HP 6125XLG R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide
HP 6125XLG Manual
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
HP 6125XLG manual content summary:
- HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 1
HP 6125XLG Blade Switch ACL and QoS Configuration Guide Part number: 5998-3722 Software version: Release 2306 Document version: 6W100-20130912 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 2
, or use of this material. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 3
numbering 3 Fragments filtering with ACLs 3 Configuration task list 3 Configuring a basic ACL 4 Configuring an IPv4 basic ACL 4 Configuring an IPv6 basic ACL 4 Configuring an advanced ACL 5 Configuring an IPv4 advanced ACL 5 Configuring an IPv6 advanced ACL 6 Configuring an Ethernet frame - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 4
24 Priority maps 24 Priority trust mode on a port 25 Priority mapping process 26 Priority mapping configuration tasks 27 Configuring a priority map 28 Configuring a port to trust packet priority for priority mapping 28 Changing the port priority of an interface 29 Displaying and maintaining - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 5
class-based accounting 77 Configuration procedure 77 Configuration example 78 Network requirements 78 Configuration procedure 78 Configuring data buffers 80 Configuration task list 81 Enabling the Burst function 81 Configuring data buffers manually 82 Configuring the total shared-area - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 6
ranges 85 Time range configuration example 85 Appendix 87 Appendix A Default priority maps 87 Appendix B Introduction to packet precedences 88 IP precedence and DSCP values 88 802.1p priority 89 Support and other resources 91 Contacting HP 91 Subscription service 91 Related information 91 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 7
address, and port number. ACLs are primarily used for packet filtering. "Configuring packet filtering with ACLs. Applications on the switch An ACL is implemented in hardware or software, depending on the number 2000 to 2999 Advanced ACLs 3000 to 3999 IP version IPv4 IPv6 IPv4 IPv6 Ethernet frame - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 8
category IPv4 basic ACL IPv4 advanced ACL IPv6 basic ACL IPv6 advanced ACL Ethernet frame header ACL Sequence of tie breakers 1. VPN instance. 2. More 0s for the destination IPv6 address. 5. Narrower TCP/UDP service port number range. 6. Rule configured earlier. 1. More 1s in the source MAC address - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 9
at least one of the following tasks: • Configuring a basic ACL { Configuring an IPv4 basic ACL { Configuring an IPv6 basic ACL • Configuring an advanced ACL { Configuring an IPv4 advanced ACL { Configuring an IPv6 advanced ACL • Configuring an Ethernet frame header ACL (Optional.) Copying an ACL 3 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 10
config } ] 3. (Optional.) Configure a description for the IPv4 basic description text ACL. 4. (Optional.) Set the rule numbering step. step step-value By default, no ACL exists. IPv4 basic ACLs are numbered in the range of 2000 to 2999. You can use the acl name acl-name command to enter the view - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 11
such as TCP/UDP source and destination port numbers, TCP flags, ICMP message types, and ICMP message codes. Compared to IPv4 basic ACLs, IPv4 advanced ACLs allow more flexible and accurate filtering. To configure an IPv4 advanced ACL: Step 1. Enter system view. Command system-view Remarks N/A 5 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 12
as the TCP/UDP source port number, TCP/UDP destination port number, ICMPv6 message type, and ICMPv6 message code. Compared to IPv6 basic ACLs, IPv6 advanced ACLs allow more flexible and accurate filtering. To configure an IPv6 advanced ACL: Step 1. Enter system view. Command system-view Remarks - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 13
and enter its view. 3. (Optional.) Configure a description for the IPv6 advanced ACL. 4. (Optional.) Set the rule numbering step. Command acl ipv6 number acl-number [ name acl-name ] [ match-order { auto | config } ] description text step step-value Remarks By default, no ACL exists. IPv6 advanced - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 14
Command Remarks By default, IPv6 advanced ACL does not contain any rule. The logging keyword takes effect only when the module (for example, packet filtering) that uses the ACL supports -port operator default, no rule comments are configured. Configuring an Ethernet frame header ACL Ethernet frame - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 15
. You can use the acl name acl-name command to enter the view of a named ACL. 3. (Optional.) Configure a description for the Ethernet frame header ACL. 4. (Optional.) Set the rule numbering step. description text step step-value By default, an Ethernet frame header ACL has no ACL description. The - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 16
center, see Network Management and Monitoring Configuration Guide. To set the interval for generating and outputting packet filtering logs: Step Command Remarks 1. Enter system view. system-view N/A 2. Set the interval for generating The default setting is 0 minutes, and outputting packet - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 17
ACLs. reset packet-filter statistics { global | interface [ interface-type interface-number ] | vlan [ vlan-id ] } { inbound | outbound } [ default | [ ipv6 ] { acl-number | name acl-name } ] ACL configuration example Network requirements A company interconnects its departments through Device - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 18
18:00 on working days. system-view [DeviceA] time-range work 08:00 to 18:00 working-day # Create an IPv4 advanced ACL numbered 3000 and configure three rules in the ACL. One rule permits access from the President's office to the financial database server, one rule permits access from the - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 19
Ping statistics for 192.168.0.100: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), The output shows the database server cannot be pinged. # Display configuration and match statistics for IPv4 advanced ACL 3000 on Device A during the working hours. [DeviceA] display acl 3000 Advanced ACL 3000 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 20
model The best-effort model is a single-service model and is also the simplest service model. In this service model, the network does its best to deliver packets, but does not guarantee delay or reliability. The best-effort service model is the default model in the Internet and applies to most - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 21
a traffic class. Based on traffic classes, you can provide differentiated services. • Traffic policing-Polices flows entering or leaving a device, and can apply traffic policing to both incoming and outgoing traffic of a port. • Traffic shaping-Proactively adapts the output rate of traffic to the - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 22
QoS by using the MQC approach or non-MQC approach. Some features support both approaches, but some support only one. Non-MQC approach In the non-MQC approach, you configure QoS service parameters without using a QoS policy. For example, you can use the rate limit feature to set a rate limit - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 23
list • ip-precedence ip-precedence-list • service-dot1p 8021p-list • source-mac mac- default, no traffic class is configured. By default, no match criterion is configured. Table 2 shows the available match criteria. For more information, see the if-match command in ACL and QoS Command Reference - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 24
-id local-id-value Matches a local QoS ID in the range of 1 to 4095. The switch supports local QoS IDs in the range of 1 to 3999. service-dot1p dot1p-value& Matches the 802.1p priority of the service provider network. The dot1p-value& argument is a list of 802.1p priority values. An 802 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 25
id vlan-id-list source-mac mac-address Description Matches the service provider VLAN IDs (SVLANs). The vlan-id-list argument is Enter system view. 2. Create a QoS policy and enter QoS policy view. Command system-view qos policy policy-name Remarks N/A By default, no QoS policy is configured. 19 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 26
For more information about DCBX, see Layer 2-LAN Switching Configuration Guide. Applying the QoS policy You can apply a QoS Configuring ACLs." To apply the QoS policy to an interface: Step 1. Enter system view. 2. Enter interface view. Command system-view interface interface-type interface-number - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 27
ports. To apply the QoS policy globally: Step 1. Enter system view. 2. Apply the QoS policy globally. Command system-view qos apply policy policy-name global { inbound | outbound } Remarks N/A By default units running most routing and switching protocols and responsible for protocol packet - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 28
inbound Remarks N/A N/A By default, no QoS policy is applied to a control plane. Displaying and maintaining QoS policies Execute display commands in any view and reset commands in user view. Task Display traffic class configuration. Display traffic behavior configuration. Display QoS and ACL - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 29
Task Command Display information about the pre-defined QoS policy applied to the control plane. display qos policy control-plane pre-defined [ slot slot-number ] Clear the statistics of the QoS policy applied in a certain direction of a VLAN. reset qos vlan-policy [ vlan vlan-id ] [ inbound | - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 30
configuration, a device assigns a set of QoS priority parameters to the packet based on either a certain priority field carried in the packet or the port priority of the incoming port drop priority, and user priority, as subsequent packet processing. The switch provides the following priority mapping - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 31
0 to 7 2 8 to 15 0 16 to 23 1 24 to 31 3 32 to 39 4 40 to 47 5 48 to 55 6 56 to 63 7 Queue ID 2 0 1 3 4 5 6 7 • Using the port priority as the 802.1p priority for priority mapping. The port priority is user configurable. 25 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 32
Port priority 0 (default) 1 2 3 4 5 6 7 Local precedence 2 0 1 3 4 5 6 7 Queue ID 2 0 1 3 4 5 6 7 The priority mapping process varies with the priority trust modes. For more information, see the subsequent section. Priority mapping process On receiving an Ethernet packet on a port, the switch - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 33
for an Ethernet packet Receive a packet on a port 802.1p in packets Use port priority as 802 Configuring priority marking." Priority mapping configuration tasks You can modify priority mappings by modifying priority mapping tables, priority trust mode on a port, and port priority. To configure - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 34
for mapping. • Trust no packet priority-Uses the port priority as the 802.1p priority for mapping. To configure the trusted packet priority type on an interface: Step 1. Enter system view. 2. Enter interface view. Command system-view interface interface-type interface-number Remarks N/A N/A 28 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 35
-number 3. Set the port priority of the interface. qos priority priority-value Remarks N/A N/A The default setting is 0 for devices supporting only one port priority type. Displaying and maintaining priority mapping Execute display commands in any view. Task Display priority map configuration - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 36
of Device C is congested. Figure 5 Network diagram Device A Internet XGE1/1/5 XGE1/0/17 XGE1/1/6 Device C Server Device B Configuration procedure # Assign port priority to Ten-GigabitEthernet 1/1/5 and Ten-GigabitEthernet 1/1/6. Make sure that the priority of Ten-GigabitEthernet 1/1/5 is - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 37
to 4. • The management department connects to Ten-GigabitEthernet 1/1/7 of Device, which sets the 802.1p priority of traffic from the management department to 5. Configure port priority, 802.1p-to-local mapping table, and priority marking to implement the plan as described in Table 6. Table - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 38
. [Device] acl number 3000 [Device-acl-adv-3000] rule permit tcp destination-port eq 80 [Device-acl-adv-3000] quit # Create class http and reference ACL 3000 in the class. [Device] traffic classifier http [Device-classifier-http] if-match acl 3000 [Device-classifier-http] quit # Configure a priority - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 39
market [Device-qospolicy-market] quit [Device] interface ten-gigabitethernet 1/1/5 [Device-Ten-GigabitEthernet1/1/5] qos apply policy market inbound # Configure a priority marking policy for the R&D department, and apply the policy to the incoming traffic of Ten-GigabitEthernet 1/1/6. [Device - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 40
number of tokens in the bucket is enough for forwarding the packets, the traffic conforms to the specification, and is called "conforming traffic." Otherwise, the traffic does not conform to the specification, and is called "excess traffic." A token bucket has the following configurable parameters - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 41
P does not have enough tokens, packets are colored red. You can configure traffic control policies for packets of different colors by using the traffic policing feature. Traffic policing Traffic policing supports policing the inbound traffic and the outbound traffic. A typical application of traffic - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 42
if the evaluation result is "conforming." Priorities that can be re-marked include 802.1p priority, DSCP precedence, and local precedence. GTS GTS supports shaping the outbound traffic. GTS limits the outbound traffic rate by buffering exceeding traffic. You can use GTS to adapt the traffic output - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 43
Rate limit Rate limit supports controlling the rate of inbound Configure match criteria. if-match match-criteria Remarks N/A By default, no traffic class is configured. By default, no match criterion is configured. For more information about the if-match command, see ACL and QoS Command Reference - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 44
QoS policy to the control plane display traffic behavior user-defined [ behavior-name ] N/A Choose one of the application destinations as needed. By default, a QoS policy is not applied. Available in any view. Configuring GTS The switch supports configuring queue-based GTS by using the non-MQC - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 45
on an interface. display qos lr interface [ interface-type interface-number ] For more information about the display qos-acl resource command, see ACL and QoS Command Reference. Traffic policing and traffic shaping configuration example Network requirements As shown in Figure 11: • Ten - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 46
to 102400 kbps and drop the excess traffic. Figure 11 Network diagram Configuration procedures 1. Configure Device A: # Configure ACL 2001 and ACL 2002 to match traffic from Server and Host A, respectively. system-view [DeviceA] acl number 2001 [DeviceA-acl-basic-2001] rule permit source - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 47
1/1/5 [DeviceA-Ten-GigabitEthernet1/1/5] qos apply policy car inbound 2. Configure Device B: # Configure advanced ACL 3001 to match HTTP traffic. system-view [DeviceB] acl number 3001 [DeviceB-acl-adv-3001] rule permit tcp destination-port eq 80 [DeviceB-acl-adv-3001] quit # Create - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 48
# Apply the QoS policy car_inbound to the incoming traffic of port Ten-GigabitEthernet 1/1/5. [DeviceB] interface Ten-GigabitEthernet 1/1/5 [DeviceB-Ten Apply the QoS policy car_outbound to the outgoing traffic of port Ten-GigabitEthernet 1/1/6. [DeviceB] interface Ten-GigabitEthernet 1/1/6 [DeviceB - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 49
Configuring congestion in switched networks and multi-user application environments. To improve the service performance port. The switch supports the following congestion management techniques. SP queuing SP queuing is designed for mission-critical applications that require preferential service - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 50
Figure 13, SP queuing classifies eight queues on a port into eight classes, numbered 7 to 0 in descending priority order. SP queuing a high priority queue to make sure they are always served first, and common service packets to the low priority queues to be transmitted when the high priority queues - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 51
of resources assigned to the queue. The switch implements the weight of a queue by scheduling a certain number of bytes (byte-count WRR) or packets (packet-based WRR) for that queue. Take byte-count WRR as an example: On a 10 Gbps port, you can configure the weight values of WRR queuing to - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 52
1. Enter system view. 2. Enter interface view. Command system-view interface interface-type interface-number 3. Configure SP queuing. qos sp Remarks N/A N/A The default queuing algorithm on an interface is WRR queuing. Configuration example Configure Ten-GigabitEthernet 1/1/5 to use SP queuing - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 53
system view. 2. Enter interface view. 3. (Optional.) Enable WRR queuing. 4. Configure group-based WRR queuing. Command Remarks system-view N/A interface interface-type interface-number N/A qos wrr { byte-count | weight } The default queuing algorithm on an interface is byte-count WRR queuing - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 54
Step 3. Enable WFQ queuing. 4. Configure a WFQ queue. 5. (Optional.) Configure the minimum guaranteed bandwidth for a WFQ queue. Command Remarks qos wfq { byte-count | weight } The default queuing algorithm on an interface is WRR queuing. qos wfq queue-id group { 1 | 2 } { byte-count | weight } - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 55
SP+WRR queuing Configuration procedure To configure SP+WRR queuing: Step Command 1. Enter system view. system-view 2. Enter interface view. interface interface-type interface-number 3. Enable WRR queuing on the qos wrr { byte-count | port. weight } 4. Assign a queue to the SP queue - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 56
WFQ queuing. interface interface-type interface-number Use either command. Settings in interface view take effect on the current interface. Settings in port group view take effect on all ports in the port group. qos wfq [ byte-count | weight ] The default queuing algorithm on an interface is - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 57
and maintaining congestion management Execute display commands in any view. Task Display SP queuing configuration. Display WRR queuing configuration. Display WFQ queuing configuration. Command display qos sp interface [ interface-type interface-number ] display qos wrr interface [ interface-type - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 58
received packets are dropped based on the user-configured drop probability. If the current queue size is compared with the upper threshold and lower threshold to determine the drop policy, burst traffic is not fairly treated. To solve this problem - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 59
to identify and mark the ECN fields of packets for a specific queue. Configuring and applying a WRED table The switch supports the queue-based WRED table. That is, you can configure separate drop parameters for different queues. When congestion occurs, packets of a queue are randomly dropped based - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 60
on the user-configured drop Command system-view qos wred queue table table-name queue queue-value weighting-constant exponent Remarks N/A N/A The default setting is 9. 4. (Optional.) Configure number N/A 7. Apply the WRED table to the interface. qos wred apply [ table-name ] By default - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 61
information about a WRED table or all WRED tables. Command display qos wred table [ name table-name ] [ slot slot-number ] WRED configuration example Network requirements Apply a WRED table to interface Ten-GigabitEthernet 1/1/6, so that the packets are dropped as follows when congestion - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 62
[Sysname-Ten-GigabitEthernet1/1/6] qos wred apply queue-table1 [Sysname-Ten-GigabitEthernet1/1/6] quit 56 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 63
the QoS policy to a VLAN • Applying the QoS policy globally display traffic behavior user-defined [ behavior-name ] N/A By default, no traffic behavior is configured. By default, no traffic filtering action is configured. If a traffic behavior has the filter deny action, all the other actions - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 64
traffic filtering to filter the packets with port 21 as the source port and received on Ten-GigabitEthernet 1/1/5. Figure 16 Network diagram Configuration procedure # Create advanced ACL 3000, and configure a rule to match packets whose source port number is 21. system-view [DeviceA] acl - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 65
configuring different traffic control polices for packets in different colors, you can provide differentiated services for different traffic flows and ensure that the network resources are well utilized. The device supports the number of tokens in the token buckets. The device supports coloring - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 66
classifier-name [ operator { and By default, no traffic class | or } ] is configured. if-match match-criteria By default, no match criterion is configured. For more information about the if-match command, see ACL and QoS Command Reference. quit N/A traffic behavior behavior-name By - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 67
Remarks Use one or more of the commands. • Set the DSCP value for packets: remark [ green | red | yellow ] dscp dscp-value By default, no priority marking action is configured. • Set the 802.1p priority for packets or The switch supports local configure the inner-to-outer tag priority QoS - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 68
] rule permit ip destination 192.168.0.1 0 [Device-acl-adv-3000] quit # Create advanced ACL 3001, and configure a rule to match packets with destination IP address 192.168.0.2. [Device] acl number 3001 [Device-acl-adv-3001] rule permit ip destination 192.168.0.2 0 [Device-acl-adv-3001] quit # Create - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 69
Device-classifier-classifier_fserver] if-match acl 3002 [Device-classifier-classifier_fserver] quit # Create a traffic behavior named behavior_dbserver, and configure the action of setting the local precedence value to 4. [Device] traffic behavior behavior_dbserver [Device-behavior-behavior_dbserver - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 70
1. Limit the upstream traffic of the administration department and R&D department: # Configure IPv4 basic ACL 2001 to match the outgoing traffic of the administration department. system-view [SwitchA] acl number 2001 [SwitchA-acl-basic-2001] rule permit source 192.168.1.0 0.0.0.255 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 71
to match the outgoing traffic of the sub-department 1 of the marketing department. [SwitchA] acl number 2003 [SwitchA-acl-basic-2003] rule permit source 192.168.3.0 0.0.0.255 [SwitchA-acl-basic-2003] quit # Configure IPv4 basic ACL 2004 to match the outgoing traffic of the sub-department 2 of the - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 72
[SwitchA-classifier-marketing_car] if-match qos-local-id 100 [SwitchA-classifier-marketing_car] quit # Create behavior marketing_car, and configure traffic policing to limit the traffic rate to 204800 kbps. [SwitchA] traffic behavior marketing_car [SwitchA-behavior-marketing_car] car cir 204800 [ - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 73
criteria, see the if-match command in ACL and QoS Command Reference. N/A By default, no traffic behavior exists. By default, no VLAN tag adding action is configured for a traffic behavior. N/A By default, no QoS policy exists. By default, no class-behavior association is configured for a QoS policy - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 74
service of a service provider. The service provider assigns VLAN 100 to the two sites. Configure nesting, so that the two branches can communicate through the service -qospolicy-test] quit # Configure the downlink port Ten-GigabitEthernet 1/1/5 as a hybrid port, and assign the port to VLAN 100 as an - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 75
policy test to the incoming traffic of the downlink port Ten-GigabitEthernet 1/1/5. [PE1-Ten-GigabitEthernet1/1/5] qos apply policy test inbound [PE1-Ten-GigabitEthernet1/1/5] quit # Configure the uplink port Ten-GigabitEthernet 1/1/6 as a trunk port, and assign it to VLAN 100. [PE1] interface ten - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 76
, see the if-match command in ACL and QoS Command Reference. quit N/A traffic behavior behavior-name By default, no traffic behavior exists. redirect { cpu | interface interface-type interface-number } quit By default, no traffic redirecting action is configured for a traffic behavior. The - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 77
Create a QoS policy and enter QoS policy view. Command qos policy policy-name 9. Associate the traffic class with configuration information. display traffic behavior user-defined [ behavior-name ] Remarks By default, no QoS policy exists. By default, no class-behavior association is configured - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 78
-acl-basic-2000] rule permit source 2.1.1.1 0 [DeviceA-acl-basic-2000] quit # Create basic ACL 2001, and configure a rule to match packets with source IP address 2.1.1.2. [DeviceA] acl number 2001 [DeviceA-acl-basic-2001] rule permit source 2.1.1.2 0 [DeviceA-acl-basic-2001] quit # Create a traffic - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 79
[DeviceA] interface ten-gigabitethernet 1/0/1 [DeviceA-Ten-GigabitEthernet1/0/1] qos apply policy policy inbound 73 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 80
red action | yellow action ] * By default, no aggregate CAR action is configured. traffic behavior behavior-name N/A car name car-name N/A Displaying and maintaining aggregate CAR Execute display commands in any view and reset commands in user view. Task Display statistics for aggregate CAR - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 81
21 Network diagram Configuration procedure # Configure an aggregate CAR according to the rate limit requirements. system-view [Device] qos car aggcar-1 aggregative cir 2560 cbs 20000 red discard # Create class 1 to match traffic of VLAN 10. Create behavior 1 and reference the aggregate CAR - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 82
[Device] interface ten-gigabitethernet 1/1/5 [Device-Ten-GigabitEthernet1/1/5]qos apply policy car inbound 76 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 83
is enter traffic class view. { and | or } ] configured. 3. Configure match criteria. if-match match-criteria By default, no match criterion is configured. For more information about the if-match command, see ACL and QoS Command Reference. 4. Return to system view. 5. Create a traffic behavior - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 84
. Display traffic accounting configuration. Command • display qos policy control-plane slot slot-number [ inbound | outbound ] • display qos policy global [ slot slot-number ] [ inbound | outbound ] • display qos policy interface [ interface-type interface-number ] [ inbound | outbound ] • display - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 85
-GigabitEthernet1/1/5] qos apply policy policy inbound [DeviceA-Ten-GigabitEthernet1/1/5] quit # Display traffic statistics to verify the configuration. [DeviceA] display qos policy interface ten-gigabitethernet 1/1/5 Interface: Ten-GigabitEthernet1/1/5 Direction: Inbound Policy: policy Classifier - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 86
into queues, each of which is equally divided by all the interfaces on a switch, as shown in Figure 24. When congestion occurs: a. An interface first uses the actual shared-area space for each queue according to user configuration and the number of packets actually sent. If a queue is not full - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 87
function or manually. If you have configured data buffers in one way, delete the configuration before using the other way. Otherwise, the new configuration does not view. 2. Enable the Burst function. Command system-view burst-mode enable Remarks N/A By default, the Burst function is disabled. 81 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 88
. When you manually configure data buffers, flow control and priority-based flow control (PFC) might fail to operate correctly. For more information about flow control and PFC, see Layer 2-LAN Switching Configuration Guide. The switch only supports configuring cell resources. Configuring the total - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 89
view. 2. Set the fixed-area ratio for a specific queue. Command Remarks system-view N/A buffer egress [ slot slot-number ] cell queue The default setting is 13% queue-id guaranteed ratio ratio for all queues. Applying data buffer configuration Perform this task to apply the data buffer - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 90
Displaying and maintaining data buffers Execute display commands in any view. Task Display data buffer configuration. Command display buffer [ slot slot-number ] [ queue [ queue-id ] ] 84 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 91
a time range to them. If a time range does not exist, the service based on the time range does not take effect. The following basic types of the time range Configuration procedure To configure a time range: Step 1. Enter system view. 2. Create or edit a time range. Command Remarks system- - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 92
] time-range work 08:00 to 18:00 working-day from 00:00 6/1/2011 to 24:00 12/31/2011 # Create an IPv4 basic ACL numbered 2001, and configure a rule in the ACL to permit only packets from 192.168.1.2/32 during the time range work. [DeviceA] acl - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 93
-lp and dot1p-dp priority maps Input priority value dot1p 0 1 2 3 4 5 6 7 dot1p-lp map lp 2 0 1 3 4 5 6 7 dot1p-dp map dp 0 0 0 0 0 0 0 0 Table 9 Default dscp-dp and dscp-dot1p priority maps Input priority value dscp 0 to 7 8 to 15 16 to 23 24 to 31 32 to 39 40 to - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 94
7 DS-Field (for IPv4,ToS octet,and for IPv6,Traffic Class octet ) DSCP Class Selector codepoints CU Currently Unused IP Type of Service (ToS) RFC 791 Differentiated Services Codepoint (DSCP) RFC 2474 As shown in Figure 26, the ToS field in the IP header contains 8 bits. The first 3 bits (0 to - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 95
af43 cs1 cs2 cs3 cs4 cs5 cs6 cs7 be (default) 802.1p priority 802.1p priority lies in the Layer 2 header and applies to occasions where Layer 3 header analysis is not needed and QoS must be assured at Layer 2. Figure 27 An Ethernet frame with an 802.1Q tag header As shown in - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 96
Table 12 Description on 802.1p priority 802.1p priority (decimal) 0 1 2 3 4 5 6 7 802.1p priority (binary) 000 001 010 011 100 101 110 111 Description best-effort background spare excellent-effort controlled-load video voice network-management 90 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 97
Acronyms. Websites • HP.com http://www.hp.com • HP Networking http://www.hp.com/go/networking • HP manuals http://www.hp.com/support/manuals • HP download drivers and software http://www.hp.com/support/downloads • HP software depot http://www.software.hp.com • HP Education http://www.hp.com/learn 91 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 98
Command conventions Convention Boldface Italic [ ] { x | y | ... } [ x | y | ... ] { x | y | ... } * [ x | y | ... ] * & # Description Bold text represents commands bold text. For example, the New User window appears; click OK. Multi-level or damage to hardware or software. An alert that calls - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 99
wired-WLAN switch. Represents an access point. Represents a security product, such as a firewall, a UTM, or a load-balancing or security card that is installed in a device. Represents a security card, such as a firewall card, a load-balancing card, or a NetStream card. Port numbering in examples - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 100
, 9 displaying, 10 Ethernet frame header configuration, 8 IPv4 advanced configuration, 5 IPv4 basic configuration, 4 IPv6 advanced configuration, 6 IPv6 basic configuration, 4 maintaining, 10 match order, 2 naming, 1 numbering, 1 packet filtering configuration, 10 packet filtering default action, 10 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 101
configuration, 60 traffic policing, 59 configuring ACL packet filtering, 10 ACLs, 1, 3, 11 advanced ACL, 5 basic ACL, 4 color-based priority marking, 60 data buffer, 80 data buffer shared-area ratio, 82 data buffers, 81 data buffers manually, 82 Ethernet frame , 16 QoS port priority, 30 QoS priority - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 102
(setting maximum shared-area ratio), 82 shared-area ratio configuration, 82 default action ACL packet filtering, 10 defining QoS policy, 19 QoS avoidance, 53 enabling data buffer burst function, 81 Ethernet frame header ACL category, 1 configuration, 8 evaluating QoS traffic, 34 QoS traffic with - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 103
configuration, 4 ACL configuration, 11 ACL copying, 9 ACL Ethernet frame header configuration, 8 ACL IPv4 advanced configuration, 5 ACL IPv4 basic configuration, 4 ACL IPv6 advanced configuration, 6 ACL IPv6 basic configuration, 4 ACL packet filtering configuration, 10 ACL packet filtering default - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 104
QoS overview, 14 QoS policy configuration, 16 QoS port priority configuration, 30 QoS priority mapping configuration, 24 QoS priority mapping table+priority marking configuration, 30 QoS priority marking configuration, 59, 71 QoS rate limit configuration, 34 QoS service models, 14 QoS techniques, 15 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 105
buffers, 81 configuring data buffers manually, 82 configuring Ethernet frame header ACLs, 8 configuring GTS, 38 configuring IPv4 advanced ACLs, 5 configuring IPv4 basic ACLs, 4 configuring IPv6 advanced ACLs, 6 configuring IPv6 basic ACLs, 4 configuring port priority, 30 configuring priority marking - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 106
ratio for data buffer queue, 82 Q QoS ACL basic configuration, 4 ACL configuration, 1, 3 aggregate CAR configuration, 74, 74, 74 Appendix A (Default priority maps), 87 Appendix B (Packet precedence), 88 best-effort service model, 14 complicated traffic evaluation with token bucket, 34 congestion - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 107
, 26 priority mapping table+priority marking configuration, 30 priority mapping trusted port packet priority, 28 priority mapping user priority, 24 priority marking configuration, 59, 71 priority trust mode, 25 rate limit, 37 rate limit configuration, 34, 39 service models, 14 SP+WFQ queuing, 45 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 108
naming, 1 ACL numbering, 1 S security ACL configuration, 1, 3 service QoS best-effort service model, 14 QoS congestion avoidance configuration, 52 QoS congestion management configuration, 43 QoS DiffServ service model, 14 QoS IntServ service model, 14 QoS models, 14 QoS nesting configuration, 67, 68 - HP 6125XLG | R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 109
common CAR, 59 drop precedence, 59 drop precedence mapping, 59 priority marking configuration, 60 token bucket, 34 trusted port packet priority (QoS), 28 U user QoS priority mapping user priority, 24 V VLAN QoS nesting configuration, 67, 68 QoS policy application, 20 QoS policy VLAN application, 21
HP 6125XLG Blade Switch
ACL and QoS
Configuration Guide
Part number: 5998-3722
Software version: Release 2306
Document version: 6W100-20130912