Scribd
Upload
73 views50 pages

Add05 IP - NAST3052 - E01 - 1-ZXR10 8900E QoS Configuration (V3.02.01) - 50p

Uploaded by

Samson tsegaye
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
73 views50 pages

Add05 IP - NAST3052 - E01 - 1-ZXR10 8900E QoS Configuration (V3.02.01) - 50p

Uploaded by

Samson tsegaye
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 50

ZXR10 8900E QoS

Configuration&Operation-
V3.02.01
Objectives

n Through learning this Course, you may


l Master Port QoS configuration of ZXR10 8900E

l Master Flow QoS configuration of ZXR10 8900E

2
Contents

n Port QoS Overview


n Port QoS Configuration
n Port QoS Configuration Example
n Flow QoS Overview
n Flow QoS Configuration
n Flow QoS Configuration example

3
Port QoS Introduction
Port QoS is one part of the QoS function, which is QoS
sub-module configured based on the port. The main
functions are as follows:
•Traffic limit: limit traffic rate of the certain port

•Traffic shaping: limit rate of the packets sent from the port

•Queue Scheduling: schedule queues of the port when congestion occurs

•Tail drop: drop packet in accordance with color on the egress of a queue

•DSCP mapping: set the new DSCP/Priority/Drop Priority of the received packets

•Bandwidth Restriction: set the Max/Min bandwidth for queue when network
congestion occurs

•Weighted Random Early Detection(WRED): avoid congestion by randomly


dropping packets without TCP synchronization
© ZTE All rights reserved 4
Basic Concepts of Port QoS for ZXR10 8900E
lPacket Priority
The received tagged frames’802.1p value is packet priority.
Packet priority is also called CoS.

lCoS Queue
Each physical port of ZXR10 8900E supports 8 output queues (queue 0-
7), which are called CoS queues.
When packets are sent from one physical port, packets will be pushed
into queues according to cos-local-map table and queue scheduling will
be performed in case that traffic congestion occurs.

lLocal Priority
When packets are received from one input port, we will configure one
cos-local-map table on this input port, which provide the mapping
relationship between packet priority(CoS) and local priority(CoS queue).
It means the value of local priority is just the value of CoS queue ID.
Local priority determines which CoS queue of output port the packet will
be pushed into.
© ZTE All rights reserved 5
Basic Concepts of Port QoS for ZXR10 8900E
lDefault Priority
If the received frame is untagged, the input physical port has one
configured priority, which is called default priority, and it will be the
untagged frame’s local priority.
According to cos-local-map table, we can also find the untagged
frame’s packet priority(CoS).

lDrop Priority
When packets are received from one input port, we will configure one
cos-drop-map table on this input port, which provide the mapping
relationship between packet priority(CoS) and drop priority(3 values,
0=green, 1=yellow, 2=red).
With drop priority, packets will be dropped according to their color(drop
priority value 2 red will be firstly dropped), following the configured
drop rules when queue congestion occurs.

© ZTE All rights reserved 6


Contents

n Port QoS Overview


n Port QoS Configuration
n Port QoS Configuration Example
n Flow QoS Overview
n Flow QoS Configuration
n Flow QoS Configuration example

7
Configuration Guide of Port QoS-1
n Traffic limit configuration
ZXR10(config)# pm-qos

ZXR10(config-pm-qos)# traffic-limit <interface> rate-limit <1-40000000> bucket-


size <1-4096>

n Traffic shaping configuration


ZXR10(config-pm-qos)# traffic-shape <interface> data-rate <64-40000000>
burst-size <1-4096>

• Traffic limit is configured on ingress port.


• Traffic shaping is configured on egress port.
• When configuring traffic limit without ACL associated, the exceeded traffic over
the committed rate will be dropped by default.
• When configuring traffic limit with ACL associated, the exceeded traffic over the
committed rate will be dropped or forwarded, or remarked(DSCP/drop priority
will be modified).

© ZTE All rights reserved 8


Configuration Guide of Port QoS-2
n Queue scheduling configuration

ZXR10(config-pm-qos)# queue-mode <interface> {wrr <0-7> <1-255> | dwrr <0-


7> <1-4080>}

n Default Priority configuration

ZXR10(config-pm-qos)# priority <interface> <0-7>

• There are 3 types of queue scheduling algorithm, SP, WRR and DWRR. The
default queue scheduling algorithm is SP.
• Queue scheduling is configured for the egress port.
• When configuring default priority for the port, the value <0-7> is the default
local priority for received untagged frame.
• Default priority is configured for the ingress port.

© ZTE All rights reserved 9


Configuration Guide of Port QoS-3
n Drop Priority configuration

ZXR10(config-pm-qos)# cos-drop-map <0-2> <0-2> <0-2> <0-2> <0-2> <0-2>


<0-2> <0-2>
ZXR10(config-pm-qos)# trust-cos-dp-map <interface> {enable | disable}

n Local Priority configuration


ZXR10(config-pm-qos)# cos-local-map <0-7> <0-7> <0-7> <0-7> <0-7> <0-7>
<0-7> <0-7>
ZXR10(config-pm-qos)# trust-cos-lp-map <interface> {enable | disable}

• Cos-drop-map is the map table between packet priority and drop priority.
• <0-2>is the drop priority value(0=green, low priority, 1=yellow, middle priority,
2=red, high priority), which is configured to map packet priority from cos 0 to
cos7.
• Drop priority is configured for the ingress port.
• Cos-local-map is the map table between packet priority and local priority.
• <0-7>is the local priority value, which is configured to map packet priority from
cos 0 to cos7.
• Local priority is configured for the ingress port.

© ZTE All rights reserved 10


Configuration Guide of Port QoS-4
n Tail drop configuration

ZXR10(config-pm-qos)# tail-drop <0-4> queue-id <0-7><1-255><1-255><1-255>


ZXR10(config-pm-qos)# drop-mode <interface> tail-drop <0-4>

• Tail drop is configured for the egress port.


• Totally 5 tail drop sessions can be configured, and in each session, different tail
drop policy can be configured for different queues.
• When configuring tail drop, there are 3 parameters for a certain queue, the 1st
<1-255> is total drop threshold, the 2nd <1-255> is yellow packet drop
threshold, the 3rd <1-255> is red packet drop threshold.
• When the queue length exceeds total drop threshold, all new arriving packets
will be dropped.
• When the queue length exceeds yellow packet drop threshold, yellow packets
will be dropped at a set rate. The yellow packets are defined by drop priority at
the ingress port.
• When the queue length exceeds red packet drop threshold, all red packets will
be dropped. The red packets are defined by drop priority at the ingress port.
• The value of yellow packet drop threshold and red packet drop threshold must
be less than the value of total drop threshold, and yellow packet drop threshold
can be less or more than red packet drop threshold.
© ZTE All rights reserved 11
Configuration Guide of Port QoS-5
n DSCP mapping configuration
ZXR10(config-pm-qos)# confrom-dscp <0-63><0-63><0-7><0-2>
ZXR10(config-pm-qos)# trust-dscp <interface> {enable | disable}

• DSCP mapping is configured for the ingress port.


• When configuring DSCP mapping policy,
the 1st <0-63> is the original DSCP value carried by the received packets,
the 2nd <0-63> is the new remarked DSCP value carried by the received packets,
<0-7> is the new remarked packet priority value(CoS) carried by the received
packets,
<0-2> is the drop priority value carried by the received packets.
• When enabling DSCP mapping for a certain ingress port, by default, the DSCP value
of the received packets is not changed, the packet priority value will be DSCP/8, and
drop priority value will be 0.

© ZTE All rights reserved 12


Configuration Guide of Port QoS-6
n Bandwidth limit configuration
ZXR10(config-pm-qos)# traffic-shape <interface> queue <0-7> min-gua-
datarate <64-40000000> max-datarate-limit<64-40000000>

n WRED configuration
ZXR10(config-pm-qos)# wred <interface><0-7>{ byte-type | packet-
type }{[ green < green-min-thrd><green-max-thrd><green-drop-rate>]|[ yellow
< yellow-min-thrd><yellow-max-thrd><yellow-drop-rate>]|[ red < red-min-
thrd><red-max-thrd><red-drop-rate>]|[ non-tcp < non-tcp-min-thrd><non-tcp-
max-thrd><non-tcp-drop-rate>]} weight <0-15>[cap-average ]

• Bandwidth limit is configured for a certain queue of the egress port.


• When configuring bandwidth limit, there are 2 parameters configured, minimum
bandwidth(min-gua-datarate) and maximum bandwidth(max-datarate-limit), and
the bandwidth obtained by the certain queue is shown as the formula:
min-bandwidth ≤ obtained bandwidth ≤ max-bandwidth
• WRED is configured for a certain queue of the egress port.

© ZTE All rights reserved 13


Maintaining the Port QoS
To maintain the port QoS on the ZXR10 8900E, run the
following commands:

ZXR10#show running-config pm-qos | include conform-dscp


ZXR10#show running-config pm-qos | include trust-dscp
ZXR10#show running-config pm-qos | include priority
ZXR10#show running-config pm-qos | include queue-mode
ZXR10#show running-config pm-qos | include traffic-limit
ZXR10#show running-config pm-qos | include traffic-shape
ZXR10#show running-config pm-qos | include cos-local-map
ZXR10#show running-config pm-qos | include trust-cos-lp-map
ZXR10#show running-config pm-qos | include cos-drop-map
ZXR10#show running-config pm-qos | include trust-cos-dp-map
ZXR10#show running-config pm-qos | include tail-drop

© ZTE All rights reserved 14


Contents

n Port QoS Overview


n Port QoS Configuration
n Port QoS Configuration Example
n Flow QoS Overview
n Flow QoS Configuration
n Flow QoS Configuration example

15
Port QoS Configuration Example
As the figure shown,
Network A, Network B,
and internal servers are
connected to an Ethernet
switch.
Internal servers include a
VOD server.
To ensure QoS of VOD, a
higher priority is needed
for the VOD server.
Internal users can access
the Internet through a
proxy.
However, the bandwidths
of Network A and B must
be limited.

© ZTE All rights reserved 16


Port QoS Configuration Example
Configuration Steps:

1. Suppose the interface directly connecting the Internet and


router is gei-0/1/0/24, the traffic through the interface must be
limited or shaped in both out and in directions.

2. Suppose the interface directly connecting the VOD and internal


switch is gei-0/1/0/4. To improve the priority of VOD messages,
DSCP mapping is needed on the interface. And the DSCP of VOD
messages must be increased (suppose the original DSCP of VOD
messages is 20) to reduce the drop priority.

3. Increase the local priority of VOD messages on gei-0/1/0/1-2.

4. Perform strict priority scheduling on gei-0/1/0/1-2.

© ZTE All rights reserved 17


Port QoS Configuration Example
Configuration on the switch:

ZXR10(config)#pm-qos

ZXR10(config-pm-qos)#traffic-limit gei-0/1/0/24 rate-limit 2000 bucket-size 300

ZXR10(config-pm-qos)#traffic-shape gei-0/1/0/24 data-rate 2000 burst-size 300

ZXR10(config-pm-qos)#conform-dscp 20 63 7 0

ZXR10(config-pm-qos)#trust-dscp gei-0/1/0/4 enable

ZXR10(config-pm-qos)#cos-local-map 0 1 1 2 2 3 5 7

ZXR10(config-pm-qos)#trust-cos-lp-map gei-0/1/0/1

ZXR10(config-pm-qos)#trust-cos-lp-map gei-0/1/0/2

© ZTE All rights reserved 18


Contents

n Port QoS Overview


n Port QoS Configuration
n Port QoS Configuration Example
n Flow QoS Overview
n Flow QoS Configuration
n Flow QoS Configuration example

19
Flow QoS Introduction
Flow QoS, also called traffic-based QoS, has the following
functions:

•Flow Classification: classify, define, and describe the packet that passes through
a switch based on ACL

•Traffic limit: discard the traffic or change priority of traffic when traffic
bandwidth exceeds committed rate

•Hierarchical meter: set traffic limit for both MICRO METER and MACRO METER

Policy Routing: use redirect to change transmission direction of packets and


export traffics to the specific port, CPU or next-hop IP address

Priority Mark: reassign a set of service parameters to specific traffic described in


the ACL

•Traffic Mirroring: copy a service flow matching the ACL rule to the CPU or
specific port to analyze and monitor packets

•Traffic Statistics : sum up packets of the specific service flow


© ZTE All rights reserved 20
Contents

n Port QoS Overview


n Port QoS Configuration
n Port QoS Configuration Example
n Flow QoS Overview
n Flow QoS Configuration
n Flow QoS Configuration example

21
Flow QoS Configuration-1
n Traffic limit configuration

ZXR10(config)# pm-qos
ZXR10(config-pm-qos)# traffic-limit-acl {ipv4-access-list | ipv4-mix | ipv6-access-list
| link-acl | ipv6-mix} < ACL-name> rule-id < rule-id> cir < cir-value> cbs <cbs-value>
{ [eir < eir-value> ebs < ebs-value>] | [ebs <ebs-value>] | [pir < pir-value> pbs <
pbs-value>] } mode {blind | aware} [drop-yellow] [forward-red] [remark-red-dp
<high | low | medium>] [remark-red-dscp<0-63>] [remark-yellow-dp <high | low |
medium>] [remark-yellow-dscp<0-63>]

• When the ACL is bounded to the ingress & egress of VLAN or Smartgroup, the
traffic limit command does not take effect.
• The ModifyTrTCM algorithm only takes effect on H-series line card, S1 line card
and S2 line card.
• When the rate of the egress is limited, the drop-yellow, remark-red-dp and
remark-yellow-dp configuration do not take effect.

© ZTE All rights reserved 22


Flow QoS Configuration-2
n Hierarchy Meter configuration

ZXR10(config-pm-qos)# traffic-macro-flow <macro-meter-name> cir <0-100000000>


cbs <0-16000> mode {band-borrow | band-limit }

ZXR10(config-pm-qos)# traffic-micro-flow {ipv4-access-list| ipv4-mix| ipv6-access-


list|link-acl|ipv6-mix}< ACL-name> rule-id <rule-id> cir < 0-100000000> cbs < 0-
16000> macro-flow <macro-meter-name> [forward-red] [remark-red-dscp<0-
63>][remark-red-dp <high | low | medium>]

• The hierarchical meter only supports red color and green color.
• The hierarchical meter only takes effect on H2-series line card, S1 line card, S2GF24A,
S2GF48A and S2GT48A line card.
• The hierarchical meter command only takes effect on the ingress.
• The hierarchical meter does not take effect on the ACL that is bounded to the vlan or
Smartgroup.
• The macro-meter port shared by the hierarchical meter must be in the same chip. For
a line card with two chips, the first half of the ports and the last half of the ports
usually belong to two chips, so you must be cautious during the configuration.

© ZTE All rights reserved 23


Flow QoS Configuration-3
n Policy Routing configuration

ZXR10(config-pm-qos)# redirect in {ipv4-access-list|ipv4-mix| ipv6-access-list| link-


acl|ipv6-mix}< ACL-name> rule-id < rule-id> { cpu | interface <interface> | {next-
hop [vrf <vrf-name>]< X.X.X.X>} | {next-hop-ipv6 [vrf <vrf-name>] <X:X::X:X>}

n Traffic Mirroring configuration

ZXR10(config-pm-qos)# traffic-mirror in {ipv4-access-list|ipv4-mix| ipv6-access-list|


link-acl|ipv6-mix }< ACL-name> rule-id < rule-id> { cpu | interface <interface>}

• When configuring policy routing, the out-vlanID command in the priority mark
configuration is conflicted with next-hop or next-hop-ipv6 in the policy routing
commands. When two commands are configured at the same time, the packet is
only redirected to next-hop or next-hop-ipv6. In this case, the remark out-vlanID
command becomes invalid.
• Policy routing configuration only takes effect on the ingress.
• When configuring traffic mirroring, the traffic mirroring supports four destination
ports at most, and these four destination ports are shared by the port mirroring.

© ZTE All rights reserved 24


Flow QoS Configuration-4
n Priority Mark configuration

ZXR10(config-pm-qos)# priority-mark {ipv4-access-list | ipv4-mix | ipv6-access-list |


link-acl | ipv6-mix}< ACL-name> rule-id < rule-id> {[cos <0-7>] | [local-precedence
<0-7>]} [drop-precedence <high | low | medium>] {[dscp <0-63>] | [precedence
<0-7>]} [out-vlanID <1-4094>]

n Traffic Statistics configuration

ZXR10(config-pm-qos)# traffic-statistics {ipv4-access-list | ipv4-mix | ipv6-access-


list | link-acl | ipv6-mix} < ACL-name> rule-id < rule-id> pkt-type [all | green | red |
yellow ] statistics-type [byte | packet]

• When configuring priority mark, only CoS and DSCP remark are supported on the
egress direction, and other remark will not take effect on the egress.
• The statistics based on bytes only takes effect on the ingress. In this case, the traffic
statistics type on the egress must be set to packet. Otherwise, the configuration
does not take effect.

© ZTE All rights reserved 25


Contents

n Port QoS Overview


n Port QoS Configuration
n Port QoS Configuration Example
n Flow QoS Overview
n Flow QoS Configuration
n Flow QoS Configuration example

26
Traffic Limit and Statistics Configuration Example
As the figure shown,
Network A, Network B,
and internal servers are
connected to an Ethernet
switch.
Internal servers include a
VOD server with IP
address 192.168.4.70.
To ensure QoS of VOD, a
higher priority is needed
for the VOD server.
Internal users can access
the Internet through a
proxy 192.168.3.100.
However, the bandwidths
of Network A and B must
be limited and traffic
statistics are required.

© ZTE All rights reserved 27


Traffic Limit and Statistics Configuration Example
Configuration Steps:

1. Configure an ACL for traffic classification. According to the


current requirement, the traffic classification must be done on the
basis of the destination IP address, so the IPv4-access-list is
required. To perform statistics on the traffic of two departments,
an ACL rule must be configured.

2. To ensure the QoS of the VOD, configure a priority and allocate


a higher priority to the VOD.

3. Configure the traffic limit, and restrict the bandwidth of the


traffic that accesses the 192.168.3.100 agent.

4. Configure traffic statistics, and perform statistics on the traffic


that accesses the 192.168.3.100 agent.

© ZTE All rights reserved 28


Traffic Limit and Statistics Configuration Example
Configuration on the switch:
/*Configuring ACL rule*/
ZXR10(config)#ipv4-access-list managerA
ZXR10(config-ipv4-acl)#rule 10 permit tcp any 192.168.4.70 0.0.0.0
ZXR10(config-ipv4-acl)#rule 20 permit ip any 192.168.3.100 0.0.0.0
ZXR10(config-ipv4-acl)#rule permit any
ZXR10(config-ipv4-acl)#exit
/*Binding the interface of network A*/
ZXR10(config)#ipv4-access-group interface gei-0/1/0/1 ingress managerA
/*Configuring priority mark*/
ZXR10(config)#pm-qos
ZXR10(config-pm-qos)#priority-mark ipv4-access-list managerA rule-id 10 cos 7 dscp 63
/*Configuring traffic limit*/
ZXR10(config-pm-qos)#traffic-limit-acl ipv4-access-list managerA rule-id 20 cir 10000
cbs 200 ebs 3000 mode blind
/*Configuring traffic statistics*/
ZXR10(config-pm-qos)#traffic-statistics ipv4-access-list managerA rule-id 20 pkt-type all
statistics-type packet
ZXR10(config-pm-qos)#exit

© ZTE All rights reserved 29


Traffic Limit and Statistics Configuration Example
Configuration on the switch:
/*Configuring ACL rule*/
ZXR10(config)#ipv4-access-list managerB
ZXR10(config-ipv4-acl)#rule 10 permit tcp any 192.168.4.70 0.0.0.0
ZXR10(config-ipv4-acl)#rule 20 permit ip any 192.168.3.100 0.0.0.0
ZXR10(config-ipv4-acl)#rule permit any
ZXR10(config-ipv4-acl)#exit
/*Binding the interface of network B*/
ZXR10(config)#ipv4-access-group interface gei-0/1/0/2 ingress managerB
/*Configuring priority mark*/
ZXR10(config)#pm-qos
ZXR10(config-pm-qos)#priority-mark ipv4-access-list managerB rule-id 10 cos 7 dscp 63
/*Configuring traffic limit*/
ZXR10(config-pm-qos)#traffic-limit-acl ipv4-access-list managerB rule-id 20 cir 20000
cbs 200 ebs 3000 mode blind
/*Configuring traffic statistics*/
ZXR10(config-pm-qos)#traffic-statistics ipv4-access-list managerB rule-id 20 pkt-type all
statistics-type packet
ZXR10(config-pm-qos)#exit

© ZTE All rights reserved 30


Traffic Limit Based on the vlan Configuration
Example

As shown in figure above, S1 is connected with network A and


network B.
S1 accesses Internet through the 192.168.3.100 address. S1 has
H3 line card.
Network A is connected to vlan10, and network B is connected to
vlan20.
It is required to restrict the upper-link traffic of network A, and
the down-link traffic of network B.

© ZTE All rights reserved 31


Traffic Limit Based on the vlan Configuration
Example
Configuration Steps:

1. Configure an ACL for traffic classification. Use the


ipv4-mixed-access-list to match the traffic of network
A that accesses the Internet, and match the traffic sent
from 192.168.3.100 to network B.

2. Bind the ACL rule to the ingress of gei-0/2/0/3, and


to the egress of gei-0/2/0/21.

3. Configure the traffic limit.

© ZTE All rights reserved 32


Traffic Limit Based on the vlan Configuration
Example
Configuration on the switch:

/*Configuring the ACL rule.*/


ZXR10(config)#ipv4-mixed-access-list limit_A
ZXR10(config-ipv4-mixed-acl)#rule 1 permit link-protocol 2048 any any outer-vlan 10 ip
any any
ZXR10(config-ipv4-mixed-acl)#rule 2 permit any any ip any any
ZXR10(config-ipv4-mixed-acl)#exit

/*Binding the interface of department A*/


ZXR10(config)#ipv4-mixed-access-group interface gei-0/2/0/3 ingress limit_A

/*Configuring the traffic limit.*/


ZXR10(config)#pm-qos
ZXR10(config-pm-qos)#traffic-limit-acl ipv4-mix limit_A rule-id 1 cir 100000 cbs 200 ebs
3000 mode blind
ZXR10(config-pm-qos)#exit

© ZTE All rights reserved 33


Traffic Limit Based on the vlan Configuration
Example
Configuration on the switch:

/*Configuring the ACL rule.*/


ZXR10(config)#ipv4-mixed-access-list limit_B
ZXR10(config-ipv4-mixed-acl)#rule 1 permit link-protocol 2048 any any outer-vlan 20 ip
any any
ZXR10(config-ipv4-mixed-acl)#rule 2 permit any any ip any any
ZXR10(config-ipv4-mixed-acl)#exit

/*Binding the interface of department B.*/


ZXR10(config)#ipv4-mixed-access-group interface gei-0/2/0/21 egress limit_B

/*Configuring the traffic limit.*/


ZXR10(config)#pm-qos
ZXR10(config-pm-qos)#traffic-limit-acl ipv4-mix limit_B rule-id 1 cir 100000 cbs 200 ebs
3000 mode blind
ZXR10(config-pm-qos)#exit

© ZTE All rights reserved 34


Hierarchy Meter Configuration Example

As shown in the figure, Network A, B and C are connected to Internet by proxy


server 192.168.3.100. It is required for Internet bandwidth restrictions of Network A,
B ,C:
Network A, the maximum bandwidth required for 40M
Network B, the maximum bandwidth required for 30M
Network C, the maximum bandwidth required for 30M
© ZTE All rights reserved 35
Hierarchy Meter Configuration Example
Configuration Steps:

1. Configure an ACL for the traffic classification.


According to the current requirement, use the ipv4-
access-list to restrict all IP packets.

2. Set the bandwidth of department A to 40M.

3. Set the bandwidth of department B to 30M.

4. Set the bandwidth of department C to 430M.

© ZTE All rights reserved 36


Hierarchy Meter Configuration Example
Configuration on the switch S1:

/*Configuring the ACL rule*/


ZXR10(config)#ipv4-access-list meterA
ZXR10(config-ipv4-acl)#rule 10 permit ip any any
ZXR10(config-ipv4-acl)#exit
ZXR10(config)#ipv4-access-list meterB
ZXR10(config-ipv4-acl)#rule 10 permit ip any any
ZXR10(config-ipv4-acl)#exit
ZXR10(config)#ipv4-access-list meterC
ZXR10(config-ipv4-acl)#rule 10 permit ip any any
ZXR10(config-ipv4-acl)#exit

/*Binding the interface*/


ZXR10(config)#ipv4-access-group interface gei-0/1/0/1 ingress meterA
ZXR10(config)#ipv4-access-group interface gei-0/1/0/2 ingress meterB
ZXR10(config)#ipv4-access-group interface gei-0/1/0/10 ingress meterC

© ZTE All rights reserved 37


Hierarchy Meter Configuration Example
Configuration on the switch S1:

/*Configuring macro meter*/


ZXR10(config)#pm-qos
ZXR10(config-pm-qos)#traffic-macro-flow S1 cir 100000 cbs 1000 mode band-borrow

/*Configuring micro meter of a network*/


ZXR10(config-pm-qos)#traffic-micro-flow ipv4-access-list meterA rule-id 10 cir
40000 cbs 1000 macro-flow S1
ZXR10(config-pm-qos)#traffic-micro-flow ipv4-access-list meterB rule-id 10 cir
30000 cbs 1000 macro-flow S1
ZXR10(config-pm-qos)#traffic-micro-flow ipv4-access-list meterC rule-id 10 cir
30000 cbs 1000 macro-flow S1
ZXR10(config-pm-qos)#exit

© ZTE All rights reserved 38


Policy Routing Configuration Example
As shown in the
figure,
PC-A, S2, PC-B
and Server AAA
are connected to
a switch S1.
Because route
200.0.0.0 is not
advertised to S1
by S2,
policy routing is
configured to
transport traffic
between S1 and
S2.

© ZTE All rights reserved 39


Policy Routing Configuration Example
Configuration Steps:
1. Configure an ACL rule for traffic classification. According to the current
requirement, the traffic classification is done based on the destination IP address, so
the ipv4-access-list is used. The TCP packet sent from the server AAA matches the
source IP address 192.168.210.2 and the TCP protocol number. For the IP packet
sent from the PC-A and PC-B device to the PC-C device, the destination IP address
is 200.0.0.1. The PC-A device pings the packet of the server AAA. This packet is an
icmp packet with the destination IP address 192.168.210.1, and the source IP
address is 192.168.101.1.

2. Configure the QoS command that will be redirected to the CPU, and send the
TCP packet sent from the server AAA to the CPU.

3. Configure the policy route, and redirect the packet with the destination IP
address being 200.0.0.1 to the specified next hop.

4. Redirect the packet and specify an egress. After the PC-A device pings the server
AAA, redirect the packets to the PC-B device. To ensure that the packet can be sent
from vlan2, set a priority label and modify the out-vlan-id value of the packet.

© ZTE All rights reserved 40


Policy Routing Configuration Example
Configuration on the switch S1:
/*Configuring VLAN interface*/
ZXR10(config)#switchvlan-configuration
ZXR10(config-swvlan)#interface gei-0/1/0/1
ZXR10(config-swvlan-intf)#switchport mode access
ZXR10(config-swvlan-intf)#switchport access vlan 1
ZXR10(config-swvlan-intf)#exit
ZXR10(config-swvlan)#interface gei-0/1/0/4
ZXR10(config-swvlan-intf)#switchport mode access
ZXR10(config-swvlan-intf)#switchport access vlan 5
ZXR10(config-swvlan-intf)#exit
ZXR10(config-swvlan)#interface gei-0/1/0/2
ZXR10(config-swvlan-intf)#switchport mode access
ZXR10(config-swvlan-intf)#switchport access vlan 2
ZXR10(config-swvlan-intf)#exit
ZXR10(config-swvlan)#interface gei-0/1/0/10
ZXR10(config-swvlan-intf)#switchport mode trunk
ZXR10(config-swvlan-intf)#switchport trunk vlan 10
ZXR10(config-swvlan-intf)#exit
ZXR10(config-swvlan)#interface gei-0/1/0/3
ZXR10(config-swvlan-intf)#switchport mode trunk
© ZTE All rights reserved 41
Policy Routing Configuration Example
Configuration on the switch S1:
/*Configuring VLAN interface*/
ZXR10(config-swvlan-intf)#switchport trunk vlan 4
ZXR10(config-swvlan-intf)#exit
ZXR10(config-swvlan)#exit
ZXR10(config)#interface vlan1
ZXR10(config-if)#ip address 192.168.101.2 255.255.255.0
ZXR10(config-if)#exit
ZXR10(config)#interface vlan5
ZXR10(config-if)#ip address 192.168.210.2 255.255.255.0
ZXR10(config-if)#exit
ZXR10(config)#interface vlan2
ZXR10(config-if)#ip address 192.168.102.2 255.255.255.0
ZXR10(config-if)#exit
ZXR10(config)#interface vlan10
ZXR10(config-if)#ip address 192.168.110.2 255.255.255.0
ZXR10(config-if)#exit
ZXR10(config)#interface vlan4
ZXR10(config-if)#ip address 192.168.103.2 255.255.255.0
ZXR10(config-if)#exit

© ZTE All rights reserved 42


Policy Routing Configuration Example
Configuration on the switch S1:
/*Configuring ACL rule*/
ZXR10(config)#ipv4-access-list redirectAAA
ZXR10(config-ipv4-acl)#rule 10 permit tcp 192.168.210.2 0.0.0.0 any
ZXR10(config-ipv4-acl)#rule 20 permit ip any any
ZXR10(config-ipv4-acl)#exit

/*Binding the interface connected to server AAA*/


ZXR10(config)#ipv4-access-group interface gei-0/1/0/4 ingress redirectAAA

/*Configuring redirecting to CPU*/


ZXR10(config)#pm-qos
ZXR10(config-pm-qos)#redirect in ipv4-access-list redirectAAA rule-id 10 cpu
ZXR10(config-pm-qos)#exit

/*Configuring ACL rule*/


ZXR10(config)#ipv4-access-list redirect_1_2
ZXR10(config-ipv4-acl)#rule 10 permit ip any 200.0.0.0 0.0.0.255
ZXR10(config-ipv4-acl)#rule 20 permit ip any any
ZXR10(config-ipv4-acl)#exit

© ZTE All rights reserved 43


Policy Routing Configuration Example
Configuration on the switch S1:
/*Binding the interface connected to PC-B*/
ZXR10(config)#ipv4-access-group interface gei-0/1/0/2 ingress redirect_1_2

/*Configuring static route*/


ZXR10(config)#ip route 200.0.0.2 255.255.255.255 192.168.110.1
ZXR10(config)#ip route 200.0.0.2 255.255.255.255 192.168.103.1

/*Configuring policy routing*/


ZXR10(config)#pm-qos
ZXR10(config-pm-qos)#redirect in ipv4-access-list redirect_1_2 rule-id 10 next-hop 200.0.0.2
ZXR10(config-pm-qos)#exit

/*Configuring ACL rule*/


ZXR10(config)#ipv4-access-list redirect_1_1
ZXR10(config-ipv4-acl)#rule 10 permit icmp 192.168.101.1 0.0.0.0 192.168.210.1 0.0.0.0
ZXR10(config-ipv4-acl)#rule 20 permit ip any 200.0.0.0 0.0.0.255
ZXR10(config-ipv4-acl)#rule 30 permit ip any any
ZXR10(config-ipv4-acl)#exit

© ZTE All rights reserved 44


Policy Routing Configuration Example
Configuration on the switch S1:
/*Binding the interface connected to PC-A*/
ZXR10(config)#ipv4-access-group interface gei-0/1/0/1 ingress redirect_1_1

/*Configuring policy routing*/


ZXR10(config)#pm-qos
ZXR10(config-pm-qos)#redirect in ipv4-access-list redirect_1_1 rule-id 20 next-hop 200.0.0.2
ZXR10(config-pm-qos)#redirect in ipv4-access-list redirect_1_1 rule-id 10 interface gei_0/1/0/2
ZXR10(config-pm-qos)#priority-mark ipv4-access-list redirect_1_1 rule-id 10 out-vlanID 2
ZXR10(config-pm-qos)#exit

/*Omit the configuration of switch S2*/

© ZTE All rights reserved 45


Traffic Mirroring Configuration Example
As shown in the figure, PC-A and PC-B are connected to switch S1. It
is required that packets between PC-A and PC-B are mirrored to PC
for diagnosis.

© ZTE All rights reserved 46


Traffic Mirroring Configuration Example
Configuration Steps:

1. Configure an ACL for traffic classification. According to the current


requirement, the traffic classification is done on the basis of the destination
IP address, so the ipv4-access-list is used. Both the source IP address and the
destination IP address can be configured.

2. Apply the ACL rule to the ingress gei-0/1/0/1 and the egress gei- 0/1/0/10
on S1.

3. Configure traffic mirroring, and mirror the packet to the gei-0/1/0/2 port.

© ZTE All rights reserved 47


Traffic Mirroring Configuration Example
Configuration on the switch S1:
/*Configuring ACL rule*/
ZXR10(config)#ipv4-access-list mirror1
ZXR10(config-ipv4-acl)#rule 10 permit icmp 192.168.101.1 0.0.0.0 192.168.210.1 0.0.0.0
ZXR10(config-ipv4-acl)#rule 20 permit ip any any
ZXR10(config-ipv4-acl)#exit

/*Bingding the interface connected to PC-A*/


ZXR10(config)#ipv4-access-group interface gei-0/1/0/1 ingress mirror1

/*Configuring Traffic Mirroring*/


ZXR10(config)#pm-qos
ZXR10(config-pm-qos)#traffic-mirror in ipv4-access-list mirror1 rule-id 10 interface gei-
0/1/0/2
ZXR10(config-pm-qos)#exit
ZXR10(config)#ipv4-access-group interface gei-0/1/0/10 egress mirror1

© ZTE All rights reserved 48


Summary

n Port QoS Concepts


n Port QoS Configuration
n Port QoS Configuration Example
n Flow QoS Concepts
n Flow QoS Configuration
n Flow QoS Configuration Example

© ZTE All rights reserved 49


Thank you

You might also like