configurations of the VLAN. In this manner, the traffic continues to be transmitted in the VLAN network. CTC-based traffic policies are usually configured on the router located at the edge of the network, whereas traffic policies that are based on simple traffic classification are configured on the router located near the core of a network.

Pre-configuration Tasks
Before configuring CTC-based traffic policies for VLAN packets, you need to complete the following tasks: l l l Configuring physical parameters on interfaces Configuring link-layer attributes on interfaces Assigning IP addresses to interfaces

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

64

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

Configuration Procedures
Figure 4-2 Flowchart of configuring CTC-based traffic policies for VLAN packets
Configuring Rules for Mapping VLAN Frame Priorities Configuring VLAN Priorities

Defining a Traffic Policy and Specifying Its Traffic Behaviors

Applying a Traffic Policy


Enabling the Statistical Function of a Traffic Policy

Mandatory procedure Optional procedure

4.5.1 Configuring Rules for Mapping VLAN Frame Priorities


This section describes how to configure the rule for mapping VLAN frame priorities.

Context
Do as follows on the router:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


traffic classifier classifier-name [ operator { and | or } ]

A traffic classifier is created and the traffic classifier view is displayed. Step 3 Run:
if-match 8021p 8021p-value

A rule for mapping the 802.1p values of VLAN packets is defined. Step 4 Run:
commit

The configuration is committed. ----End


Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 65

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

4.5.2 Configuring VLAN Priorities


This section describes how to configure the VLAN priorities.

Context
Do as follows on the router:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


traffic behavior behavior-name

A traffic behavior is configured and the traffic behavior view is displayed. Step 3 Run:
remark 8021p 8021p-value

The 802.1p value for VLAN packets is configured. Step 4 Run:


commit

The configuration is committed. ----End

4.5.3 Defining a Traffic Policy and Specifying Its Traffic Behaviors


After traffic classifiers and traffic behaviors are defined, traffic classifiers and traffic behaviors need to be associated to form traffic policies.

Context
Do as follows on the router:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


traffic policy policy-name

A traffic policy is defined and the traffic policy view is displayed. Step 3 Run:
classifier classifier-name behavior behavior-name [ precedence precedence-value ]

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

66

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

A traffic behavior is specified for the specified traffic classifier in the traffic policy and the precedence of the traffic policy is also specified. Step 4 (Option) Run:
step step-number

The step between policies is specified. Step 5 Run:


commit

The configuration is committed. ----End

4.5.4 Applying a Traffic Policy


A class-based policy does not take effect unless it is applied to an interface.

Context
Do as follows on the router:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


interface interface-type interface-number

The interface view is displayed. Step 3 Run:


traffic-policy policy-name { inbound [ link-layer | mpls-layer ] | outbound [ linklayer ] }

A traffic policy is applied to the interface. If you specify link-layer, the router first performs rule-matching according to Layer 2 information and implements a corresponding traffic action. If Layer 2 information of a packet does not match the traffic rule, the system performs rule-matching according to Layer 3 information and implements a corresponding traffic action. If you specify the keyword mpls-layer, a router performs complex traffic classification based on the MPLS information of the packets.
NOTE

The keyword mpls-layer is supported on the inbound interface of the LPUI-100, and LPUF-100.

By default, the router performs complex traffic classification based on Layer 3 or Layer 4 information and other information. Step 4 Run:
commit

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

67

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

The configuration is committed. ----End

4.5.5 Enabling the Statistical Function of a Traffic Policy


The statistical function of a traffic policy should be enabled when check the statistic information.

Context
Do as follows on the router that is configured with traffic policies:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


traffic policy policy-name

The view of a specified traffic policy is displayed. Step 3 Run:


statistics enable

The statistical function of the traffic policy is enabled. Step 4 Run:


share-mode

The shared mode is specified for the traffic policy.


NOTE

Step 3 is optional. To save memory, the statistical function of traffic policies is disabled by default. To display the statistics about a traffic policy, you can enable statistics for the traffic policy by running the statistics enable command. Step 4 is optional. The default attribute of a policy is shared. l After a traffic policy is applied to an interface, you cannot change the mode of the traffic policy, whether its attribute is shared or unshared. Before changing the shared or unshared mode of the traffic policy, you must disable the traffic policy on the interface. l If a shared traffic policy is applied to different interfaces, this shared traffic policy collects statistics on the traffic of all the interfaces as a whole. That is, the shared traffic policy does not collect statistics on the traffic of interfaces individually. l If an unshared traffic policy is applied to different interfaces, this unshared traffic policy collects statistics on the traffic of the interfaces individually. l A traffic policy collects statistics on incoming traffic and outgoing traffic individually, whether its attribute is shared or unshared.

Step 5 Run:
commit

The configuration is committed. ----End


Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 68

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

4.5.6 Checking the Configuration


After VLAN QoS is successfully configured, you can view the traffic classifiers, traffic behaviors, binding between traffic classifiers and behaviors in the specified traffic policy, configured traffic policies and their application, and configured queues and their application.

Procedure
l Run the display interface [ interface-type [ interface-number ] ] [ | { begin | exclude | include } regular-expression ] command to view the information about the traffic on the interface. Run the display traffic behavior { system-defined | user-defined } [ behavior-name ] command to view information about the configured traffic behaviors. Run the display traffic classifier { system-defined | user-defined } [ classifier-name ] command to view information about the configured traffic classifiers. Run the display traffic policy { system-defined | user-defined } [ policy-name [ classifier classifier-name ] ] command to view information about the association between all or the specified traffic classifiers and traffic behaviors in traffic policies. Run the display traffic policy statistics interface interface-type interface-number [ .subinterface ] { inbound | outbound } [ verbose { classifier-based | rule-based} [ class class-name ] ] command to view traffic statistics of traffic policies that are configured on the interface.

l l l

----End

Example
If the configuration is successful: l l l l Running the display traffic behavior command, you can view the name of the configured traffic behavior and its actions. Running the display traffic classifier command, you can view the name of the configured traffic classifier and its matching rules, as well as the logic operator of the rules. Running the display traffic policy command, you can view the association between traffic classifiers and traffic behaviors in a traffic policy. Running the display traffic policy statistics command, you can view the traffic statistics of traffic policies that are configured on the interface.
<HUAWEI> display traffic policy statistics interface gigabitethernet 1/0/0 inbound Info: The statistics is shared because the policy is shared. Interface: GigabitEthernet1/0/0 Traffic policy inbound: policy1 Traffic policy applied at 2007-08-30 18:30:20 Statistics enabled at 2007-08-30 18:30:20 Statistics last cleared: Never Rule number: 7 IPv4, 1 IPv6 Current status: OK! Item Packets Bytes ------------------------------------------------------------------Matched 1000 100000 +--Passed N/A N/A +--Dropped N/A N/A Missed 500 50000 Last 30 seconds rate Item pps bps -------------------------------------------------------------------

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

69

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


Matched +--Passed +--Dropped Missed 1000 N/A N/A 500

4 Class-based QoS Configuration


100000 N/A N/A 50000

4.6 Configuring Priority Mappings for VLAN Packets


This section describes how to configure priority mappings for VLAN packets and the application environment of this function.

Context
Traffic policy based on simple traffic classification is used to map the precedence of traffic on one type of network to another type. That is, to transmit the traffic in the other network according to the original precedence. When the NE5000E serves as the border router for different networks, the original external priorities (802.1p values) in the VLAN packets that go into the NE5000E are all mapped to the internal priorities of the router represented by service classes of DiffServ and colors. When the NE5000E sends out the packet, the internal priority is mapped back to the external priority.
NOTE

If unified scheduling is required for all upstream traffic on an interface, you can run the qos default-serviceclass command to configure the upstream traffic on the interface to enter the specific queues and provide corresponding services. By default, the traffic enters the queues with the service class as BE. After this command is run, other packets cannot be enabled to enter the queues, and simple traffic classification cannot be enabled.

Pre-configuration Tasks
Before configuring traffic shaping, complete the following tasks: l l l l Configuring the physical parameters of interfaces Configuring the link layer attributes of interfaces to ensure their normal operation Configuring IP addresses for interfaces Enabling the routing protocol for communication between devices

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


diffserv domain { ds-domain-name | default }

A DS domain is defined and the DS domain view is displayed. Step 3 Define traffic policies on the router based on the actual situation. l To define a traffic policy for incoming VLAN traffic, run the 8021p-inbound 8021p-value phb service-class [ color ] command.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 70

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

l To define a traffic policy for outgoing VLAN traffic, run the 8021p-outbound serviceclass color map 8021p-value command. The default domain is predefined by the system for VLAN packets and can not be deleted. The default domain describes the default mappings from the 802.1p priorities of VLAN packets to QoS service classes and colors, or from QoS service classes and colors to the 802.1p priorities of VLAN packets. You can change the mappings in the default domain. The 802.1p priorities of the packets from an upstream device are mapped to QoS service classes and colors. Their mappings are shown in Table 4-6; the QoS service classes and colors of the packets entering a downstream device are mapped to 802.1p priorities. Their mappings are shown in Table 4-7. Table 4-6 Mappings from 802.1p priorities to QoS service classes and colors in the default domain 802.1p 0 1 2 3 Service BE AF1 AF2 AF3 Color Green Green Green Green 802.1p 4 5 6 7 Service AF4 EF CS6 CS7 Color Green Green Green Green

Table 4-7 Mappings from QoS service classes and colors to 802.1p priorities in the default domain Service BE AF1 AF2 AF3 AF4 EF CS6 CS7 Color Green Green, Yellow, Red Green, Yellow, Red Green, Yellow, Red Green, Yellow, Red Green Green Green 802.1p 0 1 2 3 4 5 6 7

Step 4 Run:
commit

The configuration is committed. Step 5 Run:


quit

Return to the system view.


Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 71

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

Step 6 Run:
interface gigabitethernet interface-number.subnumber

The sub-interface view is displayed. Step 7 Run:


trust upstream { ds-domain-name | default }

A DS domain is bount to the interface. Step 8 Run:


trust 8021p

Simple traffic classification based on 802.1p is enabled.


NOTE

l The trust 8021p command can be configured only on Ethernet sub-interfaces, including Eth-Trunk sub-interfaces. l Before configuring the trust 8021p command on an interface, run the trust upstream command to bind a DS domain to the interface. Otherwise, the trust 8021p command does not take effect. After you add an interface to a DS domain, the traffic policy configured for the DS domain is automatically applied to the incoming and outgoing traffic on the interface.

Step 9 Run:
commit

The configuration is committed. ----End

4.7 Configuring Priority Mappings for MPLS Packets


This section describes how to configure priority mappings for MPLS packets and the application environment of this function.

Context
Traffic policy based on simple traffic classification is used to map the precedence of traffic on one type of network to another type. That is, to transmit the traffic in the other network according to the original precedence. When the NE5000E serves as the border router for different networks, the original external priorities (EXP values) in the MPLS packets that go into the NE5000E are all mapped to the internal priorities of the router represented by service classes of DiffServ and colors. When the NE5000E sends out the packet, the internal priority is mapped back to the external priority. Generally, the priority mappings of MPLS packets are configured on the core device of the network.

Pre-configuration Tasks
Before configuring traffic shaping, complete the following tasks: l l
Issue 01 (2012-06-30)

Configuring the physical parameters of interfaces Configuring the link layer attributes of interfaces to ensure their normal operation
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 72

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

l l

Configuring IP addresses for interfaces Enabling the routing protocol for communication between devices

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


diffserv domain { ds-domain-name | default }

A DS domain is defined and the DS domain view is displayed. Step 3 Define traffic policies on the router based on the actual situation. l To define a traffic policy for incoming MPLS traffic, run the mpls-exp-inbound exp phb service-class [ color ] command. l To define a traffic policy for outgoing MPLS traffic, run the mpls-exp-outbound serviceclass color map exp-value command. The system predefines a default domain. If you do not configure priority mappings in Step 3 for the DS domain, the system uses the default mappings. The default domain describes the default mappings from the EXP values of MPLS packets to QoS service classes and colors, or from QoS service classes and colors to the EXP values of MPLS packets. You can change the mappings in the default domain. The EXP values of the packets from an upstream device are mapped to QoS service classes and colors. Their mappings are shown in Table 4-8. The QoS service classes and colors of the packets entering a downstream device are mapped to EXP values. Their mappings are shown in Table 4-9. The default mappings between the EXP values of MPLS packets and QoS service classes are shown in Table 4-8. Table 4-8 Default mappings between the EXP values the QoS service classes EXP 0 1 2 3 Service BE AF1 AF2 AF3 Color Green Green Green Green EXP 4 5 6 7 Service AF4 EF CS6 CS7 Color Green Green Green Green

The default mappings between the EXP values of MPLS packets and QoS service classes are shown in Table 4-9. Table 4-9 The default mappings between the EXP valueS and QoS service classes Service BE
Issue 01 (2012-06-30)

Color Green
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

MPLS EXP 0
73

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

Service AF1 AF2 AF3 AF4 EF CS6 CS7

Color Green, Yellow, Red Green, Yellow, Red Green, Yellow, Red Green, Yellow, Red Green Green Green

MPLS EXP 1 2 3 4 5 6 7

Step 4 Run:
commit

The configuration is committed. Step 5 Run:


quit

Return to the system view. Step 6 Run:


interface interface-type interface-number

The interface view is displayed. Step 7 Run:


trust upstream { ds-domain-name | default }

The DS domain is bound to the interface, and simple traffic classification is enabled on the interface. Step 8 Run:
commit

The configuration is committed. ----End

4.8 Maintaining Class-based QoS Configuration


This section describes how to clear statistics of traffic policies.

4.8.1 Clearing Statistics of a Traffic Policy


This section describes the command for clearing statistics of a traffic policy.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

74

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

Context

CAUTION
Once deleted, statistics cannot be restored. Therefore, use caution when deleting statistics.

Procedure
Step 1 To clear the statistics of a traffic policy on an interface, run the reset traffic policy statistics interface interface-typeinterface-number [.sub-interface ] { inbound | outbound } command in the user view. ----End

4.9 Configuration Example


This section provides typical examples for configuring class-based QoS.

4.9.1 Example for Configuring a Traffic Policy Based on Complex Traffic Classification
This part describes the configuration and application of traffic classifiers and traffic behaviors in the context of traffic policy based on complex traffic classification.

Networking Requirements

CAUTION
On a single NE5000E, an interface is numbered in the format of slot number/card number/ interface number. In the multi-chassis scenario, an interface is numbered in the format of chassis ID/slot number/card number/interface number. This requires the chassis ID to be specified along with the slot number. As shown in Figure 4-3, PE1, P, and PE2 are routers on an MPLS backbone network. CE1 and CE2 are access routers on the edge of the backbone network. Three users from the local network access the Internet through CE1. l l l l On CE1, the CIR of the traffic of the user from the network segment 1.1.1.0 is limited to 10 Mbit/s and the CBS is limited to 150000 bytes. On CE1, the CIR of the traffic of the user from the network segment 2.1.1.0 is limited to 5 Mbit/s and the CBS is limited to 100000 bytes. On CE1, the CIR of the traffic of the user from the network segment 3.1.1.0 is limited to 2 Mbit/s and the CBS is limited to 100000 bytes. On CE1, the DSCP values of the service packets from the three network segments are remarked to 40, 26, and 0.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 75

Issue 01 (2012-06-30)

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

l l

PE1 accesses the MPLS backbone network at the CIR of 15 Mbit/s, the CBS of 300000 bytes, the PIR of 20 Mbit/s, and the PBS of 500000 bytes. On CE1, the CIR, CBS, and PIR of the UDP protocol packets (except DNS, SNMP, SNMP Trap, and Syslog packets) are respectively limited to 5 Mbit/s, 100000 bytes, and 15 Mbit/ s.

Figure 4-3 Diagram for configuring a traffic policy based on complex traffic classification

Loopback0 11.11.11.11/32

Loopback0 33.33.33.33/32

Loopback0 22.22.22.22/32

PE1 GE1/0/0 10.1.1.2/24 CE1 GE1/0/0

POS2/0/0 100.1.1.1/24 POS1/0/0 100.1.1.2/24 GE2/0/0 10.1.1.1/24 GE4/0/0 GE3/0/0

POS2/0/0 110.1.1.1/24 P POS2/0/0 110.1.1.2/24

PE2 GE1/0/0 20.1.1.2/24 GE2/0/0 20.1.1.1/24 CE2

1.1.1.0

3.1.1.0

2.1.1.0

Configuration Notes
When configuring traffic policies based on complex traffic classification, pay attention to the following: l If both the if-match any and deny parameters are configured in the complex traffic classification rules on an interface, all packets, including protocol packets, are discarded by the interface. Therefore, use caution when configuring both the if-match any and deny parameters in a traffic classification rule. If the permit or deny parameter is configured in both the rule command and the traffic behavior view, only packets that are permitted are further processed according to the configured traffic behavior. If the deny action is configured in either the rule command or the traffic behavior view, all matched packets are discarded.

Configuration Roadmap
The configuration roadmap is as follows:
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 76

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

1. 2. 3. 4. 5.

Define ACL rules. Configure traffic classifiers. Configure traffic behaviors. Configure traffic policies. Apply the traffic policies to interfaces.

Data Preparation
To complete the configuration, you need the following data: l l l ACL numbers 2001, 2002, 2003, 3001, and 3002 Re-marked DSCP values 40, 26, and 0 for the packets from the three network segments CIRs of the traffic from users belonging to the three network segments, which are respectively 10 Mbit/s, 5 Mbit/s, and 2 Mbit/s, with their respective CBSs being 150000 bytes, 100000 bytes, and 100000 bytes CIR of the UDP protocol packets (except DNS, SNMP, SNMP Trap, and Syslog packets) on CE1, which is 5 Mbit/s, the CBS, which is 100000 bytes, and the PIR, which is 15 Mbit/ s CIR of PE1, which is 15 Mbit/s; the CBS, which is 300000 bytes; the PIR, which is 20 Mbit/s; and the PBS, which is 500000 bytes. Traffic classifier name, traffic behavior name, traffic policy name, and the interface number where the traffic policy is applied

l l

Procedure
Step 1 Configure the IP addresses for the interfaces, routes, and basic MPLS functions (detail omitted here). Step 2 Configure complex traffic classification on CE1 to control the traffic that accesses CE1 from the three local networks. # Define ACL rules.
<CE1> system-view [~CE1] acl number 2001 [~CE1-acl-basic-2001] rule permit source 1.1.1.0 0.0.0.255 [~CE1-acl-basic-2001] commit [~CE1-acl-basic-2001] quit [~CE1] acl number 2002 [~CE1-acl-basic-2002] rule permit source 2.1.1.0 0.0.0.255 [~CE1-acl-basic-2002] commit [~CE1-acl-basic-2002] quit [~CE1] acl number 2003 [~CE1-acl-basic-2003] rule permit source 3.1.1.0 0.0.0.255 [~CE1-acl-basic-2003] commit [~CE1-acl-basic-2003] quit [~CE1] acl number 3001 [~CE1-acl-basic-3001] rule 0 permit udp destination-port eq [~CE1-acl-basic-3001] rule 1 permit udp destination-port eq [~CE1-acl-basic-3001] rule 2 permit udp destination-port eq [~CE1-acl-basic-3001] rule 3 permit udp destination-port eq [~CE1-acl-basic-3001] commit [~CE1-acl-basic-3001] quit [~CE1] acl number 3002 [~CE1-acl-basic-3002] rule 4 permit udp [~CE1-acl-basic-3002] commit [~CE1-acl-basic-3002] quit

dns snmp snmptrap syslog

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

77

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

# Configure traffic classifiers and define ACL-based matching rules.


[~CE1] traffic classifier a [~CE1-classifier-a] if-match acl 2001 [~CE1-classifier-a] commit [~CE1-classifier-a] quit [~CE1] traffic classifier b [~CE1-classifier-b] if-match acl 2002 [~CE1-classifier-b] commit [~CE1-classifier-b] quit [~CE1] traffic classifier c [~CE1-classifier-c] if-match acl 2003 [~CE1-classifier-c] commit [~CE1-classifier-c] quit [~CE1]traffic classifier udplimit [~CE1-classifier-udplimit] if-match acl 3001 [~CE1-classifier-udplimit] commit [~CE1-classifier-udplimit] quit [~CE1] traffic classifier udplimit1 [~CE1-classifier-udplimit1] if-match acl 3002 [~CE1-classifier-udplimit1] commit [~CE1-classifier-udplimit1] quit

After the configuration is complete, run the display traffic classifier command to view the configuration of the traffic classifiers.
[~CE1] display traffic classifier user-defined User Defined Classifier Information: Classifier: a Description: Operator: or Rule(s): if-match acl 2001 Classifier: b Description: Operator: or Rule(s): if-match acl 2002 Classifier: c Description: Operator: or Rule(s): if-match acl 2003 Classifier: udplimit Description: Operator: or Rule(s) : if-match acl 3001 Classifier: udplimit1 Description: Operator: or Rule(s) : if-match acl 3002

# Define traffic behaviors, and configure traffic policing and DSCP values to be re-marked.
[~CE1] traffic behavior e [~CE1-behavior-e] car cir 10000 cbs 150000 pbs 0 [~CE1-behavior-e] remark dscp 40 [~CE1-behavior-e] commit [~CE1-behavior-e] quit [~CE1] traffic behavior f [~CE1-behavior-f] car cir 5000 cbs 100000 pbs 0 [~CE1-behavior-f] remark dscp 26 [~CE1-behavior-f] commit [~CE1-behavior-f] quit [~CE1] traffic behavior g [~CE1-behavior-g] car cir 2000 cbs 100000 pbs 0 [~CE1-behavior-g] remark dscp 0 [~CE1-behavior-g] commit

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

78

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

[~CE1-behavior-g] quit [~CE1] traffic behavior udplimit [~CE1-behavior-udplimit] permit [~CE1-behavior-udplimit] commit [~CE1-behavior-udplimit] quit [~CE1] traffic behavior udplimit1 [~CE1-behavior-udplimit1] car cir 15000 pir 20000 cbs 300000 pbs 500000 green pass yellow pass red discard [~CE1-behavior-udplimit1] commit [~CE1-behavior-udplimit1] quit

# Define traffic policies and associate traffic classifiers and traffic behaviors.
[~CE1] traffic policy 1 [~CE1-trafficpolicy-1] classifier a behavior e [~CE1-trafficpolicy-1] commit [~CE1-trafficpolicy-1] quit [~CE1] traffic policy 2 [~CE1-trafficpolicy-2] classifier b behavior f [~CE1-trafficpolicy-2] commit [~CE1-trafficpolicy-2] quit [~CE1] traffic policy 3 [~CE1-trafficpolicy-3] classifier c behavior g [~CE1-trafficpolicy-3] commit [~CE1-trafficpolicy-3] quit [~CE1] traffic policy udplimit [~CE1-trafficpolicy-udplimit] classifier udplimit behavior udplimit [~CE1-trafficpolicy-udplimit] classifier udplimit1 behavior udplimit1 [~CE1-trafficpolicy-3] commit [~CE1-trafficpolicy-3] quit

After the preceding configuration, run the display traffic policy command to view the configuration of the traffic policies, traffic classifiers defined in the traffic policies, and the traffic behaviors associated with traffic classifiers.
[~CE1] display traffic policy user-defined User Defined Traffic Policy Information: Policy: 1 Description: Step: 5 Share-mode Classifier: a Precedence: 5 Behavior: e Committed Access Rate: CIR 10000 (Kbps), PIR 0 (Kbps), CBS 15000 (byte), PBS 0 (byte) Conform Action: pass Yellow Action: pass Exceed Action: discard Marking: Remark DSCP cs5 Classifier: default-class Precedence: 65535 Behavior: be -nonePolicy: 2 Description: Step: 5 Share-mode Classifier: b Precedence: 5 Behavior: f Committed Access Rate: CIR 5000 (Kbps), PIR 0 (Kbps), CBS 100000 (byte), PBS 0 (byte) Conform Action: pass Yellow Action: pass Exceed Action: discard Marking: Remark DSCP af31 Classifier: default-class Precedence: 65535 Behavior: be -nonePolicy: 3 Description:

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

79

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


Step: 5 Share-mode Classifier: c Precedence: 5 Behavior: g Committed Access Rate: CIR 2000 (Kbps), PIR 0 (Kbps), CBS Conform Action: pass Yellow Action: pass Exceed Action: discard Marking: Remark DSCP default Classifier: default-class Precedence: Behavior: be -nonePolicy: udplimit Description: Step: 5 Share-mode Classifier: udplimit Precedence: 5 Behavior: udplimit -noneClassifier: udplimit1 Precedence: 10 Behavior: udplimit1 Committed Access Rate: CIR 15000 (Kbps), PIR 20000 (Kbps), Conform Action: pass Yellow Action: pass Exceed Action: discard Classifier: default-class Precedence: Behavior: be -none-

4 Class-based QoS Configuration

100000 (byte), PBS 0 (byte)

65535

CBS 300000 (byte), PBS 500000 (byte)

65535

# Apply the traffic policies to the inbound interfaces.


[~CE1] interface gigabitethernet 1/0/0 [~CE1-GigabitEthernet1/0/0] undo shutdown [~CE1-GigabitEthernet1/0/0] traffic-policy [~CE1-GigabitEthernet1/0/0] commit [~CE1-GigabitEthernet1/0/0] quit [~CE1] interface gigabitethernet 3/0/0 [~CE1-GigabitEthernet3/0/0] undo shutdown [~CE1-GigabitEthernet3/0/0] traffic-policy [~CE1-GigabitEthernet3/0/0] commit [~CE1-GigabitEthernet3/0/0] quit [~CE1] interface gigabitethernet 4/0/0 [~CE1-GigabitEthernet4/0/0] undo shutdown [~CE1-GigabitEthernet4/0/0] traffic-policy [~CE1-GigabitEthernet4/0/0] commit [~CE1-GigabitEthernet4/0/0] quit [~CE1] interface gigabitethernet 2/0/0 [~CE1-GigabitEthernet2/0/0] undo shutdown [~CE1-GigabitEthernet2/0/0] traffic-policy [~CE1-GigabitEthernet2/0/0] commit [~CE1-GigabitEthernet2/0/0] quit

1 inbound

2 inbound

3 inbound

udplimit outbound

Step 3 Configure complex traffic classification on PE1 to control the traffic that goes to the MPLS backbone network. # Configure a traffic classifier and define the matching rule.
<PE1> system-view [~PE1] traffic classifier pe [~PE1-classifier-pe] if-match any [~PE1-classifier-pe] commit [~PE1-classifier-pe] quit

After the preceding configuration, you can run the display traffic classifier command to view the configuration of the traffic classifier.
[~PE1] display traffic classifier user-defined User Defined Classifier Information:

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

80

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


Classifier: pe Description: Operator: OR Rule(s): if-match any

4 Class-based QoS Configuration

# Define a traffic behavior and configure traffic policing.


[~PE1] traffic behavior pe [~PE1-behavior-pe] car cir 15000 pir 20000 cbs 300000 pbs 500000 [~PE1-behavior-pe] commit [~PE1-behavior-pe] quit

# Define a traffic policy to associate the traffic classifier with the traffic behavior.
[~PE1] traffic policy pe [~PE1-trafficpolicy-pe] classifier pe behavior pe [~PE1-trafficpolicy-pe] commit [~PE1-trafficpolicy-pe] quit

After the preceding configuration, run the display traffic policy command to view the configuration of the traffic policies, traffic classifiers defined in the traffic policies, and the traffic behaviors associated with traffic classifiers.
[~PE1] display traffic policy user-defined User Defined Traffic Policy Information: Policy: pe Description: Step: 5 Share-mode Classifier: pe Precedence: 5 Behavior: pe Committed Access Rate: CIR 15000 (Kbps), PIR 20000 (Kbps), CBS 300000 (byte), PBS 500000 (byte) Conform Action: pass Yellow Action: pass Exceed Action: discard Classifier: default-class Precedence: 65535 Behavior: be -none-

# Apply the traffic policies to the incoming traffic.


[~PE1] interface gigabitethernet 1/0/0 [~PE1-GigabitEthernet1/0/0] undo shutdown [~PE1-GigabitEthernet1/0/0] traffic-policy pe inbound [~PE1-GigabitEthernet1/0/0] commit [~PE1-GigabitEthernet1/0/0] quit

Step 4 Verify the configuration. Run the display interface command on CE1 and PE1. You can view that the traffic on the interfaces are regulated according to the configured traffic policies. ----End

Configuration Files
l Configuration file of CE1
# sysname CE1 # acl number 2001 rule 5 permit source 1.1.1.0 0.0.0.255 acl number 2002 rule 5 permit source 2.1.1.0 0.0.0.255 acl number 2003 rule 5 permit source 3.1.1.0 0.0.0.255

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

81

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

acl number 3001 rule 0 permit udp destination-port eq dns rule 1 permit udp destination-port eq snmp rule 2 dpermit udp destination-port eq snmptrap rule 3 permit udp destination-port eq syslog acl number 3302 rule 4 permit udp # traffic classifier a operator or if-match acl 2001 traffic classifier c operator or if-match acl 2003 traffic classifier b operator or if-match acl 2002 traffic classifier udp-limit operator or if-match acl 3001 traffic classifier udp-limit1 operator or if-match acl 3002 # traffic behavior e car cir 10000 cbs 150000 pbs 0 green pass red discard remark dscp cs5 traffic behavior g car cir 2000 cbs 100000 pbs 0 green pass red discard remark dscp default traffic behavior f car cir 5000 cbs 100000 pbs 0 green pass red discard remark dscp af31 traffic behavior udp-limit traffic behavior udp-limit1 car cir 5000 cbs 100000 pbs 150000 green pass yellow discard red discard # traffic policy 3 classifier c behavior g precedence 5 traffic policy 2 classifier b behavior f precedence 5 traffic policy 1 classifier a behavior e precedence 5 traffic policy udp-limit classifier udp-limit behavior udp-limit precedence 5 classifier udp-limit1 behavior udp-limit1 precedence 10 # interface GigabitEthernet1/0/0 undo shutdown ip address 1.1.1.1 255.255.255.0 traffic-policy 1 inbound # interface GigabitEthernet2/0/0 undo shutdown ip address 10.1.1.1 255.255.255.0 traffic-policy udplimit outbound # interface GigabitEthernet3/0/0 undo shutdown ip address 2.1.1.1 255.255.255.0 traffic-policy 2 inbound # interface GigabitEthernet4/0/0 undo shutdown ip address 3.1.1.1 255.255.255.0 traffic-policy 3 inbound # ospf 1 area 0.0.0.0 network 1.1.1.0 0.0.0.255 network 2.1.1.0 0.0.0.255 network 3.1.1.0 0.0.0.255 network 10.1.1.0 0.0.0.255 #

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

82

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


return

4 Class-based QoS Configuration

Configuration file of PE1


# sysname PE1 # mpls lsr-id 11.11.11.11 mpls # mpls ldp # traffic classifier pe operator or if-match any # traffic behavior pe car cir 15000 pir 20000 cbs 300000 pbs 500000 green pass yellow pass red discard # traffic policy pe classifier pe behavior pe # interface GigabitEthernet1/0/0 undo shutdown ip address 10.1.1.2 255.255.255.0 traffic-policy pe inbound # interface Pos2/0/0 undo shutdown ip address 100.1.1.1 255.255.255.0 mpls mpls ldp # interface LoopBack0 ip address 11.11.11.11 255.255.255.255 # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 100.1.1.0 0.0.0.255 network 11.11.11.11 0.0.0.0 # return

Configuration file of P
# sysname P # mpls lsr-id 33.33.33.33 mpls # mpls ldp # interface Pos1/0/0 link-protocol ppp ip address 100.1.1.2 255.255.255.0 mpls mpls ldp # interface Pos2/0/0 link-protocol ppp ip address 110.1.1.1 255.255.255.0 mpls mpls ldp # interface LoopBack0 ip address 33.33.33.33 255.255.255.255 # ospf 1 area 0.0.0.0 network 100.1.1.0 0.0.0.255

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

83

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


network 110.1.1.0 0.0.0.255 network 33.33.33.33 0.0.0.0 # return

4 Class-based QoS Configuration

Configuration file of PE2


# sysname PE2 # mpls lsr-id 22.22.22.22 mpls # mpls ldp # interface GigabitEthernet1/0/0 undo shutdown ip address 20.1.1.2 255.255.255.0 # interface Pos2/0/0 undo shutdown ip address 110.1.1.1 255.255.255.0 mpls mpls ldp # interface LoopBack0 ip address 22.22.22.22 255.255.255.255 # ospf 10 area 0.0.0.0 network 110.1.1.0 0.0.0.255 network 20.1.1.0 0.0.0.255 network 22.22.22.22 0.0.0.0 # return

Configuration file of CE2


# sysname CE2 # interface GigabitEthernet2/0/0 undo shutdown ip address 20.1.1.1 255.255.255.0 # ospf 1 area 0.0.0.0 network 20.1.1.0 0.0.0.255 # return

4.9.2 Example for Configuring CTC-based Traffic Policies for VLAN Packets
This part is an example for configuring and applying priority mapping rules.

Networking Requirements

CAUTION
On a single NE5000E, an interface is numbered in the format of slot number/card number/ interface number. In the multi-chassis scenario, an interface is numbered in the format of chassis ID/slot number/card number/interface number. This requires the chassis ID to be specified along with the slot number.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 84

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

As shown in Figure 4-4, Router A and Router B connect to each other through a VLAN. When IP packets sent by Router A enter the VLAN, by default, the precedence of these IP packets is mapped to the 802.1p value. When these IP packets (carrying VLAN frame priority) leave the VLAN and arrive at Router B, the VLAN frame priority is mapped to the IP precedence according to the configuration on Router B. Then, these packets are forwarded according to their IP preference. Figure 4-4 Networking diagram for configuring VLAN QoS

GE 4/0/0.1 10.1.1.1/24 VLAN 10 VLAN Network RouterA

GE 2/0/0.1 10.1.1.2/24 VLAN 10

GE 3/0/0 11.1.1.1.24 11.1.1.0/24

RouterB

Configuration Notes
When configuring VLAN QoS, pay attention to the following: l The statistical function of traffic policies is disabled by default. To display the statistics about a traffic policy, you can enable statistics for the traffic policy by running the statistics enable command.

Configuration Roadmap
The configuration roadmap is as follows: 1. 2. Configure the VLAN and routes on Router A and Router B. Configure QoS policies on Router B.

Data Preparation
To complete the configuration, you need the following data: l l Names of traffic classification, traffic behaviors, and traffic policies Preferences for re-marking

Procedure
Step 1 Define a classifier to match packets whose 802.1p value is 2.
<HUAWEI> system-view [~HUAWEI] sysname routerB [~routerB] traffic classifier test [~routerB-classifier-test] if-match 8021p 2 [~routerB-classifier-test] commit [~routerB-classifier-test] quit

Step 2 Define a traffic behavior to re-mark the IP preference of packets as 4.


[~routerB] traffic behavior test [~routerB-behavior-test] remark ip-precedence 4 [~routerB-behavior-test] commit

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

85

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


[~routerB-behavior-test] quit

4 Class-based QoS Configuration

Step 3 Define a QoS policy to associate a configured traffic behavior with a specified traffic classifier.
[~routerB] traffic policy test [~routerB-trafficpolicy-test] classifier test behavior test [~routerB-trafficpolicy-test] commit [~routerB-trafficpolicy-test] quit

Step 4 Apply the QoS policy to the incoming traffic of GE 2/0/0.1 on Router B.
[~routerB] interface Gigabitethernet 2/0/0.1 [~routerB-Gigabitethernet2/0/0.1] traffic-policy test inbound link-layer [~routerB-Gigabitethernet2/0/0.1] commit [~routerB-Gigabitethernet2/0/0.1] quit

Step 5 Verify the configuration. After the preceding configurations, when packets whose IP preference is 2 are forwarded by GE 4/0/0.1 on Router A reach the VLAN, the IP preference 2 is mapped to the VLAN priority 2. After these VLAN frames reach Router B, Router B forwards these VLAN frames as IP packets with the IP preference of 4 to the network segment 11.1.1.0/24. ----End

Configuration File
Configuration file of Router B
# sysname routerB # traffic classifier test operator or if-match 8021p 2 # traffic behavior test remark ip-precedence 4 # traffic policy test classifier test behavior test precedence 5 # interface GigabitEthernet2/0/0.1 undo shutdown vlan-type dot1q 10 traffic-policy test inbound link-layer

4.9.3 Example for Configuring Priority Mappings for VLAN Packets Traffic Based on Simple Traffic Classification
This part describes how to configure simple traffic classification in the context of priority mappings for VLAN packets.

Networking Requirements

CAUTION
On a single NE5000E, an interface is numbered in the format of slot number/card number/ interface number. In the multi-chassis scenario, an interface is numbered in the format of chassis ID/slot number/card number/interface number. This requires the chassis ID to be specified along with the slot number.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 86

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

As shown in Figure 4-5, Router A and Router B connect to each other through a VLAN. When IP packets from Router A enter the VLAN, the priorities of the IP packets are mapped to the priorities of VLAN frames according to the default mappings in the DS domain. When packets from the VLAN enter Router B, the priorities of the VLAN packets are mapped according to the priority mappings in the DS domain set on Router B. Figure 4-5 Networking diagram for configuring VLAN QoS

POS1/0/0

POS2/0/0 POS1/0/0

POS2/0/0

POS2/0/0

RouterA

POS1/0/0 RouterB RouterC

Configuration Notes
During the configuration, pay attention to the following: l The trust 8021p command can be configured only on Ethernet sub-interfaces, including Eth-Trunk sub-interfaces. Before configuring the trust 8021p command on an interface, run the trust upstream command to bind a DS domain to the interface. Otherwise, the trust 8021p command does not take effect.

Configuration Roadmap
The configuration roadmap is as follows: 1. 2. 3. Configure the VLAN and routes on Router A andRouter B. Configure the inbound interface of Router A to trust the priorities of packets from an upstream device. Configure priority mappings based on simple traffic classification on the inbound interface of Router B.

Data Preparation
To complete the configuration, you need the following data: l l VLAN ID 802.1p priorities, the internal service classes and colors of the packets on the router, and the DSCP values of IP packets to be mapped

Procedure
Step 1 Configure IP addresses for interfaces (detail omitted here). Step 2 Configure the VLAN on Router A and Router B. # Configure a sub-interface GE 4/0/0.1 for VLAN communication.
[~routerA] interface gigabitethernet 4/0/0.1 [~routerA-GigabitEthernet4/0/0.1] vlan-type dot1q 10 [~routerA-GigabitEthernet4/0/0.1] commit [~routerA-GigabitEthernet4/0/0.1] return

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

87

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

# Configure a sub-interface GE 2/0/0.1 for VLAN communication.


<routerB> system-view [~routerB] interface gigabitethernet 2/0/0.1 [~routerB-GigabitEthernet2/0/0.1] vlan-type dot1q 10 [~routerB-GigabitEthernet2/0/0.1] commit [~routerB-GigabitEthernet2/0/0.1] return

Step 3 Configure a dynamic routing protocol on Router A and Router B. Take Open Shortest Path First (OSPF) as an example. # Configure Router A.
<routerA> system-view [~routerA] ospf 1 [~routerA-ospf-1] area 0.0.0.0 [~routerA-ospf-1-area-0.0.0.0] [~routerA-ospf-1-area-0.0.0.0] [~routerA-ospf-1-area-0.0.0.0] [~routerA-ospf-1-area-0.0.0.0]

network 20.1.1.0 0.0.0.255 network 10.1.1.0 0.0.0.255 commit return

# Configure Router B.
<routerB> system-view [~routerB] ospf 1 [~routerB-ospf-1] area 0.0.0.0 [~routerB-ospf-1-area-0.0.0.0] [~routerB-ospf-1-area-0.0.0.0] [~routerB-ospf-1-area-0.0.0.0] [~routerB-ospf-1-area-0.0.0.0]

network 10.1.1.0 0.0.0.255 network 11.1.1.0 0.0.0.255 commit return

Step 4 Enable simple traffic classification on the inbound interface GE 1/0/0 of Router A to map the priorities of IP packets to the priorities of VLAN frames according to the default mappings.
<routerA> system-view [~routerA] interface gigabitethernet 1/0/0 [~routerA-GigabitEthernet1/0/0] undo shutdown [~routerA-GigabitEthernet1/0/0] trust upstream default [~routerA-GigabitEthernet1/0/0] commit [~routerA-GigabitEthernet1/0/0] quit [~routerA] interface gigabitethernet 4/0/0.1 [~routerA-GigabitEthernet4/0/0.1] trust upstream default [~routerA-GigabitEthernet4/0/0.1] trust 8021p [~routerA-GigabitEthernet4/0/0.1] commit [~routerA-GigabitEthernet4/0/0.1] return

After the configuration is complete, the DSCP values of the IP packets that are sent from an upstream device are mapped on Router A to the 802.1p priorities of VLAN frames according to the default mappings. Step 5 On GE 2/0/0.1 of routerB, configure the mapping from the 802.1p priority to IP DSCP field.
<routerB> system-view [~routerB] diffserv domain default [~routerB-dsdomain-default] 8021p-inbound 2 phb ef green [~routerB-dsdomain-default] ip-dscp-outbound ef green map 34 [~routerB-dsdomain-default] commit [~routerB-dsdomain-default] quit [~routerB] interface gigabitethernet 2/0/0.1 [~routerB-GigabitEthernet2/0/0.1] trust upstream default [~routerB-GigabitEthernet2/0/0.1] trust 8021p [~routerB-GigabitEthernet2/0/0.1] commit [~routerB-GigabitEthernet2/0/0.1] return

After the configuration is complete, the VLAN frames with the 802.1p priority being 2 from an upstream device are converted on Router B to IP packets with the DSCP value being 34, the service classes being AF4, and the packet colors being green. On Router B, the other 802.1p
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 88

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

priorities of VLAN frames are mapped to the corresponding DSCP values of IP packets according to the default mappings. Step 6 Verify the configuration. Run the display qos queue interface gigabitethernet 3/0/0 command on Router B. The statistics about AF2 packets are not displayed because the mapping from the 802.1p priority of 2 to the IP service priority of EF is configured on the inbound interface.
<routerB> display qos queue interface gigabitethernet 3/0/0 The interface :GigabitEthernet3/0/0 [be] Pass: 18,466,135 packets, 1,735,817,160 bytes Discard: 0 packets, 0 bytes Last 30 seconds pass rate: 33,599 pps, 3,158,306 bps Last 30 seconds discard rate: 0 pps, 0 bps [af1] Pass: 670,712 packets, 63,046,928 bytes Discard: 0 packets, 0 bytes Last 30 seconds pass rate: 33,600 pps, 3,158,400 bps Last 30 seconds discard rate: 0 pps, 0 bps [af2] Pass: 58 packets, 5,684 bytes Discard: 24,478,662 packets, 1,860,378,312 bytes Last 30 seconds pass rate: 0 pps, 0 bps Last 30 seconds discard rate: 0 pps, 0 bps [af3] Pass: 58 packets, 684 bytes Discard: 478,662 packets, 186,037,312 bytes Last 30 seconds pass rate: 0 pps, 0 bps Last 30 seconds discard rate: 0 pps, 0 bps [af4] Pass: 670,709 packets, 63,046,646 bytes Discard: 0 packets, 0 bytes Last 30 seconds pass rate: 33,598 pps, 3,158,212 bps Last 30 seconds discard rate: 0 pps, 0 bps [ef] Pass: 670,712 packets, 63,046,928 bytes Discard: 353,802 packets, 406,888,952 bytes Last 30 seconds pass rate: 33,600 pps, 3,158,400 bps Last 30 seconds discard rate: 0 pps, 0 bps [cs6] Pass: 147 packets, 12,667 bytes Discard: 0 packets, 0 bytes Last 30 seconds pass rate: 33,599 pps, 3,258,306 bps Last 30 seconds discard rate: 0 pps, 0 bps [cs7] Pass: 670,708 packets, 63,046,458 bytes Discard: 0 packets, 0 bytes Last 30 seconds pass rate: 33,599 pps, 3,258,306 bps Last 30 seconds discard rate: 0 pps, 0 bps

----End
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 89

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

Configuration Files
l Configuration file of Router A
# sysname routerA # interface GigabitEthernet 1/0/0 undo shutdown ip address 20.1.1.1 255.255.255.0 trust upstream default # interface GigabitEthernet4/0/0.1 vlan-type dot1q 10 ip address 10.1.1.1 255.255.255.0 trust upstream default trust 8021p # ospf 1 area 0.0.0.0 network 20.1.1.0 0.0.0.255 network 10.1.1.0 0.0.0.255 # return

Configuration file of Router B


# sysname routerB # diffserv domain default 8021p-inbound 2 phb ef green ip-dscp-outbound ef green map 34 # interface GigabitEthernet2/0/0.1 vlan-type dot1q 10 ip address 10.1.1.2 255.255.255.0 trust upstream default trust 8021p # interface GigabitEthernet 3/0/0 undo shutdown ip address 11.1.1.1 255.255.255.0 trust upstream default # ospf 1 area 0.0.0.0 network 11.1.1.0 0.0.0.255 network 10.1.1.0 0.0.0.255 # return

4.9.4 Example for Configuring Priority Mappings Based on Simple Traffic Classification (MPLS)
This part describes how to configure simple traffic classification in the context of priority mappings for MPLS packets.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

90

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

Networking Requirements

CAUTION
On a single NE5000E, an interface is numbered in the format of slot number/card number/ interface number. In the multi-chassis scenario, an interface is numbered in the format of chassis ID/slot number/card number/interface number. This requires the chassis ID to be specified along with the slot number. MPLS neighbor relationships are established between Router A, Router B, and Router C. When IP packets reach Router A, Router A adds MPLS header to these IP packets before transmitting them to Router C. When these MPLS packets reach Router C, Router C removes their MPLS headers and forwards them as IP packets. In this manner, the DSCP value of the IP traffic can be changed to the EXP value of MPLS traffic on Router A, and the EXP value of MPLS traffic can be changed to the DSCP value of the IP traffic on Router C. Figure 4-6 Networking diagram

GE 1/0/0 20.1.1.1/24

GE 4/0/0.1 10.1.1.1/24 VLAN 10

VLAN network

GE 2/0/0.1 10.1.1.2/24 VLAN 10

GE 3/0/0 11.1.1.1/24

RouterA

RouterB

11.1.1.0/24

NOTE

l In this configuration example, it is assumed that the three routers have been configured so that Router A forwards IP traffic as MPLS traffic to Router C, and Router forwards MPLS traffic as IP traffic. l This example lists only the commands related to QoS.

Configuration Notes
During the configuration, pay attention to the following: None

Configuration Roadmap
The configuration roadmap is as follows: 1. 2. On the inbound interface POS 1/0/0 of Router A, configure the mapping from the IP DSCP field to the MPLS EXP field and enable simple traffic classification. On the inbound interface POS 1/0/0 of Router C, configure the mapping from the MPLS EXP field to the IP DSCP field and enable simple traffic classification.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 91

Issue 01 (2012-06-30)

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

Data Preparation
To complete the configuration, you need the following data: MPLS EXP values, the internal service classes and colors of the packets on the router, and the DSCP values of IP packets to be mapped

Procedure
Step 1 Configure basic MPLS functions and routes (detail omitted here). For detailed configuration, refer to the Chapter "Basic MPLS Configuration" in the HUAWEI NetEngine5000E Core Router Configuration Guide - MPLS. Step 2 Configure the mapping between DSCP field and EXP field at POS1/0/0 on Router A.
<routerA> system-view [~routerA] diffserv domain default [~routerA-dsdomain-default] ip-dscp-inbound 18 phb af4 green [~routerA-dsdomain-default] mpls-exp-outbound af4 green map 5 [~routerA-dsdomain-default] commit [~routerA-dsdomain-default] quit [~routerA] interface pos 1/0/0 [~routerA-Pos1/0/0] undo shutdown [~routerA-Pos1/0/0] trust upstream default [~routerA-Pos1/0/0] commit [~routerA-Pos1/0/0] quit [~routerA] interface pos 2/0/0 [~routerA-Pos2/0/0] undo shutdown [~routerA-Pos2/0/0] trust upstream default [~routerA-Pos2/0/0] commit [~routerA-Pos2/0/0] quit

In the preceding configuration, AF2 green packets (DSCP value being 18) are mapped to the internal service level of AF4 of the router on the inbound interface of Router A. On the outbound interface, the internal service level of AF4 of the router is mapped to the EF service level (MPLS priority 5) of the MPLS service. In this manner, the traffic that enters Router A leaves as EF traffic. Step 3 Configure the mapping from the MPLS EXP field to the IP DSCP field on POS 1/0/0 of Router C.
<routerC> system-view [~routerC] diffserv domain default [~routerC-dsdomain-default] mpls-exp-inbound 5 phb af3 green [~routerC-dsdomain-default] ip-dscp-outbound af3 green map 32 [~routerC-dsdomain-default] commit [~routerC-dsdomain-default] quit [~routerC] interface pos 1/0/0 [~routerC-Pos1/0/0] undo shutdown [~routerC-Pos1/0/0] trust upstream default [~routerC-Pos1/0/0] commit [~routerC-Pos1/0/0] quit [~routerC] interface pos 2/0/0 [~routerC-Pos2/0/0] undo shutdown [~routerC-Pos2/0/0] trust upstream default [~routerC-Pos2/0/0] commit [~routerC-Pos2/0/0] quit

In the preceding configuration, the MPLS priority 5 is mapped to the internal service level of AF3 (green packets) of the router on the inbound interface of Router C. On the outbound interface, the internal service level of AF3 (green packets) of the router is mapped to the DSCP value of 32. In this manner, the traffic that enters Router C leaves as AF4 traffic. Step 4 Verify the configuration.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 92

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

4 Class-based QoS Configuration

After the preceding configurations, if traffic is sent from POS 1/0/0 on Router A at 100 Mbit/s with the DSCP value being 18, Router C forwards the traffic at 100 Mbit/s with the DSCP value being 32. ----End

Configuration Files
l Configuration file of Router A
# sysname routerA # diffserv domain default ip-dscp-inbound 18 phb af4 green mpls-exp-outbound af4 green map 5 # interface Pos1/0/0 undo shutdown ip address 2.2.2.1 255.255.255.0 trust upstream default # interface Pos2/0/0 undo shutdown ip address 3.3.3.1 255.255.255.0 trust upstream default # return

Configuration file of Router C


# sysname routerC # diffserv domain default ip-dscp-outbound af3 green map 32 mpls-exp-inbound 5 phb af3 green # interface Pos1/0/0 undo shutdown ip address 4.4.4.1 255.255.255.0 trust upstream default # interface Pos2/0/0 undo shutdown ip address 5.5.5.1 255.255.255.0 trust upstream default # return

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

93

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

5
About This Chapter

QPPB Configuration

This chapter describes the basic principle and configuration procedures of QPPB, and provides configuration examples for QPPB. 5.1 QPPB Overview QPPB enables a BGP route sender to classify routes by setting BGP attributes. 5.2 QPPB Supported by the NE5000E QPPB configuration on the NE5000E involves destination-based QPPB and source-based QPPB. 5.3 Configuring Source-Based QPPB Source-based QPPB differentiates routes from different sources and associates differentiated QoS policies with them. 5.4 Configuring Destination-Based QPPB Destination-based QPPB differentiates routes to different destinations and associates differentiated QoS policies with them. 5.5 Maintaining QPPB This section describes how to clear statistics about a QPPB local policy. 5.6 Configuration Examples This section provides examples for configuring QPPB, including the application scenario and configuration commands.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

94

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

5.1 QPPB Overview


QPPB enables a BGP route sender to classify routes by setting BGP attributes. On a large and complex network, a large number of complex traffic classification operations are required, and routes cannot be classified based on the community attribute, ACL, IP prefix, or AS_Path. When a network topology keeps changing, configuring or changing routing policies is difficult or even impossible to implement. Therefore, the QoS Policy Propagation Through the Border Gateway Protocol (QPPB) is introduced to reduce configuration workload by configuring or changing routing policies only on a BGP route sender. After QPPB is deployed, a BGP route sender can classify routes and set attributes for BGP routes; a BGP route receiver accordingly applies different QoS policies to different types of BGP routes based on the set attributes. QPPB is implemented as follows: l Before sending BGP routes, a route sender sets a specific attribute, such as the AS_Path, community attribute, or extended community attribute, for BGP routes. These attributes are used to identify BGP routes. After receiving the BGP routes, a route receiver performs the following operations: 1. 2. Maps each received BGP route to a QoS local ID or an IP preference based on the AS_Path, community attribute, or extended community attribute. Performs different traffic behaviors for packets transmitted along the routes according to their mapped QoS local IDs. A route receiver can define traffic behaviors for the packets transmitted along the routes based on the following attributes: ACL AS-Path list Community attribute list Route cost IP prefix list 3. 4. Creates a QPPB local policy and define the mappings between BGP routes and QoS policies in it. Applies the QPPB local policy to an interface.

5.2 QPPB Supported by the NE5000E


QPPB configuration on the NE5000E involves destination-based QPPB and source-based QPPB. QPPB allows you to classify routes and set attributes for the classified routes on a route sender and configure QoS policies based on the route attributes on a route receiver. You can flexibly deploy destination-based or source-based QPPB.

Source-Based QPPB Local Policies


Traffic behaviors defined in a source-based QPPB local policy are applied to traffic transmitted along the route whose source address meets the matching rule. A source-based QPPB local policy
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 95

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

is applicable to the scenario where different traffic policies are required for traffic sent from different provider networks. You can view the statistics about the traffic that meets the matching rule. The keyword source indicates that traffic policies are applied to traffic along the route whose source address meets the matching rule; the keyword destination indicates that traffic policies are applied to traffic along the route whose destination address meets the matching rule.

Destination-Based QPPB Local Policies


Traffic behaviors defined in a destination-based QPPB local policy are applied to traffic transmitted along the route whose destination address meets the matching rule. A destinationbased QPPB local policy is applicable to the scenario where different traffic policies are required for traffic sent to different providers. You can view the statistics about the traffic that meets the matching rule.

QPPB Applications
l QPPB application on an IPv4 network

Figure 5-1 QPPB application on an IPv4 network

ISP1 RouterA RouterB

ISP2

As shown in Figure 5-1, Router B advertises a BGP route with community attribute 100:1 to Router A. After receiving this route, Router A performs the following operations: 1. 2. 3. 4. Matches routes with community attribute 100:1 defined in the routing policy, sets QoS local ID 1 for the matched BGP route, and delivers QoS local ID 1 to the FIB table. Configures a QoS policy and applies QoS behaviors to the traffic along the route that matches QoS local ID 1. Creates a QPPB local policy and defines the mappings between BGP routes and QoS policies in it. Applies the QPPB local policy to the inbound interface.

Router A checks the destination IP address of the packet destined for Router B and obtains mapped QoS local ID 1 from the FIB table. Then, Router A applies the QoS policy to the packet on the inbound interface and processes the packet by using relevant QoS behaviors. l QPPB application on an L3VPN

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

96

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

Figure 5-2 QPPB application on an L3VPN

VPN1 Site1 ISP Network P CE Site1 PE1 P PE2

VPN1 Site2

CE Site2

CE VPN2

P
VPN1 remote connection VPN2 remote connection

CE VPN2

Figure 5-2 shows the QPPB application on an L3VPN. PE1 connects to multiple VPNs. PE1 can set route attributes, such as community attribute, for a specified VPN instance or all VPN instances on itself before advertising any route. After receiving routes, PE2 defines the mappings between routes and QoS parameters in the FIB table so that corresponding QoS policies can be applied to the traffic from CEs. In this manner, different VPNs are guaranteed with different qualities of services. 1. 2. When advertising routes to PE2, PE1 sets community attribute 100:1 for the routes of VPN1. After receiving the advertised routes, PE2 matches the routes with community attribute 100:1 defined in the routing policy, sets QoS local ID 1 for the matched BGP routes, and delivers QoS local ID 1 to the FIB table. QoS policies are configured on the PE2 interfaces directly connected to CEs to perform the CAR action on the traffic when QoS local ID 1 is matched. A QPPB local policy is created on PE2 and the mappings between BGP routes and QoS policies are defined in it. QPPB is enabled on the PE2 interfaces connected to CEs.

3. 4. 5.

When receiving a packet from CE directly connected to PE2, PE2 checks the destination IP address of the packet and obtains mapped QoS local ID 1 from the FIB table. Then, PE2 applies the QoS policy to the packet on the inbound interface and processes the packet by using relevant QoS behaviors.

5.3 Configuring Source-Based QPPB


Source-based QPPB differentiates routes from different sources and associates differentiated QoS policies with them.

Applicable Environment
QPPB is applicable to both IBGP and EBGP and can be configured for one or more ASs.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 97

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

As shown in Figure 5-3, traffic is transmitted from provider B (AS 200) and provider C (AS 300) to provider D (AS 400) through provider A (AS 100). providers B and C function as BGP route senders and provider A functions as a BGP route receiver. Based on the traffic control policies signed between providers A, B, and C, provider A needs to implement the CAR action on the traffic sent from providers B and C. providers B and C advertise BGP routes carrying the community attribute to provider A. After receiving the BGP routes, provider A matches the routes with the community list, ACL list, or AS_Path list, and configures QoS policy IDs and QoS behaviors for the routes. Source-based QPPB is enabled on the provider A interface that allows traffic to pass through. Therefore, QPPB local policies are applied to all traffic that passes through provider A. Source-based QPPB is applicable to both incoming and outgoing traffic on a device. Figure 5-3 Networking diagram for source-based QPPB configuration

AS200

RouterB RouterA AS400 AS100 RouterD

AS300 RouterC

Pre-configuration Tasks
Before configuring source-based QPPB, complete the following tasks: l l l Configuring basic BGP functions Configuring local network routes advertised by BGP Configuring interfaces for setting up a BGP connection

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

98

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

Configuration Procedures
Figure 5-4 Flowchart for QPPB configuration
Configuring Routing Policies on a BGP Route Sender Configuring Routing Policies on a BGP Route Receiver Configuring Traffic Behaviors on a Route Receiver Configuring QPPB Local Policies Applying a QPPB Local Policy to an Interface Mandatory procedure Optional procedure

5.3.1 Configuring Routing Policies on a BGP Route Sender


This section describes how to configure routing policies on a BGP route sender.

Context
Do as follows on a BGP route sender:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


route-policy route-policy-name { permit |deny } node node-number

The node of a routing policy is created, and the view of the routing policy is displayed. Step 3 Run one of the following commands as required to configure a matching rule for the routing policy. l To match an ACL, run the if-match acl { acl-number | name acl-name } command.
NOTE

Only rules of ACLs 2000 to 2999 can be configured as matching rules in the routing policy.

l To match an AS_Path list, run the if-match as-path-filter as-path-filter &<1-16> command. l To match the community attribute list, run the if-match community-filter { basic-commfilter-num [ whole-match ] | adv-comm-filter-num }* &<1-16> or if-match communityfilter comm-filter-name [ whole-match ] command.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 99

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

l To match a route cost, run the if-match cost cost command. l To match an IP prefix list, run the if-match ip-prefix ip-prefix command. Step 4 Run one of the following commands as required to set route attributes. l To set an AS_Path attribute, run the apply as-path as-number &<1-10> [ additive ] command. l To set a community attribute, run the apply community { [ community-number | aa:nn ] &<1-32> | internet | no-advertise | no-export | no-export-subconfed } * [ additive ] command. l To set a route cost, run the apply cost { [ apply-type ] cost | inherit } command. You can set one BGP attribute, such as the AS_Path, community attribute, or extended community attribute, for the matched BGP routes as required. Step 5 Run:
quit

The system view is displayed. Step 6 Run:


bgp as-number

The BGP view is displayed. Step 7 Run:


peer { ip-address | group-name } route-policy route-policy-name export

The routing policy is applied to the routes that are to be advertised to the peer.
NOTE

Ensure that BGP peer relationships have been set up before the routing policy is applied.

Step 8 Run:
peer ip-address advertise-community

The community attribute is advertised to the peer. By default, the community attribute is not advertised to any peer. To allow the peer to configure QoS policies for the routes with the community attribute, advertise the community attribute to the peer. Step 9 Run:
commit

The configuration is committed. ----End

5.3.2 Configuring Routing Policies on a BGP Route Receiver


This section describes how to configure routing policies on a BGP route receiver.

Context
Do as follows on a BGP route receiver:
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 100

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


route-policy route-policy-name { permit | deny } node node-number

The node of a routing policy is created, and the view of the routing policy is displayed. Step 3 Run one of the following commands as needed to configure a filtering rule for the routing policy on the BGP route receiver. l To match an AS_Path list, run the if-match as-path-filter as-path-acl-number &<1-16> command. l To match a community attribute list, run the if-match community-filter { basic-comm-filternum [ whole-match ] | ext-comm-filter-num } &<1-16> command. l To match a route cost, run the if-match cost value command.
NOTE

The route attribute configured for a BGP route must be the same as that of the route advertised by a BGP route sender.

Step 4 Perform the following steps as required: When an LPUF-100 or LPUI-100 is used: l Run the apply qos-local-id qos-local-id command to apply a QoS policy to the route that meets the matching rule in the routing policy.
NOTE

When the QoS policy ID, configured by apply qos-local-id qos-local-id, is applied to QPPB, the ID value can be configured within the range of the QoS policy ID value using qos-local-id qos-local-id behavior behavior-name.

l Run the apply ip-precedence ip-precedence command to apply IP preference to the route that meets the matching rule in the routing policy. A routing policy consists of multiple nodes. Each node comprises multiple if-match and apply clauses. The if-match clauses define matching rules of a node. The apply clauses define QoS behaviors to be performed on the routes that match the matching rule. You can configure multiple if-match clauses for a node. The relationship between these rules is "AND". This means that a route passes the filtering only when it meets all the matching rules. The relationship between routing policy nodes is "OR". That is, if a route matches a node of a routing policy, it matches the routing policy. If none of the routing policy nodes is matched, the route does not match the routing policy. Step 5 Run:
quit

Return to the system view. Step 6 Run:


bgp as-number

BGP is enabled and the BGP view is displayed.


Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 101

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

Step 7 Run:
peer ip-address route-policy route-policy-name import

The routing policy is applied to the routes sent from the peer (route sender).
NOTE

Ensure that BGP peer relationships have been set up before the routing policy is applied.

Step 8 Run:
commit

The configuration is committed. ----End

5.3.3 Configuring Traffic Behaviors on a Route Receiver


You can configure different traffic behaviors for different traffic classifiers on a BGP receiver to implement differentiated services.

Context
Do as follows on the BGP route receiver:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


traffic behavior behavior-name

A traffic behavior is configured and the traffic behavior view is displayed. Step 3 Run one of the following commands as needed: l To configure CAR actions, run the car { cir cir-value [ pir pir-value] } [ cbs cbs-value pbs pbs-value ] [ green { discard | pass [ service-class class color color ] } | yellow { discard | pass [ service-class class color color ] } | red { discard | pass [ service-class class color color ] } ]* command. l To re-mark the DSCP value of an IP packet, run the remark dscp dscp-value command. l To re-configure the precedence of IP packets, run the remark ip-precedence ipprecedence. l To allow all the packets that meet the matching rule to pass, run the permit command. l To prevent all the packets that meet the matching rule from passing, run the deny command. l To color packets with a certain CoS, run the service-class command.
NOTE

The device supports only five QPPB traffic behaviors: car, permit, deny, remark dscp, and serviceclass.

----End
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 102

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

5.3.4 Configuring QPPB Local Policies on a BGP Route Receiver


QPPB allows QoS policies to be configured for routes that match the BGP community list, ACL, or BGP AS_Path list. After the QPPB local policy is applied to the inbound and outbound interfaces of traffic, relevant QoS policies are performed on the traffic.

Context
Do as follows on a BGP route receiver:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


qppb local-policy policy-name

A QPPB local policy is created and the QPPB local policy view is displayed. Step 3 Run:
(Optional)statistics enable

Enable QPPB statistics. Step 4 Run:


qos-local-id qos-local-id behavior behavior-name

A QoS local policy ID is bound to a traffic behavior. This step is needed only when an LPUF-100 or LPUI-100 is used.
NOTE

The device supports a maximum of 30 QPPB local policies.

----End

5.3.5 Applying a QPPB Local Policy to an Interface


After a QPPB local policy is applied to an interface, the associated traffic behavior is performed for the packets that meet the matching rule.

Context
You can apply a QPPB local policy to the incoming or outgoing traffic. BGP routes in QPPB refer to only BGP routes on the public network. Private routes are involved in the QPPB application on the L3VPN.
NOTE

On the ingress, QPPB is not applicable to downstream traffic on the IP access MPLS tunnel over a public or private network.

Do as follows on a BGP route receiver:


Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 103

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


interface interface-type interface-number

The interface view is displayed. Step 3 Run one of the following commands as needed: When an LPUF-100, LPUI-100, LPUF-200 is used: l To apply a QPPB local policy to the incoming traffic, run the qppb-policy policy-name source inbound command on the inbound interface. l To apply a QPPB local policy to the outgoing traffic, run the qppb-policy qos-local-id source inbound and qppb-policy policy-name outbound commands on the inbound and outbound interfaces respectively. l To apply a QPPB local policy to the ip precedence, run the qppb-policy ip-precedence source command on the inbound interface.
NOTE

The keyword source indicates that policies are applied to traffic along the route whose source address meets the matching rule.

----End

5.3.6 Checking the Configuration


After QPPB is configured, you can view QPPB information.

Context
You can run the display commands in any view to check QPPB running information. For details about QPPB running information, see the chapter "QoS Commands" in the HUAWEI NetEngine5000E Core Router Command Reference.

Procedure
Step 1 Run the display qppb local-policy configuration policy-name command to check the configuration of a specific QPPB local policy. Step 2 Run the display qppb local-policy statistics interface interface-type interface-number { inbound | outbound } [ qos-local-id qos-local-id ] command to check the statistics about a specific QPPB local policy. ----End

Example
After QPPB is configured successfully: l Run the display qppb local-policy configuration command to view the configuration of a specific QPPB local policy. For example:
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 104

Issue 01 (2012-06-30)

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


<HUAWEI> display qppb local-policy configuration policy1 qppb local-policy : policy1 statistics enable qos-loacl-id 1 behavior test

5 QPPB Configuration

Run the display qppb local-policy statistics command, you can view statistics about a specific QPPB local policy. For example:
<HUAWEI> display qppb local-policy statistics interface gigabitethernet 2/0/0 outbound Interface: GigabitEthernet2/0/0 qppb loacl-policy outbound: policy1 qos-local-id 1 Item Packets Bytes ------------------------------------------------------------------Matched 0 0 Current CAR statistics: Item Packets Bytes ------------------------------------------------------------------Green 0 0 Yellow 0 0 Red 0 0 Passed 0 0 Dropped 0 0

5.4 Configuring Destination-Based QPPB


Destination-based QPPB differentiates routes to different destinations and associates differentiated QoS policies with them.

Applicable Environment
QPPB is applicable to both IBGP and EBGP and can be configured for one or more ASs. As shown in Figure 5-5, traffic is transmitted from provider B (AS 200) and provider C (AS 300) to provider D (AS 400) through provider A (AS 100). providers B and C function as BGP route senders and provider A functions as a BGP route receiver. Based on the traffic control policies that are signed between providers A and D, provider A needs to limit the rate of the traffic sent to provider D. providers B and C advertise BGP routes carrying the community attribute to provider A. After receiving the BGP routes, provider A matches the routes with the community list, ACL list, or AS_Path list, and associates QoS policy IDs with QoS behaviors for the routes. Destinationbased QPPB is enabled on the provider A interface that allows traffic to pass through. Therefore, QPPB local policies are applied to all traffic that passes through provider A. Destination-based QPPB is applicable to both incoming and outgoing traffic on a device.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

105

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

Figure 5-5 Networking diagram for destination-based QPPB configuration

AS200

RouterB RouterA AS400 AS100 RouterD

AS300 RouterC

Pre-configuration Tasks
Before configuring QPPB, complete the following tasks: l l l Configuring basic BGP functions Configuring local network routes advertised by BGP Configuring interfaces for setting up a BGP connection

Configuration Procedures
Figure 5-6 Flowchart for QPPB configuration
Configuring Routing Policies on a BGP Route Sender Configuring Routing Policies on a BGP Route Receiver Configuring Traffic Behaviors on a Route Receiver Configuring QPPB Local Policies Applying a QPPB Local Policy to an Interface Mandatory procedure Optional procedure

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

106

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

5.4.1 Configuring Routing Policies on a BGP Route Sender


This section describes how to configure routing policies on a BGP route sender.

Context
Do as follows on a BGP route sender:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


route-policy route-policy-name { permit |deny } node node-number

The node of a routing policy is created, and the view of the routing policy is displayed. Step 3 Run one of the following commands as required to configure a matching rule for the routing policy. l To match an ACL, run the if-match acl { acl-number | name acl-name } command.
NOTE

Only rules of ACLs 2000 to 2999 can be configured as matching rules in the routing policy.

l To match an AS_Path list, run the if-match as-path-filter as-path-filter &<1-16> command. l To match the community attribute list, run the if-match community-filter { basic-commfilter-num [ whole-match ] | adv-comm-filter-num }* &<1-16> or if-match communityfilter comm-filter-name [ whole-match ] command. l To match a route cost, run the if-match cost cost command. l To match an IP prefix list, run the if-match ip-prefix ip-prefix command. Step 4 Run one of the following commands as required to set route attributes. l To set an AS_Path attribute, run the apply as-path as-number &<1-10> [ additive ] command. l To set a community attribute, run the apply community { [ community-number | aa:nn ] &<1-32> | internet | no-advertise | no-export | no-export-subconfed } * [ additive ] command. l To set a route cost, run the apply cost { [ apply-type ] cost | inherit } command. You can set one BGP attribute, such as the AS_Path, community attribute, or extended community attribute, for the matched BGP routes as required. Step 5 Run:
quit

The system view is displayed. Step 6 Run:


bgp as-number

The BGP view is displayed.


Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 107

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

Step 7 Run:
peer { ip-address | group-name } route-policy route-policy-name export

The routing policy is applied to the routes that are to be advertised to the peer.
NOTE

Ensure that BGP peer relationships have been set up before the routing policy is applied.

Step 8 Run:
peer ip-address advertise-community

The community attribute is advertised to the peer. By default, the community attribute is not advertised to any peer. To allow the peer to configure QoS policies for the routes with the community attribute, advertise the community attribute to the peer. Step 9 Run:
commit

The configuration is committed. ----End

5.4.2 Configuring Routing Policies on a BGP Route Receiver


This section describes how to configure routing policies on a BGP route receiver.

Context
Do as follows on a BGP route receiver:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


route-policy route-policy-name { permit | deny } node node-number

The node of a routing policy is created, and the view of the routing policy is displayed. Step 3 Run one of the following commands as needed to configure a matching rule for the routing policy on a BGP route receiver. l To match an AS_Path list, run the if-match as-path-filter as-path-acl-number &<1-16> command. l To match a community attribute list, run the if-match community-filter { basic-comm-filternum [ whole-match ] | ext-comm-filter-num } &<1-16> command. l To match a route cost, run the if-match cost value command.
NOTE

The route attribute configured for a BGP route must be the same as that of the route advertised by the BGP route sender.

Step 4 Perform the following steps as required:


Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 108

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

When an LPUF-100 or LPUI-100 is used: l Run the apply qos-local-id qos-local-id command to apply a QoS policy to the route that meets the matching rule in the routing policy.
NOTE

When the QoS policy ID, configured by apply qos-local-id qos-local-id, is applied to QPPB, the ID value can be configured within the range of the QoS policy ID value using qos-local-id qos-local-id behavior behavior-name.

l Run the apply ip-precedence ip-precedence command to apply IP preference to the route that meets the matching rule in the routing policy. When an LPUE or LPUI is used: l Run the apply ip-precedence ip-precedence command to apply IP preference to the route that meets the matching rule in the routing policy.
NOTE

You need to configure IP preference for the route that meets the matching rule in advance.

A routing policy consists of multiple nodes. Each node comprises multiple if-match and apply clauses. The if-match clauses define matching rules of a node. The apply clauses define QoS behaviors that are to be implemented for the routes that match the matching rule. You can configure multiple if-match clauses on a node. The relationship between these rules is "AND". This means that a route passes the filtering only when it meets all the matching rules. The relationship between routing policy nodes is "OR". That is, if a route matches a node of a routing policy, it matches the routing policy. If none of the routing policy nodes is matched, the route does not match the routing policy. Step 5 Run:
bgp as-number

BGP is enabled and the BGP view is displayed. Step 6 Run:


peer ip-address route-policy route-policy-name import

The routing policy configured on the route receiver is applied to the routes sent from the peer (route sender).
NOTE

Ensure that BGP peer relationships have been set up before the routing policy is applied.

Step 7 Run:
commit

The configuration is committed. ----End

5.4.3 Configuring Traffic Behaviors on a Route Receiver


You can configure different traffic behaviors for different traffic classifiers on a BGP receiver to implement differentiated services.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 109

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

Context
Do as follows on the BGP route receiver:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


traffic behavior behavior-name

A traffic behavior is configured and the traffic behavior view is displayed. Step 3 Run one of the following commands as needed: l To configure CAR actions, run the car { cir cir-value [ pir pir-value] } [ cbs cbs-value pbs pbs-value ] [ green { discard | pass [ service-class class color color ] } | yellow { discard | pass [ service-class class color color ] } | red { discard | pass [ service-class class color color ] } ]* command. l To re-mark the DSCP value of an IP packet, run the remark dscp dscp-value command. l To re-configure the precedence of IP packets, run the remark ip-precedence ipprecedence. l To allow all the packets that meet the matching rule to pass, run the permit command. l To prevent all the packets that meet the matching rule from passing, run the deny command. l To color packets with a certain CoS, run the service-class command.
NOTE

The device supports only five QPPB traffic behaviors: car, permit, deny, remark dscp, and serviceclass.

----End

5.4.4 Configuring QPPB Local Policies on a BGP Route Receiver


QPPB allows QoS policies to be configured for routes that match the BGP community list, ACL, or BGP AS_Path list. After the QPPB local policy is applied to the inbound and outbound interfaces of traffic, relevant QoS policies are implemented on the traffic.

Context
Do as follows on a BGP route receiver:
NOTE

This step is needed only when an LPUE or LPUI is used.

Procedure
Step 1 Run:
system-view

The system view is displayed.


Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 110

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

Step 2 Run:
qppb local-policy policy-name

A QPPB local policy is created and the QPPB local policy view is displayed. Step 3 Run:
(Optional)statistics enable

Enable QPPB statistics. Step 4 Run:


qos-local-id qos-local-id behavior behavior-name

A QoS policy is created and a traffic behavior is bound to the QoS local policy ID. This step is needed only when an LPUF-100 or LPUI-100 is used. ----End

5.4.5 Applying a QPPB Local Policy to an Interface


After a QPPB local policy is applied to an interface, the associated traffic behavior is performed for the packets that meet the matching rule.

Context
You can apply a QPPB local policy to the incoming or outgoing traffic. BGP routes in QPPB refer to only BGP routes on the public network. Private routes are involved in the QPPB application on the L3VPN.
NOTE

On the ingress, QPPB is not applicable to downstream traffic on the IP access MPLS tunnel over a public or private network.

Do as follows on a BGP route receiver:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


interface interface-type interface-number

The interface view is displayed. Step 3 Run one of the following commands as needed to apply a QPPB local policy: When an LPUF-100, LPUI-100, LPUF-200 is used: l To apply a QPPB local policy to the incoming traffic, run the qppb-policy policy-name destination inbound command on the inbound interface. l To apply a QPPB local policy to the outgoing traffic, run the qppb-policy qos-local-id destination inbound and qppb-policy policy-name outbound commands on the inbound and outbound interfaces respectively.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 111

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

l To apply a QPPB local policy to the ip precedence, run the qppb-policy ip-precedence destination command on the inbound interface.
NOTE

The keyword destination indicates that policies are applied to traffic along the route whose destination address meets the matching rule.

When an LPUE or LPUI is used: To apply a QPPB local policy to the ip precedence, run the qppb-policy ip-precedence destination command on the inbound interface. ----End

5.4.6 Checking the Configuration


After QPPB is configured, you can view QPPB information.

Context
You can run the display commands in any view to check QPPB running information. For details about QPPB running information, see the chapter "QoS Commands" in the HUAWEI NetEngine5000E Core Router Command Reference.

Procedure
Step 1 Run the display qppb local-policy configuration policy-name command to check the configuration of a specific QPPB local policy. Step 2 Run the display qppb local-policy statistics interface interface-type interface-number { inbound | outbound } [ qos-local-id qos-local-id ] command to check the statistics about a specific QPPB local policy. ----End

Example
After QPPB is configured successfully: l Run the display qppb local-policy configuration command to view the configuration of a specific QPPB local policy. For example:
<HUAWEI> display qppb local-policy configuration policy1 qppb local-policy : policy1 statistics enable qos-loacl-id 1 behavior test

Run the display qppb local-policy statistics command, you can view statistics about a specific QPPB local policy. For example:
<HUAWEI> display qppb local-policy statistics interface gigabitethernet 2/0/0 outbound Interface: GigabitEthernet2/0/0 qppb loacl-policy outbound: policy1 qos-local-id 1 Item Packets Bytes ------------------------------------------------------------------Matched 0 0 Current CAR statistics: Item Packets Bytes

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

112

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

------------------------------------------------------------------Green 0 0 Yellow 0 0 Red 0 0 Passed 0 0 Dropped 0 0

5.5 Maintaining QPPB


This section describes how to clear statistics about a QPPB local policy.

5.5.1 Clearing Statistics About a QPPB Policy


This section describes how to clear statistics about a QPPB policy on an interface.

Context

CAUTION
Once deleted, statistics cannot be restored. Therefore, exercise caution when deleting statistics.

Procedure
Step 1 Run the reset qppb local-policy statistics interface interface-type interface-number { inbound | outbound } command in the user view to clear statistics about a QPPB local policy on the specified interface. ----End

5.6 Configuration Examples


This section provides examples for configuring QPPB, including the application scenario and configuration commands.

5.6.1 Example for Configuring QPPB


This section provides an example for configuring QPPB.

Networking Requirements

CAUTION
On a single NE5000E, an interface is numbered in the format of slot number/card number/ interface number. In the multi-chassis scenario, an interface is numbered in the format of chassis ID/slot number/card number/interface number. This requires the chassis ID to be specified along with the slot number. On the network shown in Figure 5-7, router B advertises BGP routes with community attributes to router A, router A matches the community attributes against the community list, associates
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 113

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

traffic behaviors with QoS local IDs for the matched routes, and apply a QPPB local policy to the traffic transmitted along the routes. Traffic is sent from router B to router C by passing router A. router B functions as a BGP route sender, and router A functions as a BGP route receiver. It is required that source-based QPPB be applied to the incoming traffic. Figure 5-7 Networking diagram for configuring QPPB

AS200

RouterB RouterA AS400 AS100 RouterD

AS300 RouterC

Precautions
None.

Configuration Roadmap
The configuration roadmap is as follows: 1. 2. 3. 4. Configure basic BGP functions. Configure routing policies, set community attributes for the routes to be advertised, and advertise routes on router B. Apply routing policies, match route attributes, and set QoS local ID on router A. Configure QPPB and apply it to the incoming traffic on router A.

Data Preparation
To complete the configuration, you need the following data: l l l
Issue 01 (2012-06-30)

IP address of each interface Routing policy name, matching rule, and route attribute QPPB policy name
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 114

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

5 QPPB Configuration

Procedure
Step 1 Configure basic BGP functions on routerA and routerB. # Configure loopback interfaces on router A and router B.
<routerA> system-view [~routerA] interface loopback 0 [~routerA-LoopBack0] ip address 1.1.1.1 255.255.255.255 [~routerA-LoopBack0] return <routerB> system-view [~routerB] interface loopback 0 [~routerB-LoopBack0] ip address 2.2.2.2 255.255.255.255

# Configure interfaces connecting router A and router B and interfaces connecting router A and router C.
<routerA> system-view [~routerA] interface pos 2/0/0 [~routerA-Pos2/0/0] undo shutdown [~routerA-Pos2/0/0] ip address 100.1.1.1 255.255.255.0 [~routerA-Pos2/0/0] quit [~routerA] interface gigabitethernet 1/0/0 [~routerA-GigabitEthernet1/0/0] undo shutdown [~routerA-GigabitEthernet1/0/0] ip address 200.1.1.2 255.255.255.0 [~routerA-GigabitEthernet1/0/0] return <routerB> system-view [~routerB] interface pos 1/0/0 [~routerB-Pos2/0/0] undo shutdown [~routerB-Pos2/0/0] ip address 100.1.1.2 255.255.255.0 [~routerB-Pos2/0/0] return <routerC> system-view [~routerC] interface gigabitethernet1/0/0 [~routerC-GigabitEthernet1/0/0] undo shutdown [~routerC-GigabitEthernet1/0/0] ip address 200.1.1.1 255.255.255.0 [~routerC-GigabitEthernet1/0/0] return

# Enable OSPF and advertise route information containing the interface addresses.
<routerA> system-view [~routerA] ospf [~routerA-ospf-1] area 0 [~routerA-ospf-1-area-0.0.0.0] [~routerA-ospf-1-area-0.0.0.0] [~routerA-ospf-1-area-0.0.0.0] [~routerA-ospf-1-area-0.0.0.0] [~routerA-ospf-1] return <routerB> system-view [~routerB] ospf [~routerB-ospf] area 0 [~routerB-ospf-1-area-0.0.0.0] [~routerB-ospf-1-area-0.0.0.0] [~routerB-ospf-1-area-0.0.0.0] [~routerB-ospf-1] return <routerC> system-view [~routerC] ospf [~routerC-ospf] area 0 [~routerC-ospf-1-area-0.0.0.0] [~routerC-ospf-1-area-0.0.0.0]

network 1.1.1.1 0.0.0.0 network 100.1.1.0 0.0.0.255 network 200.1.1.0 0.0.0.255 quit

network 2.2.2.2 0.0.0.0 network 100.1.1.0 0.0.0.255 quit

network 200.1.1.0 0.0.0.255 return

# Configure BGP and set up EBGP peer relationships between router A and router B.
<routerA> system-view [~routerA] bgp 100 [~routerA-bgp] peer 2.2.2.2 [~routerA-bgp] peer 2.2.2.2 [~routerA-bgp] peer 2.2.2.2 [~routerA-bgp] import-route [~routerA-bgp] return

as-number 200 ebgp-max-hop 2 connect-interface loopback 0 direct

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

115

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


<routerB> system-view [~routerB] bgp 200 [~routerB-bgp] peer 1.1.1.1 [~routerB-bgp] peer 1.1.1.1 [~routerB-bgp] peer 1.1.1.1 [~routerB-bgp] import-route [~routerB-bgp] return

5 QPPB Configuration

as-number 100 ebgp-max-hop 2 connect-interface loopback 0 direct

# Configure BGP and set up an IBGP peer relationship between router A and router C.
<routerA> system-view [~routerA] bgp 100 [~routerA-bgp] peer 200.1.1.1 as-number 100 [~routerA-bgp] import-route direct [~routerA-bgp] quit <routerC> system-view [~routerC] bgp 100 [~routerC-bgp] peer 200.1.1.2 as-number 100 [~routerC-bgp] import-route direct [~routerC-bgp] quit

After the configuration is complete, router A can communicate with router B and router C. Step 2 Configure and apply routing policies on router B. # Configure an IP prefix on routerB.
<routerB> system-view [~routerB] ip ip-prefix bb permit 66.1.1.1 32 [~routerB] return

# Configure a routing policy on router B.


<routerB> system-view [~routerB] route-policy [~routerB-route-policy] [~routerB-route-policy] [~routerB-route-policy] aa permit node 10 if-match ip-prefix bb apply community 10:10 return

# Configure a policy for advertising routes on router B.


<routerB> system-view [~routerB] bgp 200 [~routerB-bgp] peer 1.1.1.1 route-policy aa export [~routerB-bgp] peer 1.1.1.1 advertise-community [~routerB-bgp] return

Step 3 Configure a policy for receiving routes on router A, and apply traffic behaviors to the route that matches the route attribute. # Configure a traffic behavior.
<routerA> system-view [~routerA] traffic behavior dd [~routerA-behavior-dd] remark dscp af11 [~routerA-behavior-dd] return

# Configure a routing policy and apply the traffic behavior to the route that matches the route attribute.
<routerA> system-view [~routerA] ip community-filter 10 permit 10:10 [~routerA] route-policy aa permit node 10 [~routerA-route-policy] if-match community-filter 10 [~routerA-route-policy] apply qos-local-id 1 [~routerA-route-policy] return

# Configure a QPPB local policy on router A.


<routerA> system-view

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

116

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


[~routerA] qppb local-policy ac [~routerA-localpolicy-ac] qos-local-id 1 behavior dd [~routerA-localpolicy-ac] return

5 QPPB Configuration

# Apply the routing policy to the routes sent from router B on router A.
<routerA> system-view [~routerA] bgp 100 [~routerA-bgp] peer 2.2.2.2 route-policy aa import [~routerA-bgp] return

Step 4 Apply the QPPB local policy to the incoming traffic on router A.
<routerA> system-view [~routerA] interface pos 2/0/0 [~routerA-Pos2/0/0] qppb-policy ac source inbound [~routerA-Pos2/0/0] return

Step 5 Verify the configuration. # Display the QPPB local policy information on router A.
[~routerA] display qppb local-policy configuration ac qppb local-policy : ac statistics disable qos-local-id 1 behavior dd

----End

Configuration Files
l Configuration file of router A
# sysname routerA # interface GigabitEthernet1/0/0 undo shutdown ip address 200.1.1.2 255.255.255.0 # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 100.1.1.1 255.255.255.0 qppb-policy ac source inbound # interface LoopBack0 ip address 1.1.1.1 255.255.255.255 # bgp 100 peer 2.2.2.2 as-number 200 peer 2.2.2.2 ebgp-max-hop 2 peer 2.2.2.2 connect-interface LoopBack0 peer 200.1.1.1 as-number 100 # ipv4-family unicast undo synchronization import-route direct peer 2.2.2.2 enable peer 2.2.2.2 route-policy aa import peer 200.1.1.1 enable # ospf 1 area 0.0.0.0 network 1.1.1.1 0.0.0.0 network 100.1.1.0 0.0.0.255 network 200.1.1.0 0.0.0.255 # route-policy aa permit node 10 if-match community-filter 10

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

117

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


apply qos-local-id 1 # ip community-filter 10 permit 10:10 # qppb local-policy ac qos-local-id 1 behavior dd return

5 QPPB Configuration

Configuration file of router B


# sysname routerB # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 100.1.1.2 255.255.255.0 # interface LoopBack0 ip address 2.2.2.2 255.255.255.255 # interface LoopBack10 ip address 66.1.1.1 255.255.255.255 # bgp 200 peer 1.1.1.1 as-number 100 peer 1.1.1.1 ebgp-max-hop 2 peer 1.1.1.1 connect-interface LoopBack0 # ipv4-family unicast undo synchronization import-route direct peer 1.1.1.1 enable peer 1.1.1.1 route-policy aa export peer 1.1.1.1 advertise-community quit # ospf 1 area 0.0.0.0 network 2.2.2.2 0.0.0.0 network 100.1.1.0 0.0.0.255 # route-policy aa permit node 10 if-match ip-prefix bb apply community 10:10 # ip ip-prefix bb index 10 permit 66.1.1.1 32 # return

Configuration file of router C


# sysname routerC # interface gigabitethernet1/0/0 undo shutdown ip address 200.1.1.1 255.255.255.0 # bgp 100 peer 200.1.1.2 as-number 100 # ipv4-family unicast undo synchronization import-route direct peer 200.1.1.2 enable # ospf 1 area 0.0.0.0 network 200.1.1.0 0.0.0.255 #

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

118

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


return

5 QPPB Configuration

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

119

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

6 MPLS DiffServ-Mode Configuration

MPLS DiffServ-Mode Configuration

About This Chapter


This chapter describes the basic principle of MPLS DiffServ and how to configure MPLS DiffServ, and provides several configuration examples. 6.1 MPLS DiffServ Models Overview 6.2 MPLS Pipe/Short Pipe Supported by the NE5000E 6.3 Configuring the Uniform/Pipe Mode for MPLS TE This section describes the process of configuring the Uniform/Pipe mode for MPLS TE. 6.4 Configuring the Uniform/Pipe Mode for the MPLS Penultimate Hop This section describes the process of configuring the Uniform/Pipe mode for the MPLS penultimate hop. 6.5 Configuring the Pipe/Short Pipe Mode for VPNs This section describes how to configure the DiffServ mode for VPNs. 6.6 Configuration Examples This section provides the examples for configuring MPLS Diff-Serv modes.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

120

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

6 MPLS DiffServ-Mode Configuration

6.1 MPLS DiffServ Models Overview


The DSCP field (6 bits) in the header of the IP packet is used to define the Class of Service (CoS). In the MPLS label, the EXP field (3 bits) is also used to define the CoS. See Figure 6-1. Figure 6-1 The DSCP field in the IP packet and the EXP field in the MPLS packet

0 DSCP CoS 0

unused

19 Label

22 23 EXP CoS S TTL

31

In the MPLS DiffServ model, packets are processed in the following steps: l l l When a packet enters the MPLS network, a label is added to the packet. The DSCP field in the packet is copied to the EXP field. In the MPLS network, the PHB is chosen according to the EXP value in the packet. Each EXP value is mapped with a PHB. When the packet leaves the MPLS network, the label is stripped. Then, the PHB is chosen according to the DSCP or EXP field. Each DSCP value is also mapped with a PHB.

The MPLS DiffServ model defines the following factors for the packets that pass through an MPLS network: the manner in which the DSCP field and the EXP field are propagated and PHB such as CoS and color after the packet leaves the MPLS network. Thus, transmission with differentiated QoS is carried out. In the RFC 3270, three MPLS DiffServ models are defined: Uniform, Pipe, and Short Pipe.

Uniform Model
In Uniform mode, the priority identifiers of packets are identical on the IP network and MPLS network. This means that the priority identifier of packets on either network is globally valid. The ingress PE adds a label to the packet by copying the DSCP value to the inner and outer EXP field. If the outer EXP value is changed in the MPLS network, the change affects the PHB adopted when the packet leaves the MPLS network. That is, the egress PE adopts the PHB according to the outer EXP value. See Figure 6-2.

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

121

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

6 MPLS DiffServ-Mode Configuration

Figure 6-2 Uniform model

MPLS CE PE P P PE CE

IP DSCP 3

MPLS EXP 3 MPLS EXP 3 IP DSCP 3

MPLS EXP 2 MPLS EXP 3 IP DSCP 3

MPLS EXP 2 IP DSCP 3

IP DSCP 2

IP DSCP 2

Pipe Model
In the Pipe model, the user-defined CoS and color together determine the EXP value that is added to the MPLS label by the ingress PE. The default mapping between the CoS value and the EXP value is shown in Table 6-1. If the inner and outer EXP values are changed in the MPLS network, the change is valid only in the MPLS network. The egress PE selects the PHB according to the outer EXP value. When the packet leaves the MPLS network, the DSPC value becomes effective again. See Figure 6-3.
NOTE

The Pipe model does not support the Penultimate Hop Popping of the MPLS label.

Table 6-1 Default mapping between the CoS value and the EXP value CoS BE AF1 AF2 AF3 AF4 EF CS6 CS7
Issue 01 (2012-06-30)

Color Green Green, Yellow, Red Green, Yellow, Red Green, Yellow, Red Green, Yellow, Red Green Green Green
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

MPLS EXP 0 1 2 3 4 5 6 7
122

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

6 MPLS DiffServ-Mode Configuration

Figure 6-3 Pipe model

MPLS CE PE P P PE CE

PHB depends on EXP value MPLS EXP 2 MPLS EXP 2 IP DSCP 3 MPLS EXP 2 MPLS EXP 2 IP DSCP 3 MPLS EXP 2 MPLS EXP 2 IP DSCP 3 MPLS EXP 2 IP DSCP 3 IP DSCP 3

IP DSCP 3

Short Pipe Model


In the Short Pipe model, the user-defined CoS and color together determine the EXP value that is added to the MPLS label by the ingress PE. If the inner and outer EXP values are changed in the MPLS network, the change is valid only in the MPLS network. The egress PE selects the PHB according to the DSCP value. When the packet leaves the MPLS network, the DSPC value becomes effective again. See Figure 6-4. Figure 6-4 Short Pipe model

MPLS CE PE P P PE CE

IP DSCP 3
Issue 01 (2012-06-30)

MPLS EXP 2 MPLS EXP 3 IP DSCP 3

MPLS EXP 2 MPLS EXP 3 IP DSCP 3

MPLS EXP 2 MPLS EXP 2 IP DSCP 3

PHB depends on DSCP value

IP DSCP 3

IP DSCP 3
123

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

6 MPLS DiffServ-Mode Configuration

6.2 MPLS Pipe/Short Pipe Supported by the NE5000E


The MPLS Pipe/Short Pipe supports queue scheduling based on eight priorities and implements the following functions: l l l TE supports the configuration of the Uniform/Pipe mode. The MPLS penultimate hop supports the configuration of the Uniform/Pipe mode. L3VPN supports the configuration of the Uniform/Pipe/Short Pipe mode.

6.3 Configuring the Uniform/Pipe Mode for MPLS TE


This section describes the process of configuring the Uniform/Pipe mode for MPLS TE.

Applicable Environment
To ensure the scheduling priorities of different MPLS TE services on the MPLS public network, you need to configure the Uniform/Pipe mode.

Pre-configuration Tasks
Before configuring the MPLS TE Uniform/Pipe mode, complete the following tasks: l l Configuring physical parameters and link attributes for related interfaces to ensure normal operation of the interfaces Configuring an MPLS TE tunnel between two PEs (For details, see "MPLS TE Configuration" in the HUAWEI NetEngine5000E Configuration Guide - MPLS.)
NOTE

Before configuring the Uniform/Pipe mode for MPLS TE, check that the MPLS TE is Up. After the following operations are performed on the user-side tunnel interface on the ingress PE, the configured mode takes effect only on the ingress PE. The penultimate node uses the Uniform mode by default. To change the Diff-Serv mode for the penultimate node, see the section "Configuring the Uniform/Pipe mode for the MPLS penultimate node".

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


interface tunnel interface-number

The view of the user-side tunnel interface is displayed. Step 3 Run:


diffserv-mode { pipe service-class color | uniform }

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

124

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

6 MPLS DiffServ-Mode Configuration

A Diff-Serv mode is set for the MPLS. Step 4 Run:


commit

The configuration is committed. ----End

6.4 Configuring the Uniform/Pipe Mode for the MPLS Penultimate Hop
This section describes the process of configuring the Uniform/Pipe mode for the MPLS penultimate hop.

Applicable Environment
By default, the Diff-serv mode on the penultimate hop is Uniform. When this mode is enabled, the EXP value of an outer label is copied to the EXP value of an inner label. Using the global control command diffserv-mode mpls, you can determine whether the EXP value of an outer label is copied to the EXP value of an inner label based on the parameters of this command.

Pre-configuration Tasks
Before configuring the Uniform/Pipe model for the MPLS penultimate node, complete the following tasks: l l Configuring physical parameters and link attributes of related interfaces to ensure normal operation of the interfaces Configuring a Uniform/Pipe mode for the MPLS TE penultimate hop, which needs the configuration of an MPLS TE tunnel. see "MPLS TE Configuration" in the HUAWEI NetEngine5000E Core Router Configuration Guide - MPLS.
NOTE

Do as follows on MPLS LSP or MPLS TE penultimate hop:

Procedure
Step 1 Run:
system-view

The system view is displayed. Step 2 Run:


mpls

The MPLS view is displayed. Step 3 Run:


diffserv-mode mpls { pipe | uniform }

The global MPLS Diff-Serv mode is set.


Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 125

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


NOTE

6 MPLS DiffServ-Mode Configuration

l The configured mode by running this command take effect only on new LSPs. The reset mpls ldp command can be used to re-establish the original LSPs. Then, the configured mode can take effect on the re-established LSPs. l The diffserv-mode mpls command is run only on the penultimate hop to control the copy of the EXP value of an outer label to the EXP value of an inner label. l Before the diffserv-mode mpls command is run on the LPUI-100 or LPUF-100, the inbound and outbound interfaces of the boards need to be configured in the same Diff-Serv domain.

Step 4 Run:
commit

The configuration is committed. ----End

6.5 Configuring the Pipe/Short Pipe Mode for VPNs


This section describes how to configure the DiffServ mode for VPNs.

Usage Scenario
Multiple VPNs may use the same MPLS TE tunnel. To allocate priorities to different VPN services, configure the Pipe/Short Pipe mode for VPNs. This feature is applicable to the following VPNs: l l L3VPN VLL
NOTE

1. This feature is applicable to both the ingress and egress PEs. l If both simple traffic classification and the Pipe/Short Pipe mode are configured on the ingress PE, the Pipe/Short Pipe mode preferentially takes effect. l If the DiffServ mode is set to Pipe/Short Pipe on the PE, simple traffic classification is not required. l If the DiffServ mode is set to Uniform on the PE, simple traffic classification is required. 2. The DiffServ mode takes effect only on the L3VPN that meets the following conditions: l When the DiffServ mode is set to Pipe/Short Pipe on the egress PE and simple traffic classification is configured on the outbound interface, the qos phb disable command must be configured on the outbound interface of the egress PE. l When the DiffServ mode is set to Uniform on the egress PE and simple traffic classification is configured on the outbound interface, the qos phb disable command is not required on the outbound interface of the egress PE.

Pre-configuration Tasks
Before configuring the VPN Pipe/Short Pipe mode, complete the following tasks: l Configuring an MPLS TE tunnel between two PEs. For details, see the chapter "MPLS TE configuration" in the HUAWEI NetEngine5000E Core Router Configuration Guide MPLS. Configuring VPN services. Different L3VPNs or L2VPNs can be used as required. For details, see HUAWEI NetEngine5000E Core Router Configuration Guide - VPN.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 126

Issue 01 (2012-06-30)

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

6 MPLS DiffServ-Mode Configuration

Configuring simple traffic classification or complex traffic classification on the user-side interface of the ingress PE. For details, see the chapter "Class-based QoS configuration" in the HUAWEI NetEngine5000E Core Router Configuration Guide - QoS.

Procedure
l Configure the L3VPN DiffServ mode. 1. 2. 3. l Run the system-view command to enter the system view. Run the ip vpn-instance vpn-instance-name command to create a VPN instance and enter the VPN instance view. Run the diffserv-mode { pipe service-class color | short-pipe service-class color [ domain ds-name ] | uniform } command to set the DiffServ mode. Run the system-view command to enter the system view. Run the interface interface-type interface-number command to enter the interface view.
NOTE

Configure the VLL DiffServ mode. 1. 2.

The interface is the user-side interface to which the L2VPN is bound.

3. ----End

Run the diffserv-mode { pipe service-class color | short-pipe service-class color [ domain ds-name ] | uniform } command to set the VLL DiffServ mode.

6.6 Configuration Examples


This section provides the examples for configuring MPLS Diff-Serv modes.

6.6.1 Examples for Configuring MPLS Diff-Serv Modes


Networking Requirements

CAUTION
For the NE5000E, the interface is numbered as slot number/card number/interface number. For the NE5000E cluster, the interface is numbered as chassis ID/slot number/card number/interface number. The slot number is chassis ID/slot ID. As shown in Figure 6-5: l l l l l CE1 and CE3 are in VPN-A. CE2 and CE4 are in VPN-B. The VPN target attribute of VPN-A is 111:1, and that of VPN-B is 222:2. Users in different VPN cannot access each other. The MPLS DiffServ mode is set to Pipe on PE1 so that the DSCP values of packets can be mapped to EXP values. No special value is required. The mappings can be configured based
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 127

Issue 01 (2012-06-30)

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

6 MPLS DiffServ-Mode Configuration

on domains. On the egress of the MPLS network, packets are scheduled based on the EXP values with the DSCP values unchanged. Figure 6-5 MPLS Diff-Serv Modes networking diagram
AS: 65410 VPN-A CE1 GE1/0/0 10.1.1.1/24 Loopback1 2.2.2.9/32 POS1/0/0 PE1 172.1.1.2/24 POS3/0/0 172.1.1.1/24 P AS: 100 GE1/0/0 10.2.1.1/24 CE2 VPN-B AS: 65420 AS: 65440 GE1/0/0 10.4.1.1/24 CE4 VPN-B POS2/0/0 PE2 172.2.1.1/24 POS3/0/0 172.2.1.2/24 AS: 65430 VPN-A CE3 GE1/0/0 10.3.1.1/24

GE1/0/0 10.1.1.2/24 Loopback1 1.1.1.9/32 GE2/0/0 10.2.1.2/24

GE1/0/0 10.3.1.2/24 Loopback1 3.3.3.9/32 GE2/0/0 10.4.1.2/24

MPLS backbone

Configuration Roadmap
The configuration roadmap is as follows: 1. 2. 3. 4. 5. 6. Configure OSPF on the backbone network to enable interworking between PEs. Configure the basic MPLS functions and MPLS LDP on the PEs, and establish the MPLS LSPs between the PEs. Configure MP IBGP to exchange the VPN routing information between the PEs. Configure the VPN instance on the PE connected with the CE in the backbone network, and bind the PE interface connected with the CE to the corresponding VPN instance. Configure EBGP between the CE and the PE to exchange VPN routing information. Configure the Pipe mode on VPN-A and VPN-B, and apply different DiffServ domains to different VPN instances.

Data Preparation
To configure BGP/MPLS IP VPN, you need the following data: l l
Issue 01 (2012-06-30)

MPLS LSR-IDs on the PEs and the Ps RDs of VPN-A and VPN-B
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 128

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

6 MPLS DiffServ-Mode Configuration

l l

VPN targets of VPN-A and VPN-B Different DiffServ domains on PE1 and PE2

Procedure
Step 1 Configure an IGP on the MPLS backbone to allow the PEs and the Ps to reach each other. # Configure PE1.
<HUAWEI> system-view [~HUAWEI] sysname PE1 [~PE1] interface loopback 1 [~PE1-LoopBack1] ip address 1.1.1.9 32 [~PE1-LoopBack1] quit [~PE1] interface pos3/0/0 [~PE1-Pos3/0/0] ip address 172.1.1.1 24 [~PE1-Pos3/0/0] quit [~PE1] ospf [~PE1-ospf-1] area 0 [~PE1-ospf-1-area-0.0.0.0] network 172.1.1.0 0.0.0.255 [~PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0 [~PE1-ospf-1-area-0.0.0.0] quit [~PE1-ospf-1] quit

# Configure the P.
<HUAWEI> system-view [~HUAWEI] sysname P [P] interface loopback 1 [P-LoopBack1] ip address 2.2.2.9 32 [P-LoopBack1] quit [P] interface pos 1/0/0 [P-Pos1/0/0] ip address 172.1.1.2 24 [P-Pos1/0/0] quit [P] interface pos 2/0/0 [P-Pos2/0/0] ip address 172.2.1.1 24 [P-Pos2/0/0] quit [P] ospf [P-ospf-1] area 0 [P-ospf-1-area-0.0.0.0] network 172.1.1.0 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 172.2.1.0 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0 [P-ospf-1-area-0.0.0.0] quit [P-ospf-1] quit

# Configure PE2.
<HUAWEI> system-view [~HUAWEI] sysname PE2 [~PE2] interface loopback 1 [~PE2-LoopBack1] ip address 3.3.3.9 32 [~PE2-LoopBack1] quit [~PE2] interface pos 3/0/0 [~PE2-Pos3/0/0] ip address 172.2.1.2 24 [~PE2-Pos3/0/0] quit [~PE2] ospf [~PE2-ospf-1] area 0 [~PE2-ospf-1-area-0.0.0.0] network 172.2.1.0 0.0.0.255 [~PE2-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0 [~PE2-ospf-1-area-0.0.0.0] quit [~PE2-ospf-1] quit

After the configuration, the OSPF neighbor relationship should be established between PE1, P and PE2. After running the display ospf peer command, you can find that the OSPF neighbor relationship is in Full state. Run the display ip routing-table command on the PEs, and you can find that the PEs have learned the routes of the Loopback1 interface of each other.
Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 129

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

6 MPLS DiffServ-Mode Configuration

Use PE1 as an example:


[~PE1] display ip routing-table Route Flags: R - relay, D - download to fib -----------------------------------------------------------------------------Routing Tables: Public Destinations : 8 Routes : 8 Destination/Mask Proto Pre Cost Flags NextHop Interface 1.1.1.9/32 Direct 0 0 D 127.0.0.1 InLoopBack0 2.2.2.9/32 OSPF 10 2 D 172.1.1.2 Pos3/0/0 3.3.3.9/32 OSPF 10 3 D 172.1.1.2 Pos3/0/0 127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0 127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0 172.1.1.0/24 Direct 0 0 D 172.1.1.1 Pos3/0/0 172.1.1.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0 172.2.1.0/24 OSPF 10 2 D 172.1.1.2 Pos3/0/0 [~PE1] display ospf peer OSPF Process 1 with Router ID 1.1.1.9 Neighbors Area 0.0.0.0 interface 172.1.1.1(Pos3/0/0)'s neighbors Router ID: 172.1.1.2 Address: 172.1.1.2 State: Full Mode:Nbr is Master Priority: 1 DR: None BDR: None MTU: 1500 Dead timer due in 38 sec Neighbor is up for 00:02:44 Authentication Sequence: [ 0 ]

Step 2 Configure basic MPLS capabilities and MPLS LDP on the MPLS backbone network to set up the LDP LSP. # Configure PE1.
[~PE1] mpls lsr-id 1.1.1.9 [~PE1] mpls [~PE1-mpls] quit [~PE1] mpls ldp [~PE1-mpls-ldp] quit [~PE1] interface pos 3/0/0 [~PE1-Pos3/0/0] mpls [~PE1-Pos3/0/0] mpls ldp [~PE1-Pos3/0/0] quit

# Configure the P.
[P] mpls lsr-id 2.2.2.9 [P] mpls [P-mpls] quit [P] mpls ldp [P-mpls-ldp] quit [P] interface pos 1/0/0 [P-Pos1/0/0] mpls [P-Pos1/0/0] mpls ldp [P-Pos1/0/0] quit [P] interface pos 2/0/0 [P-Pos2/0/0] mpls [P-Pos2/0/0] mpls ldp [P-Pos2/0/0] quit

# Configure PE2.
[~PE2] mpls lsr-id 3.3.3.9 [~PE2] mpls [~PE2-mpls] quit [~PE2] mpls ldp [~PE2-mpls-ldp] quit [~PE2] interface pos 3/0/0 [~PE2-Pos3/0/0] mpls [~PE2-Pos3/0/0] mpls ldp [~PE2-Pos3/0/0] quit

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

130

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

6 MPLS DiffServ-Mode Configuration

After the configuration, LDP sessions are set up between PE1, P and PE2. After running the display mpls ldp session command on the routers, you can find that the status of the session is "Operational" in the display result. Run the display mpls ldp lsp command, and view the status of the LDP LSP. Use PE1 as an example:
[~PE1] display mpls ldp session LDP Session(s) in Public Network Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM) A '*' before a session means the session is being deleted. ------------------------------------------------------------------------PeerID Status LAM SsnRole SsnAge KASent/Rcv ------------------------------------------------------------------------2.2.2.9:0 Operational DU Passive 0000:00:01 5/5 ------------------------------------------------------------------------TOTAL: 1 session(s) Found. [~PE1] display mpls ldp lsp LDP LSP Information ------------------------------------------------------------------------------DestAddress/Mask In/OutLabel UpstreamPeer NextHop OutInterface ------------------------------------------------------------------------------1.1.1.9/32 3/NULL 2.2.2.9 127.0.0.1 InLoop0 *1.1.1.9/32 Liberal 2.2.2.9/32 NULL/3 172.1.1.2 Pos3/0/0 2.2.2.9/32 1024/3 2.2.2.9 172.1.1.2 Pos3/0/0 3.3.3.9/32 NULL/1025 172.1.1.2 Pos3/0/0 3.3.3.9/32 1025/1025 2.2.2.9 172.1.1.2 Pos3/0/0 ------------------------------------------------------------------------------TOTAL: 5 Normal LSP(s) Found. TOTAL: 1 Liberal LSP(s) Found. TOTAL: 0 Frr LSP(s) Found. A '*' before an LSP means the LSP is not established A '*' before a Label means the USCB or DSCB is stale A '*' before a UpstreamPeer means the session is in GR state A '*' before a NextHop means the LSP is FRR LSP

Step 3 Establish the MP-IBGP peer relationship between the PEs. # Configure PE1.
[~PE1] bgp 100 [~PE1-bgp] peer 3.3.3.9 as-number 100 [~PE1-bgp] peer 3.3.3.9 connect-interface loopback 1 [~PE1-bgp] ipv4-family vpnv4 [~PE1-bgp-af-vpnv4] peer 3.3.3.9 enable [~PE1-bgp-af-vpnv4] quit [~PE1-bgp] quit

# Configure PE2.
[~PE2] bgp 100 [~PE2-bgp] peer 1.1.1.9 as-number 100 [~PE2-bgp] peer 1.1.1.9 connect-interface loopback 1 [~PE2-bgp] ipv4-family vpnv4 [~PE2-bgp-af-vpnv4] peer 1.1.1.9 enable [~PE2-bgp-af-vpnv4] quit [~PE2-bgp] quit

After the configuration, run the display bgp peer command or the display bgp vpnv4 all peer command, you can see that the BGP peer relationship is set up between the PE, and the peer status is Established.
[~PE1] display bgp vpnv4 all peer BGP local router ID : 1.1.1.9 Local AS number : 100 Total number of peers : 3 Peer V AS MsgRcvd MsgSent

Peers in established state : 3 OutQ Up/Down State

PrefRcv

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

131

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


3.3.3.9 4 100 12 18 0

6 MPLS DiffServ-Mode Configuration


00:09:38 Established 0

Step 4 Configure VPN instances on PEs and bind the instances to the CE interfaces. # Configure PE1.
[~PE1] ip vpn-instance vpna [~PE1-vpn-instance-vpna] route-distinguisher 100:1 [~PE1-vpn-instance-vpna] vpn-target 111:1 both [~PE1-vpn-instance-vpna] quit [~PE1] ip vpn-instance vpnb [~PE1-vpn-instance-vpnb] route-distinguisher 100:2 [~PE1-vpn-instance-vpnb] vpn-target 222:2 both [~PE1-vpn-instance-vpnb] quit [~PE1] interface gigabitethernet 1/0/0 [~PE1-GigabitEthernet1/0/0] ip binding vpn-instance vpna [~PE1-GigabitEthernet1/0/0] ip address 10.1.1.2 24 [~PE1-GigabitEthernet1/0/0] quit [~PE1] interface gigabitethernet 2/0/0 [~PE1-GigabitEthernet2/0/0] ip binding vpn-instance vpnb [~PE1-GigabitEthernet2/0/0] ip address 10.2.1.2 24 [~PE1-GigabitEthernet2/0/0] quit

# Configure PE2.
[~PE2] ip vpn-instance vpna [~PE2-vpn-instance-vpna] route-distinguisher 200:1 [~PE2-vpn-instance-vpna] vpn-target 111:1 both [~PE2-vpn-instance-vpna] quit [~PE2] ip vpn-instance vpnb [~PE2-vpn-instance-vpnb] route-distinguisher 200:2 [~PE2-vpn-instance-vpnb] vpn-target 222:2 both [~PE2-vpn-instance-vpnb] quit [~PE2] interface gigabitethernet 1/0/0 [~PE2-GigabitEthernet1/0/0] ip binding vpn-instance vpna [~PE2-GigabitEthernet1/0/0] ip address 10.3.1.2 24 [~PE2-GigabitEthernet1/0/0] quit [~PE2] interface gigabitethernet 2/0/0 [~PE2-GigabitEthernet2/0/0] ip binding vpn-instance vpnb [~PE2-GigabitEthernet2/0/0] ip address 10.4.1.2 24 [~PE2-GigabitEthernet2/0/0] quit

# Configure an IP address for the CE interface according to Figure 6-5. Details for the configuration procedure are not provided here. After the configuration, check the configuration of VPN instances by running the display ip vpn-instance verbose command on the PEs. Each PE can successfully ping its own CE.
NOTE

When the interfaces on a PE are bound to the same VPN, you need to specify the source IP address when you use the ping command to ping the CE connected to the peer PE. This means that you need to specify -a source-ip-address in the ping -a source-ip-address -vpn-instance vpn-instance-name dest-ip-address command; otherwise, the ping fails.

Use PE1 and CE1 as an example:


[~PE1] display ip vpn-instance verbose Total VPN-Instances configured : 2 VPN-Instance Name and ID : vpna, 1 Create date : 2009/01/21 11:30:35 Up time : 0 days, 00 hours, 05 minutes and 19 seconds Route Distinguisher : 100:1 Export VPN Targets : 111:1 Import VPN Targets : 111:1 Label Policy : label per route The diffserv-mode Information is : uniform The ttl-mode Information is : pipe Log Interval : 5

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

132

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

6 MPLS DiffServ-Mode Configuration

Interfaces : GigabitEthernet1/0/0 VPN-Instance Name and ID : vpnb, 2 Create date : 2009/01/21 11:31:18 Up time : 0 days, 00 hours, 04 minutes and 36 seconds Route Distinguisher : 100:2 Export VPN Targets : 222:2 Import VPN Targets : 222:2 Label Policy : label per route The diffserv-mode Information is : uniform The ttl-mode Information is : pipe Log Interval : 5 Interfaces : GigabitEthernet2/0/0 [~PE1] ping -vpn-instance vpna 10.1.1.1 PING 10.1.1.1: 56 data bytes, press CTRL_C to break Reply from 10.1.1.1: bytes=56 Sequence=1 ttl=255 time=56 ms Reply from 10.1.1.1: bytes=56 Sequence=2 ttl=255 time=4 ms Reply from 10.1.1.1: bytes=56 Sequence=3 ttl=255 time=4 ms Reply from 10.1.1.1: bytes=56 Sequence=4 ttl=255 time=52 ms Reply from 10.1.1.1: bytes=56 Sequence=5 ttl=255 time=3 ms --- 10.1.1.1 ping statistics --5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 3/23/56 ms

Step 5 Establish the EBGP peer relationship between the PE and the CE to import VPN routes. # Configure CE1.
[~CE1] bgp 65410 [~CE1-bgp] peer 10.1.1.2 as-number 100 [~CE1-bgp] import-route direct
NOTE

The configuration procedures of CE2, CE3 and CE4 are similar to that of CE1.

# Configure PE1.
[~PE1] bgp 100 [~PE1-bgp] ipv4-family vpn-instance vpna [~PE1-bgp-vpna] peer 10.1.1.1 as-number 65410 [~PE1-bgp-vpna] import-route direct [~PE1-bgp-vpna] quit [~PE1-bgp] ipv4-family vpn-instance vpnb [~PE1-bgp-vpnb] peer 10.2.1.1 as-number 65420 [~PE1-bgp-vpnb] import-route direct [~PE1-bgp-vpnb] quit
NOTE

The configuration of PE2 is similar to that of PE1, and the details for the configuration procedure are not provided here.

After the configuration, run the display bgp vpnv4 vpn-instance peer command on the PE. You can see that the BGP peer relationship is set up between the PE and the CE, and the peer status is Established. Use the peer relationship between PE1 and CE1 as an example.
[~PE1] display bgp vpnv4 vpn-instance vpna peer BGP local router ID : 1.1.1.9 Local AS number : 100 Total number of peers : 1 Peers in established state : 1 Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv 10.1.1.1 4 65410 11 9 0 00:06:37 Established 1

Step 6 Verify the configuration.


Issue 01 (2012-06-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 133

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

6 MPLS DiffServ-Mode Configuration

Running the display ip routing-table vpn-instance command on the PE, you can find the route to peer CEs. Use PE1 as an example.
[~PE1] display ip routing-table vpn-instance vpna Route Flags: R - relay, D - download to fib -----------------------------------------------------------------------------Routing Tables: vpna Destinations : 3 Routes : 3 Destination/Mask Proto Pre Cost Flags NextHop Interface 10.1.1.0/24 Direct 0 0 D 10.1.1.2 GigabitEthernet1/0/0 10.1.1.2/32 Direct 0 0 D 127.0.0.1 InLoopBack0 10.3.1.0/24 IBGP 255 0 RD 3.3.3.9 Pos3/0/0 [~PE1] display ip routing-table vpn-instance vpnb Route Flags: R - relay, D - download to fib -----------------------------------------------------------------------------Routing Tables: vpnb Destinations : 3 Routes : 3 Destination/Mask Proto Pre Cost Flags NextHop Interface 10.2.1.0/24 Direct 0 0 D 10.2.1.2 GigabitEthernet2/0/0 10.2.1.2/32 Direct 0 0 D 127.0.0.1 InLoopBack0 10.4.1.0/24 IBGP 255 0 RD 3.3.3.9 Pos3/0/0

The CEs in the same VPN can successfully ping each other whereas two CEs in different VPNs cannot ping each other. For example, CE1 can successfully ping CE3 (10.3.1.1/24) but cannot ping CE4 (10.4.1.1/24).
[~CE1] ping 10.3.1.1 PING 10.3.1.1: 56 data bytes, press CTRL_C to break Reply from 10.3.1.1: bytes=56 Sequence=1 ttl=253 time=72 Reply from 10.3.1.1: bytes=56 Sequence=2 ttl=253 time=34 Reply from 10.3.1.1: bytes=56 Sequence=3 ttl=253 time=50 Reply from 10.3.1.1: bytes=56 Sequence=4 ttl=253 time=50 Reply from 10.3.1.1: bytes=56 Sequence=5 ttl=253 time=34 --- 10.3.1.1 ping statistics --5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 34/48/72 ms [~CE1] ping 10.4.1.1 PING 10.4.1.1: 56 data bytes, press CTRL_C to break Request time out Request time out Request time out Request time out Request time out --- 10.4.1.1 ping statistics --5 packet(s) transmitted 0 packet(s) received 100.00% packet loss

ms ms ms ms ms

Step 7 Configure DiffServ on PE1 and PE2, and apply DiffServ domains to different VPN instances. Configure PE1.
[~PE1] ip vpn-instance vpna [~PE1-vpn-instance-vpna] diffserv-mode pipe af1 green [~PE1-vpn-instance-vpna] quit [~PE1] ip vpn-instance vpnb [~PE1-vpn-instance-vpnb] diffserv-mode pipe be yellow [~PE1-vpn-instance-vpnb] quit

Configure PE2.
[~PE2] ip vpn-instance vpna [~PE2-vpn-instance-vpna] diffserv-mode pipe af1 green [~PE2-vpn-instance-vpna] quit

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

134

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS

6 MPLS DiffServ-Mode Configuration

[~PE2] ip vpn-instance vpnb [~PE2-vpn-instance-vpnb] diffserv-mode pipe be yellow [~PE2-vpn-instance-vpnb] quit

Step 8 Verify the configuration. You can view the DiffServ mode of the VPN instance after running the display ip vpn-instance verbose vpna command on the PE. Use the display on PE1 as an example:
[~PE1] display ip vpn-instance verbose vpna VPN-Instance Name and ID : vpna, 1 Create date : 2009/11/30 11:08:12 Up time : 0 days, 00 hours, 06 minutes and 32 seconds Route Distinguisher : 200:1 Label Policy : label per route The diffserv-mode Information is : pipe The ttl-mode Information is : pipe Log Interval : 5

----End

Configuration Files
l Configuration file of PE1
# sysname PE1 # ip vpn-instance vpna route-distinguisher 100:1 vpn-target 111:1 export-extcommunity vpn-target 111:1 import-extcommunity diffserv-mode pipe af1 green # ip vpn-instance vpnb route-distinguisher 100:2 vpn-target 222:2 export-extcommunity vpn-target 222:2 import-extcommunity diffserv-mode pipe be yellow # mpls lsr-id 1.1.1.9 mpls # mpls ldp # interface GigabitEthernet1/0/0 undo shutdown ip binding vpn-instance vpna ip address 10.1.1.2 255.255.255.0 # interface GigabitEthernet2/0/0 undo shutdown ip binding vpn-instance vpnb ip address 10.2.1.2 255.255.255.0 # interface Pos3/0/0 link-protocol ppp undo shutdown ip address 172.1.1.1 255.255.255.0 mpls mpls ldp # interface LoopBack1 ip address 1.1.1.9 255.255.255.255 # bgp 100 peer 3.3.3.9 as-number 100

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

135

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


peer 3.3.3.9 connect-interface LoopBack1 # ipv4-family unicast undo synchronization peer 3.3.3.9 enable # ipv4-family vpnv4 policy vpn-target peer 3.3.3.9 enable # ipv4-family vpn-instance vpna peer 10.1.1.1 as-number 65410 import-route direct # ipv4-family vpn-instance vpnb peer 10.2.1.1 as-number 65420 import-route direct # ospf 1 area 0.0.0.0 network 172.1.1.0 0.0.0.255 network 1.1.1.9 0.0.0.0 # return

6 MPLS DiffServ-Mode Configuration

Configuration file of the P


# sysname P # mpls lsr-id 2.2.2.9 mpls # mpls ldp # interface Pos1/0/0 link-protocol ppp undo shutdown ip address 172.1.1.2 255.255.255.0 mpls mpls ldp # interface Pos2/0/0 link-protocol ppp undo shutdown ip address 172.2.1.1 255.255.255.0 mpls mpls ldp # interface LoopBack1 ip address 2.2.2.9 255.255.255.255 # ospf 1 area 0.0.0.0 network 172.1.1.0 0.0.0.255 network 172.2.1.0 0.0.0.255 network 2.2.2.9 0.0.0.0 # return

Configuration file of PE2


# sysname PE2 # ip vpn-instance vpna route-distinguisher 200:1 vpn-target 111:1 export-extcommunity vpn-target 111:1 import-extcommunity diffserv-mode pipe af1 green # ip vpn-instance vpnb

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

136

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


route-distinguisher 200:2 vpn-target 222:2 export-extcommunity vpn-target 222:2 import-extcommunity diffserv-mode pipe be yellow # mpls lsr-id 3.3.3.9 mpls # mpls ldp # interface GigabitEthernet1/0/0 undo shutdown ip binding vpn-instance vpna ip address 10.3.1.2 255.255.255.0 # interface GigabitEthernet2/0/0 undo shutdown ip binding vpn-instance vpnb ip address 10.4.1.2 255.255.255.0 # interface Pos3/0/0 link-protocol ppp undo shutdown ip address 172.2.1.2 255.255.255.0 mpls mpls ldp # interface LoopBack1 ip address 3.3.3.9 255.255.255.255 # bgp 100 peer 1.1.1.9 as-number 100 peer 1.1.1.9 connect-interface LoopBack1 # ipv4-family unicast undo synchronization peer 1.1.1.9 enable # ipv4-family vpnv4 policy vpn-target peer 1.1.1.9 enable # ipv4-family vpn-instance vpna peer 10.3.1.1 as-number 65430 import-route direct # ipv4-family vpn-instance vpnb peer 10.4.1.1 as-number 65440 import-route direct # ospf 1 area 0.0.0.0 network 172.2.1.0 0.0.0.255 network 3.3.3.9 0.0.0.0 # return

6 MPLS DiffServ-Mode Configuration

Configuration file of CE1


# sysname CE1 # interface GigabitEthernet1/0/0 undo shutdown ip address 10.1.1.1 255.255.255.0 # bgp 65410 peer 10.1.1.2 as-number 100 # ipv4-family unicast undo synchronization

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

137

HUAWEI NetEngine5000E Core Router Configuration Guide - QoS


import-route direct peer 10.1.1.2 enable # return

6 MPLS DiffServ-Mode Configuration

Configuration file of CE2


# sysname CE2 # interface GigabitEthernet1/0/0 undo shutdown ip address 10.2.1.1 255.255.255.0 # bgp 65420 peer 10.2.1.2 as-number 100 # ipv4-family unicast undo synchronization import-route direct peer 10.2.1.2 enable # return

Configuration file of CE3


# sysname CE3 # interface GigabitEthernet1/0/0 undo shutdown ip address 10.3.1.1 255.255.255.0 # bgp 65430 peer 10.3.1.2 as-number 100 # ipv4-family unicast undo synchronization import-route direct peer 10.3.1.2 enable # return

Configuration file of CE4


# sysname CE4 # interface GigabitEthernet1/0/0 undo shutdown ip address 10.4.1.1 255.255.255.0 # bgp 65440 peer 10.4.1.2 as-number 100 # ipv4-family unicast undo synchronization import-route direct peer 10.4.1.2 enable # return

Issue 01 (2012-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

138

Vous aimerez peut-être aussi