Example for Configuring Rate Limiting Based on VLAN IDs
In addition to an ACL, a traffic classifier in MQC defines many Layer 2 and Layer 3 matching rules such as the VLAN ID, 802.1p priority, DSCP priority, source MAC address, and destination MAC address. You can configure different traffic classifiers on the device to identify packets and configure actions for them such as rate limiting, statistics, or mirroring. In this example, traffic classifiers are configured based on VLAN IDs and different CIR values are configured so that the device allocates different bandwidth to service flows.
Configuration Notes
- This example applies to the following products:
- S2752EI, S2710-SI, S2720-EI, S2750-EI
- S3700-SI, S3700-EI, S3700-HI
- S5700-LI, S5700S-LI, S5700-SI, S5700-EI, S5700-HI, S5710-C-LI, S5710-X-LI, S5710-EI, S5710-HI, S5720-LI, S5720S-LI, S5720-SI, S5720S-SI, S5720I-SI, S5720-EI, S5720-HI, S5730-HI, S5730-SI, S5730S-EI, S5731-H, S5731-S, S5731S-S, S5731S-H, S5732-H, S2730S-S, S5735-L-I, S5735-L1, S300, S5735-L, S5735S-L , S5735S-L1 , S5735S-L-M, S5735-S , S500 , S5735S-S, S5735-S-I, S5735S-H, S5736-S
- S6700-EI, S6720-LI, S6720S-LI, S6720-SI, S6720S-SI, S6720-EI, S6720S-EI, S6720-HI, S6730-H, S6730-S, S6730S-S, S6730S-H
- S7703, S7706, S7712, S7703 PoE, S7706 PoE, S9703, S9706, S9712
To view detailed information about software mappings, visit Info-Finder, select a product series or product model, and click Hardware Center.
Networking Requirements
In Figure 3-256, the Switch connects to the router through GE 2/0/1 , and the enterprise connects to the Internet through the Switch and router.
Voice, video, and data services are transmitted in VLAN 120, VLAN 110, and VLAN 100 respectively.
Traffic policing needs to be configured on the Switch to police packets of different services so that traffic is limited within a proper range, guaranteeing bandwidth of each service.
Voice, video, and data services have QoS requirements in descending order of priority. The Switch needs to re-mark DSCP priorities in different service packets so that the downstream router processes them based on priorities, ensuring QoS of different services.
Table 3-149 describes the QoS requirements.
Figure 3-256 Networking of traffic policing
Configuration Roadmap
- Create a VLAN and configure interfaces so that the enterprise can access the Internet through the Switch .
- Configure traffic classifiers on the Switch to classify packets based on VLAN IDs.
- Configure traffic behaviors on the Switch to limit the rate of packets and re-mark DSCP priorities of packets.
- Configure a traffic policy on the Switch , bind traffic behaviors and traffic classifiers, and apply the traffic policy to the interface on the Switch connected to the LSW.
Procedure
HUAWEI> system-view [HUAWEI] sysname Switch [Switch] vlan batch 100 110 120
# Configure GE 1/0/1 and GE 2/0/1 as trunk interfaces and add them to VLAN 100, VLAN 110, and VLAN 120.
[Switch] interface gigabitethernet 1/0/1 [Switch-GigabitEthernet1/0/1] port link-type trunk [Switch-GigabitEthernet1/0/1] port trunk allow-pass vlan 100 110 120 [Switch-GigabitEthernet1/0/1] quit [Switch] interface gigabitethernet 2/0/1 [Switch-GigabitEthernet2/0/1] port link-type trunk [Switch-GigabitEthernet2/0/1] port trunk allow-pass vlan 100 110 120 [Switch-GigabitEthernet2/0/1] quit
[Switch] traffic classifier c1 operator and [Switch-classifier-c1] if-match vlan-id 120 //Configure a matching rule to match packets with VLAN 120. [Switch-classifier-c1] quit [Switch] traffic classifier c2 operator and [Switch-classifier-c2] if-match vlan-id 110 //Configure a matching rule to match packets with VLAN 110. [Switch-classifier-c2] quit [Switch] traffic classifier c3 operator and [Switch-classifier-c3] if-match vlan-id 100 //Configure a matching rule to match packets with VLAN 100. [Switch-classifier-c3] quit
[Switch] traffic behavior b1 [Switch-behavior-b1] car cir 2000 pir 10000 green pass //Set the CIR of packets with VLAN 120 to 2000 kbit/s. [Switch-behavior-b1] remark dscp 46 //Configure the device to re-mark DSCP priorities of packets from VLAN 120 with 46. [Switch-behavior-b1] statistic enable //Enable traffic statistics. [Switch-behavior-b1] quit [Switch] traffic behavior b2 [Switch-behavior-b2] car cir 4000 pir 10000 green pass [Switch-behavior-b2] remark dscp 30 [Switch-behavior-b2] statistic enable [Switch-behavior-b2] quit [Switch] traffic behavior b3 [Switch-behavior-b3] car cir 4000 pir 10000 green pass [Switch-behavior-b3] remark dscp 14 [Switch-behavior-b3] statistic enable [Switch-behavior-b3] quit
[Switch] traffic policy p1 [Switch-trafficpolicy-p1] classifier c1 behavior b1 [Switch-trafficpolicy-p1] classifier c2 behavior b2 [Switch-trafficpolicy-p1] classifier c3 behavior b3 [Switch-trafficpolicy-p1] quit [Switch] interface gigabitethernet 1/0/1 [Switch-GigabitEthernet1/0/1] traffic-policy p1 inbound [Switch-GigabitEthernet1/0/1] quit
[Switch] display traffic classifier user-defined User Defined Classifier Information: Classifier: c2 Precedence: 10 Operator: AND Rule(s) : if-match vlan-id 110 Classifier: c3 Precedence: 15 Operator: AND Rule(s) : if-match vlan-id 100 Classifier: c1 Precedence: 5 Operator: AND Rule(s) : if-match vlan-id 120 Total classifier number is 3
[Switch] display traffic policy user-defined p1 User Defined Traffic Policy Information: Policy: p1 Classifier: c2 Operator: AND Behavior: b2 Permit Committed Access Rate: CIR 4000 (Kbps), PIR 10000 (Kbps), CBS 500000 (byte), PBS 1250000 (byte) Color Mode: color Blind Conform Action: pass Yellow Action: pass Exceed Action: discard Remark: Remark DSCP af33 Statistic: enable Classifier: c3 Operator: AND Behavior: b3 Permit Committed Access Rate: CIR 4000 (Kbps), PIR 10000 (Kbps), CBS 500000 (byte), PBS 1250000 (byte) Color Mode: color Blind Conform Action: pass Yellow Action: pass Exceed Action: discard Remark: Remark DSCP af13 Statistic: enable Classifier: c1 Operator: AND Behavior: b1 Permit Committed Access Rate: CIR 2000 (Kbps), PIR 10000 (Kbps), CBS 250000 (byte), PBS 1250000 (byte) Color Mode: color Blind Conform Action: pass Yellow Action: pass Exceed Action: discard Remark: Remark DSCP ef Statistic: enable
# Check information about the traffic policy that is applied to the interface. Voice packets on GE 1/0/1 are used as an example. When the rate of the packets is larger than 10000 kbit/s, packet loss occurs. The rate of voice packets is limited within 10000 kbit/s.
[Switch] display traffic policy statistics interface gigabitethernet 1/0/1 inbound verbose classifier-base class c1 Interface: GigabitEthernet1/0/1 Traffic policy inbound: p1 Rule number: 3 Current status: success Statistics interval: 300 --------------------------------------------------------------------- Board : 1 --------------------------------------------------------------------- Matched | Packets: 49,491 | Bytes: - | Rate(pps): 0 | Rate(bps): - --------------------------------------------------------------------- Passed | Packets: 40,971 | Bytes: - | Rate(pps): 0 | Rate(bps): - --------------------------------------------------------------------- Dropped | Packets: 8,520 | Bytes: - | Rate(pps): 0 | Rate(bps): - --------------------------------------------------------------------- Filter | Packets: 0 | Bytes: - --------------------------------------------------------------------- Car | Packets: 8,520 | Bytes: - ---------------------------------------------------------------------Configuration Files
Switch configuration file
# sysname Switch # vlan batch 100 110 120 # traffic classifier c1 operator and precedence 5 if-match vlan-id 120 traffic classifier c2 operator and precedence 10 if-match vlan-id 110 traffic classifier c3 operator and precedence 15 if-match vlan-id 100 # traffic behavior b1 permit car cir 2000 pir 10000 cbs 250000 pbs 1250000 mode color-blind green pass yellow pass red discard remark dscp ef statistic enable traffic behavior b2 permit car cir 4000 pir 10000 cbs 500000 pbs 1250000 mode color-blind green pass yellow pass red discard remark dscp af33 statistic enable traffic behavior b3 permit car cir 4000 pir 10000 cbs 500000 pbs 1250000 mode color-blind green pass yellow pass red discard remark dscp af13 statistic enable # traffic policy p1 match-order config classifier c1 behavior b1 classifier c2 behavior b2 classifier c3 behavior b3 # interface GigabitEthernet1/0/1 port link-type trunk port trunk allow-pass vlan 100 110 120 traffic-policy p1 inbound # interface GigabitEthernet2/0/1 port link-type trunk port trunk allow-pass vlan 100 110 120 # return