00399154-Configuration Guide - QoS (V300R003 - 03) PDF

Quidway NetEngine80E/40E Core Router V300R003
Configuration Guide - QoS
Issue Date Part Number
03 2008-09-22 00399154
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.
Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. For any assistance, please contact our local office or company headquarters.
Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China http://www.huawei.com support@huawei.com
Website: Email:
Copyright Huawei Technologies Co., Ltd. 2008. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions

and other Huawei trademarks are the property of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders.
Notice
The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but the statements, information, and recommendations in this document do not constitute a warranty of any kind, express or implied.
Quidway NetEngine80E/40E Core Router Configuration Guide - QoS
Contents
Contents
About This Document.....................................................................................................................1 1 QoS Overview.............................................................................................................................1-1
1.1 Introduction.....................................................................................................................................................1-2 1.1.1 Traditional Packet Transmission Application........................................................................................1-2 1.1.2 New Application Requirements.............................................................................................................1-2 1.2 End-to-End QoS Model...................................................................................................................................1-3 1.2.1 Best-Effort Service Model.....................................................................................................................1-3 1.2.2 Integrated Service Model.......................................................................................................................1-3 1.2.3 Differentiated Service Model.................................................................................................................1-4 1.3 Techniques Used for the QoS Application......................................................................................................1-9 1.3.1 Traffic Classification............................................................................................................................1-10 1.3.2 Traffic Policing and Shaping................................................................................................................1-11 1.3.3 Congestion Avoidance Configuration..................................................................................................1-11 1.3.4 RSVP....................................................................................................................................................1-13 1.4 QoS Supported by the NE80E/40E...............................................................................................................1-13
2 Traffic Policing and Shaping Configuration........................................................................2-1

2.1 Introduction.....................................................................................................................................................2-2 2.1.1 Traffic Policing......................................................................................................................................2-2 2.1.2 Traffic Shaping.......................................................................................................................................2-4 2.1.3 Traffic Policing and Shaping Supported by NE80E/40E.......................................................................2-5 2.2 Configuring Interface-based Traffic Policing.................................................................................................2-6 2.2.1 Establishing the Configuration Task......................................................................................................2-6 2.2.2 Configuring CAR on a Layer 3 Interface...............................................................................................2-7 2.2.3 Configuring CAR on a Layer 2 Interface...............................................................................................2-8 2.2.4 Checking the Configuration...................................................................................................................2-9 2.3 Configuring CTC-based Traffic Policing........................................................................................................2-9 2.3.1 Establishing the Configuration Task....................................................................................................2-10 2.3.2 Defining Traffic Classes.......................................................................................................................2-10 2.3.3 Defining a Behavior and Configuring Traffic Policing Actions..........................................................2-12 2.3.4 Configuring a Traffic Policy................................................................................................................2-13 2.3.5 Applying Traffic Policies.....................................................................................................................2-13 2.3.6 Checking the Configuration.................................................................................................................2-15 Issue 03 (2008-09-22) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. i
Contents
2.4 Configuring Traffic Shaping.........................................................................................................................2-16 2.4.1 Establishing the Configuration Task....................................................................................................2-16 2.4.2 Configuring Traffic Shaping................................................................................................................2-17 2.4.3 Checking the Configuration.................................................................................................................2-18 2.5 Maintaining Statistics....................................................................................................................................2-18 2.5.1 Clearing Statistics.................................................................................................................................2-18 2.6 Configuration Examples................................................................................................................................2-19 2.6.1 Example for Configuring Traffic Policing and Traffic Shaping..........................................................2-19
3 Congestion Avoidance Configuration................................................................................... 3-1

3.1 Introduction.....................................................................................................................................................3-2 3.1.1 Introduction to Congestion Avoidance..................................................................................................3-2 3.1.2 Congestion Avoidance Supported by NE80E/40E.................................................................................3-3 3.2 Configuring WRED.........................................................................................................................................3-3 3.2.1 Establishing the Configuration Task......................................................................................................3-4 3.2.2 Configuring WRED Parameters.............................................................................................................3-4 3.2.3 Applying WRED....................................................................................................................................3-5 3.2.4 Checking the Configuration...................................................................................................................3-6 3.3 Configuration Examples..................................................................................................................................3-7 3.3.1 Example for Configuring Congestion Avoidance..................................................................................3-7
4 Class-based QoS Configuration..............................................................................................4-1

4.1 Overview.........................................................................................................................................................4-2 4.1.1 Introduction to Class-based QoS............................................................................................................4-2 4.1.2 Class-based QoS Supported by the NE80E/40E....................................................................................4-4 4.2 Configuring a Traffic Policy Based on the Complex Traffic Classification...................................................4-4 4.2.1 Establishing the Configuration Task......................................................................................................4-4 4.2.2 Defining a Traffic Classifier..................................................................................................................4-5 4.2.3 Defining a Traffic Behavior and Configuring Traffic Actions..............................................................4-8 4.2.4 Defining a Policy and Specifying a Behavior for the Classifier..........................................................4-12 4.2.5 Applying a Traffic Policy.....................................................................................................................4-12 4.2.6 Applying the Statistic Function of a Traffic Policy.............................................................................4-14 4.2.7 Checking the Configuration.................................................................................................................4-15 4.3 Configuring Precedence Mapping Based on the Simple Traffic Classification............................................4-16 4.3.1 Establishing the Configuration Task....................................................................................................4-16 4.3.2 Defining the DiffServ Domain and Configuring a Traffic Policy........................................................4-17 4.3.3 Applying Traffic Policy Based on Simple Traffic Classification to an Interface................................4-24 4.3.4 Checking the Configuration.................................................................................................................4-26 4.4 Maintaining Class-based QoS Configuration................................................................................................4-27 4.4.1 Clearing the Statistics About Traffic Policies......................................................................................4-27 4.4.2 Troubleshooting...................................................................................................................................4-27 4.5 Configuration Examples................................................................................................................................4-28 4.5.1 Example for Configuring a Traffic Policy Based on Complex Traffic Classification.........................4-28 4.5.2 Example for Configuring Complex Traffic Classification on QinQ Termination Sub-interface.........4-36 ii Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2008-09-22)
Contents
4.5.3 Example for Configuring Priority Mapping Based on the Simple Traffic Classification (VLAN).....4-39 4.5.4 Example for Configuring Priority Mapping Based on the Simple Traffic Classification (MPLS)......4-44
5 QPPB Configuration..................................................................................................................5-1
5.1 Introduction.....................................................................................................................................................5-2 5.1.1 QPPB Overview.....................................................................................................................................5-2 5.1.2 QPPB Supported by the NE80E/40E.....................................................................................................5-2 5.2 Configuring QPPB..........................................................................................................................................5-2 5.2.1 Establishing the Configuration Task......................................................................................................5-3 5.2.2 Configuring the Routing Policy on the BGP Route Sender...................................................................5-4 5.2.3 Advertising Routing Policy on the Route Sender..................................................................................5-5 5.2.4 Configuring the Traffic Behavior on the Route Receiver......................................................................5-5 5.2.5 Configuring a Routing Policy to the Route Receiver.............................................................................5-6 5.2.6 Applying a Routing Policy to the Route Receiver.................................................................................5-7 5.2.7 Applying QPPB to the Interface.............................................................................................................5-8 5.2.8 Checking the Configuration...................................................................................................................5-8 5.3 Configuration Examples..................................................................................................................................5-9 5.3.1 Example for QPPB Configuration..........................................................................................................5-9 5.4 Maintaining QPPB Configuration.................................................................................................................5-14 5.4.1 Troubleshooting...................................................................................................................................5-14
6 VPN QoS Configuration...........................................................................................................6-1

6.1 Introduction.....................................................................................................................................................6-2 6.1.1 VPN QoS Overview...............................................................................................................................6-2 6.1.2 VPN QoS Features Supported by the NE80E/40E.................................................................................6-2 6.2 Configuring QPPB in L3VPNs.......................................................................................................................6-8 6.2.1 Establishing the Configuration Task......................................................................................................6-8 6.2.2 Configuring a Routing Policy on the BGP Route Sender....................................................................6-10 6.2.3 Advertising a Routing Policy on the Route Sender..............................................................................6-11 6.2.4 Configuring a Traffic Behavior on the Route Receiver.......................................................................6-12 6.2.5 Configuring a Routing Policy on the Route Receiver..........................................................................6-13 6.2.6 Applying a Routing Policy on the Route Receiver..............................................................................6-14 6.2.7 Applying QPPB on the Interface..........................................................................................................6-15 6.2.8 Checking the Configuration.................................................................................................................6-16 6.3 Configuring Hierarchical Resource Reserved L3VPNs................................................................................6-16 6.3.1 Establishing the Configuration Task....................................................................................................6-16 6.3.2 Configuring a Flow Queue...................................................................................................................6-18 6.3.3 (Optional) Enabling an L3VPN to Support DiffServ Models..............................................................6-19 6.3.4 (Optional) Configuring a Class Queue.................................................................................................6-20 6.3.5 Configuring a Tunnel Policy and Apply It to a VPN Instance.............................................................6-22 6.3.6 Configuring a Bandwidth for an MPLS TE Tunnel.............................................................................6-22 6.3.7 Binding an MPLS TE Tunnel to a VPN Instance and Specifying a QoS Policy.................................6-23 6.3.8 Checking the Configuration.................................................................................................................6-24 6.4 Configuring Hierarchical Resource Reserved L2VPNs................................................................................6-24 Issue 03 (2008-09-22) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. iii
Contents
Quidway NetEngine80E/40E Core Router Configuration Guide - QoS 6.4.1 Establishing the Configuration Task....................................................................................................6-25 6.4.2 Configuring a Flow Queue...................................................................................................................6-26 6.4.3 (Optional) Enabling an L2VPN to Support DiffServ Models..............................................................6-28 6.4.4 (Optional) Configuring a Class Queue.................................................................................................6-29 6.4.5 Configuring a Tunnel Policy................................................................................................................6-30 6.4.6 Applying an MPLS TE Tunnel Policy to an MPLS L2VPN...............................................................6-31 6.4.7 Configuring the Bandwidth of an MPLS TE Tunnel...........................................................................6-32 6.4.8 Associating an MPLS TE Tunnel with an L2VPN and Specifying a QoS Policy...............................6-32 6.4.9 Checking the Configuration.................................................................................................................6-34
6.5 Example For Configuring VPN QoS............................................................................................................6-35 6.5.1 Example for Applying a Routing Policy with QoS Parameters in VPNv4..........................................6-35 6.5.2 Example for Applying Routing Policies with QoS Parameters to a VPN Instance.............................6-45 6.5.3 Example for Configuring a Hierarchical Resource Reserved L3VPN.................................................6-55 6.5.4 Example for Configuring a Hierarchical Resource Reserved L2VPN (VLL).....................................6-71 6.5.5 Example for Configuring a Hierarchical Resource Reserved L2VPN (VPLS)...................................6-85 6.5.6 Example for Configuring Hierarchical Resource Reserved VPNs (with Both L3VPNs and L2VPNs Deployed)......................................................................................................................................................6-95 6.5.7 Example for Configuring an MPLS DiffServ Model on the VPLS over TE.....................................6-114 6.6 Maintaining VPN QoS Configuration.........................................................................................................6-122 6.6.1 Troubleshooting.................................................................................................................................6-122
7 ATM QoS Configuration..........................................................................................................7-1

7.1 Overview.........................................................................................................................................................7-2 7.1.1 Introduction to ATM QoS......................................................................................................................7-2 7.1.2 ATM QoS Features Supported by the NE80E/40E................................................................................7-2 7.2 Configuring ATM Simple Traffic Classification............................................................................................7-5 7.2.1 Establishing the Configuration Task......................................................................................................7-5 7.2.2 Enabling ATM Simple Traffic Classification........................................................................................7-7 7.2.3 Configuring Mapping Rules for ATM QoS...........................................................................................7-7 7.2.4 Checking the Configuration...................................................................................................................7-8 7.3 Configuring Forced ATM Traffic Classification............................................................................................7-8 7.3.1 Establishing the Configuration Task......................................................................................................7-9 7.3.2 Configuring ATM Services..................................................................................................................7-10 7.3.3 Configuring Forced ATM Traffic Classification.................................................................................7-11 7.3.4 Checking the Configuration.................................................................................................................7-12 7.4 Configuring ATM Complex Traffic Classification.......................................................................................7-12 7.4.1 Establishing the Configuration Task....................................................................................................7-12 7.4.2 Defining Traffic Classifiers..................................................................................................................7-13 7.4.3 Defining Traffic Behaviors..................................................................................................................7-14 7.4.4 Defining Traffic Policies......................................................................................................................7-15 7.4.5 Applying Traffic Policies.....................................................................................................................7-15 7.4.6 Checking the Configuration.................................................................................................................7-16 7.5 Configuring the ATM Traffic Shaping.........................................................................................................7-17 iv Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2008-09-22)
Contents
7.5.1 Establishing the Configuration Task....................................................................................................7-18 7.5.2 Configuring ATM Traffic Shaping Parameters...................................................................................7-18 7.5.3 Applying ATM Traffic Shaping Parameters........................................................................................7-19 7.5.4 Checking the Configuration.................................................................................................................7-20 7.6 Configuring the Priority of an ATM PVC....................................................................................................7-20 7.6.1 Establshing the Configuration Task.....................................................................................................7-20 7.6.2 Configuring the Priority of an ATM PVC...........................................................................................7-21 7.7 Configuring Congestion Management of the ATM PVC.............................................................................7-21 7.7.1 Establshing the Configuration Task.....................................................................................................7-22 7.7.2 Configuring the Queue Scheduling of an ATM PVC..........................................................................7-22 7.7.3 Checking the Configuration.................................................................................................................7-23 7.8 Configuration Examples................................................................................................................................7-24 7.8.1 Example for Configuring Simple Traffic Classification for 1-to-1 VCC ATM Transparent Transmission .......................................................................................................................................................................7-25 7.8.2 Example for Configuring Simple Traffic Classification for 1-to-1 VPC ATM Transparent Transmission .......................................................................................................................................................................7-31 7.8.3 Example for Configuring Simple Traffic Classification for AAL5 SDU ATM Transparent Transmission .......................................................................................................................................................................7-37 7.8.4 Example of Configuring for 1483R-based ATM Simple Traffic Classification..................................7-43 7.8.5 Example for Configuring 1483B-Based ATM Simple Traffic Classificaiton.....................................7-46 7.8.6 Example for Configuring Forced ATM Traffic Classification............................................................7-50 7.8.7 Example for Configuring the ATM Complex Traffic Classification...................................................7-54 7.8.8 Example for Configuring Queue Scheduling for an ATM PVC..........................................................7-59
8 Frame Relay QoS Configuration.............................................................................................8-1

8.1 Overview.........................................................................................................................................................8-3 8.1.1 Introduction to Frame Relay QoS..........................................................................................................8-3 8.1.2 Frame Relay QoS Supported by the NE80E/40E...................................................................................8-3 8.2 Configuring Frame Relay Traffic Shaping......................................................................................................8-3 8.2.1 Establishing the Configuration Task......................................................................................................8-4 8.2.2 Configuring FRTS Parameters...............................................................................................................8-4 8.2.3 Applying FRTS Parameters to the Interface..........................................................................................8-5 8.2.4 Enabling FRTS.......................................................................................................................................8-6 8.3 Configuring Frame Relay Traffic Policing.....................................................................................................8-7 8.3.1 Establishing the Configuration Task......................................................................................................8-7 8.3.2 Configuring FRTP Parameters...............................................................................................................8-7 8.3.3 Applying FRTP Parameters to the Interface..........................................................................................8-8 8.3.4 Enabling FRTP.......................................................................................................................................8-9 8.4 Configuring Universal Frame Relay Queues..................................................................................................8-9 8.4.1 Establishing the Configuration Task......................................................................................................8-9 8.4.2 Configuring Universal Frame Relay Queues.......................................................................................8-10 8.4.3 Applying Universal Queues to an Frame Relay Interface....................................................................8-11 8.4.4 Applying Universal Queues to Frame Relay Virtual Circuits..............................................................8-12 8.5 Configuring PVC PQ of Frame Relay...........................................................................................................8-13 Issue 03 (2008-09-22) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. v
Contents
Quidway NetEngine80E/40E Core Router Configuration Guide - QoS 8.5.1 Establishing the Configuration Task....................................................................................................8-13 8.5.2 Configuring PVC PQ on an FR Interface.............................................................................................8-13 8.5.3 Configuring the FR PVC PQ Precedence............................................................................................8-14
8.6 Configuring Frame Relay Congestion Avoidance........................................................................................8-15 8.6.1 Establishing the Configuration Task....................................................................................................8-15 8.6.2 Creating a Frame Relay Class..............................................................................................................8-16 8.6.3 Configuring WRED Parameters...........................................................................................................8-17 8.6.4 Applying WRED Parameters on the Frame Relay Interface................................................................8-18 8.6.5 Checking the Configuration.................................................................................................................8-19 8.7 Configuring Frame Relay Fragmentation.....................................................................................................8-19 8.7.1 Establishing the Configuration Task....................................................................................................8-19 8.7.2 Configuring Frame Relay Fragmentation............................................................................................8-20 8.7.3 Applying FR Fragmentation to a Virtual Circuit.................................................................................8-20 8.7.4 Checking the Configuration.................................................................................................................8-21 8.8 Debugging Frame Relay QoS.......................................................................................................................8-21 8.9 Configuration Examples................................................................................................................................8-22 8.9.1 Example for Configuring Frame Relay Traffic Shaping......................................................................8-22 8.9.2 Example for Configuring Frame Relay Fragmentation........................................................................8-24
9 HQoS Configuration.................................................................................................................9-1
9.1 Overview.........................................................................................................................................................9-2 9.1.1 Introduction to HQoS.............................................................................................................................9-2 9.1.2 Related Concepts....................................................................................................................................9-2 9.1.3 HQoS Supported by the NE80E/40E.....................................................................................................9-3 9.2 Configuring HQoS on an Ethernet Interface.................................................................................................9-11 9.2.1 Establishing the Configuration Task....................................................................................................9-11 9.2.2 (Optional) Configuring an FQ WRED Object.....................................................................................9-13 9.2.3 (Optional) Configuring Scheduling Parameters of an FQ....................................................................9-14 9.2.4 (Optional) Configuring Mapping from an FQ to a CQ........................................................................9-15 9.2.5 (Optional) Configuring the Traffic Shaping of a GQ...........................................................................9-15 9.2.6 Configuring Scheduling Parameters of an SQ.....................................................................................9-16 9.2.7 (Optional) Configuring a CQ WRED Object.......................................................................................9-17 9.2.8 (Optional) Configuring Scheduling Parameters of a CQ.....................................................................9-17 9.2.9 Checking the Configuration.................................................................................................................9-18 9.3 Configuring HQoS on a QinQ Termination Sub-interface...........................................................................9-21 9.3.1 Establishing the Configuration Task....................................................................................................9-21 9.3.2 (Optional) Configuring an FQ WRED Object.....................................................................................9-22 9.3.3 (Optional) Configuring Scheduling Parameters of an FQ....................................................................9-23 9.3.4 (Optional) Configuring Mapping from an FQ to a CQ........................................................................9-24 9.3.5 (Optional) Configuring the Traffic Shaping of a GQ...........................................................................9-24 9.3.6 Enabling QinQ on an Interface.............................................................................................................9-25 9.3.7 Configuring QinQ on a Sub-interface..................................................................................................9-26 9.3.8 Configuring a VLAN Group................................................................................................................9-26 vi Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2008-09-22)
Contents
9.3.9 Configuring Scheduling Parameters of an SQ.....................................................................................9-27 9.3.10 (Optional) Configuring a CQ WRED Object.....................................................................................9-27 9.3.11 (Optional) Configuring Scheduling Parameters of a CQ...................................................................9-28 9.3.12 Checking the Configuration...............................................................................................................9-29 9.4 Configuring HQoS on a CPOS or E3/T3 Interface.......................................................................................9-29 9.4.1 Establishing the Configuration Task....................................................................................................9-30 9.4.2 Configuring HQoS...............................................................................................................................9-30 9.4.3 Checking the Configuration.................................................................................................................9-31 9.5 Configuring HQoS Based on the PBB-TE Tunnels......................................................................................9-31 9.5.1 Establishing the Configuration Task....................................................................................................9-32 9.5.2 Configuring a Reserved Bandwidth for PBB-TE Services on an Interface.........................................9-33 9.5.3 (Optional) Configuring the WRED Object of an FQ...........................................................................9-33 9.5.4 (Optional) Configuring Scheduling Parameters of an FQ....................................................................9-34 9.5.5 (Optional) Configuring Mappings from an FQ to a CQ.......................................................................9-34 9.5.6 (Optional) Configuring Traffic Shaping of a GQ.................................................................................9-34 9.5.7 Configuring Scheduling Parameters of an SQ.....................................................................................9-35 9.5.8 Checking the Configuration.................................................................................................................9-35 9.6 Configuring Class-based HQoS....................................................................................................................9-37 9.6.1 Establishing the Configuration Task....................................................................................................9-37 9.6.2 Defining a Traffic Classifier................................................................................................................9-38 9.6.3 (Optional) Configuring a WRED Object for a Flow Queue................................................................9-39 9.6.4 (Optional) Configuring Scheduling Parameters for a Flow Queue......................................................9-40 9.6.5 (Optional) Configuring Mappings from a Flow Queue to a Class Queue...........................................9-40 9.6.6 (Optional) Configuring Traffic Shaping for a Group Queue...............................................................9-41 9.6.7 Defining a Traffic Behavior and Configuring Scheduling Parameters for a Subscriber Queue..........9-42 9.6.8 Defining a Traffic Policy and Applying It to an Interface...................................................................9-42 9.6.9 (Optional) Configuring a WRED Object for a Class Queue................................................................9-43 9.6.10 (Optional) Configuring Scheduling Parameters for a Class Queue...................................................9-44 9.6.11 Checking the Configuration...............................................................................................................9-44 9.7 Configuring Template-based HQoS..............................................................................................................9-47 9.7.1 Establishing the Configuration Task....................................................................................................9-48 9.7.2 (Optional) Configuring an FQ WRED Object.....................................................................................9-49 9.7.3 (Optional) Configuring Scheduling Parameters of an FQ....................................................................9-49 9.7.4 (Optional) Configuring Mapping from an FQ to a CQ........................................................................9-50 9.7.5 (Optional) Configuring the Traffic Shaping of a GQ...........................................................................9-51 9.7.6 (Optional) Configuring Packet Loss Compensation Length of Service Templates.............................9-51 9.7.7 Defining a QoS Template and Configuring Scheduling Parameters....................................................9-52 9.7.8 Applying a QoS Template....................................................................................................................9-53 9.7.9 (Optional) Configuring a CQ WRED Object.......................................................................................9-53 9.7.10 (Optional) Configuring Scheduling Parameters of a CQ...................................................................9-54 9.7.11 Checking the Configuration...............................................................................................................9-55 9.8 Maintaining HQoS........................................................................................................................................9-57 Issue 03 (2008-09-22) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. vii
Contents
Quidway NetEngine80E/40E Core Router Configuration Guide - QoS 9.8.1 Clearing Queue Statistics.....................................................................................................................9-57
9.9 Configuration Examples................................................................................................................................9-57 9.9.1 Example for Configuring HQoS on an Ethernet Interface...................................................................9-58 9.9.2 Example for Configuring QinQ HQoS.................................................................................................9-64 9.9.3 Example for Configuring HQoS on an E3 or T3 Interface..................................................................9-69 9.9.4 Example for Configuring HQoS on a CPOS Interface........................................................................9-72 9.9.5 Example for Configuring HQoS Based on the PBB-TE Tunnel..........................................................9-76 9.9.6 Example for Configuring Class-based HQoS......................................................................................9-82 9.9.7 Example for Configuring Template-based HQoS................................................................................9-89
A Glossary.....................................................................................................................................A-1 B Acronyms and Abbreviations.................................................................................................B-1 Index.................................................................................................................................................i-1
viii
Issue 03 (2008-09-22)
Figures
Figures
Figure 1-1 Diff-Serv networking diagram............................................................................................................1-5 Figure 1-2 ToS field and DS field........................................................................................................................1-5 Figure 1-3 Position of EXP field..........................................................................................................................1-8 Figure 1-4 Common QoS features in the DiffServ model..................................................................................1-10 Figure 1-5 Traffic policing and shaping.............................................................................................................1-11 Figure 1-6 Schematic diagram of traffic congestion..........................................................................................1-12 Figure 2-1 Traffic policing according to CAR.....................................................................................................2-2 Figure 2-2 TS diagram......................................................................................................................................... 2-5 Figure 2-3 Application of traffic policing and shaping........................................................................................2-5 Figure 2-4 Networking diagram of TS...............................................................................................................2-19 Figure 3-1 Relationship between WRED and queue mechanism........................................................................ 3-3 Figure 3-2 Networking diagram for configuring congestion avoidance..............................................................3-7 Figure 4-1 Diagram for configuring a traffic policy based on the complex traffic classification......................4-29 Figure 4-2 Networking diagram for configuring complex traffic classification on QinQ termination sub-interface .............................................................................................................................................................................4-36 Figure 4-3 Networking diagram for configuring VLAN QoS............................................................................4-40 Figure 4-4 Mapping from DSCP priority to MPLS priority..............................................................................4-44 Figure 5-1 Networking diagram for applying QPPB........................................................................................... 5-3 Figure 5-2 Networking diagram of QPPB configuration.....................................................................................5-9 Figure 6-1 Networking diagram of QPPB on L3VPN.........................................................................................6-3 Figure 6-2 Principle diagram for hierarchical resource reserved VPNs...............................................................6-4 Figure 6-3 The DSCP field in the IP packet and the EXP field in the MPLS packet.......................................... 6-5 Figure 6-4 Uniform model................................................................................................................................... 6-6 Figure 6-5 Pipe model..........................................................................................................................................6-7 Figure 6-6 Short Pipe model................................................................................................................................ 6-7 Figure 6-7 Typical networking for QPPB on L3VPN..........................................................................................6-9 Figure 6-8 Networking diagram for configuring QPPB in an L3VPN (VPNv4)...............................................6-36 Figure 6-9 Networking diagram for configuring QPPB in an L3VPN (VPN instance).....................................6-46 Figure 6-10 Networking diagram for configuring a hierarchical resource reserved L3VPN.............................6-56 Figure 6-11 Networking diagram for configuring a hierarchical resource reserved L2VPN (VLL).................6-72 Figure 6-12 Networking diagram for configuring a hierarchical resource reserved L2VPN (VPLS)...............6-86 Figure 6-13 Networking diagram for configuring hierarchical resource reserved VPNs..................................6-96 Figure 6-14 Networking diagram for configuring an MPLS DiffServ model..................................................6-114 Figure 7-1 Forced ATM traffic classification...................................................................................................... 7-4 Issue 03 (2008-09-22) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. ix
Figures
Quidway NetEngine80E/40E Core Router Configuration Guide - QoS Figure 7-2 Networking diagram for connecting two ATM networks with the PSN network..............................7-6 Figure 7-3 Networking diagram for transmitting Ethernet or IP packets over the ATM network.......................7-6
Figure 7-4 Forced traffic classification for transparent transmission of ATM cells............................................7-9 Figure 7-5 Forced traffic classification of 1483B traffic....................................................................................7-10 Figure 7-6 Networking diagram for configuring ATM simple traffic classification for 1-to-1 VCC ATM transparent transmission.........................................................................................................................................................7-25 Figure 7-7 Networking diagram for configuring simple traffic classification for 1-to-1 VPC ATM transparent transmission.........................................................................................................................................................7-32 Figure 7-8 Networking diagram for configuring simple traffic classification for AAL5 SDU ATM transparent transmission.........................................................................................................................................................7-38 Figure 7-9 Networking diagram of configuring 1483R-based ATM simple traffic classification.....................7-43 Figure 7-10 Networking diagram of configuring 1483B-based ATM simple traffic classification...................7-47 Figure 7-11 Networking diagram for forced ATM traffic classification...........................................................7-50 Figure 7-12 Networking diagram for configuring the ATM complex traffic classification..............................7-55 Figure 7-13 Networking diagram for configuring queue scheduling of ATM PVCs........................................7-59 Figure 8-1 Networking diagram of FRTS..........................................................................................................8-22 Figure 8-2 Networking diagram of FR fragmentation.......................................................................................8-24 Figure 9-1 Principle of traditional QoS queue scheduling...................................................................................9-2 Figure 9-2 Principle of HQoS scheduling on an Ethernet interface.....................................................................9-4 Figure 9-3 Upstream HQoS scheduling on an Ethernet interface........................................................................9-5 Figure 9-4 Downstream HQoS scheduling on an Ethernet interface...................................................................9-8 Figure 9-5 HQoS on a CPOS or E3/T3 interface.................................................................................................9-9 Figure 9-6 Typical networking diagram for VLAN user access through sub-interfaces...................................9-12 Figure 9-7 Typical networking diagram for VPN user access through sub-interfaces......................................9-12 Figure 9-8 Networking diagram for configuring SQ..........................................................................................9-58 Figure 9-9 Networking diagram for configuring QinQ HQoS...........................................................................9-64 Figure 9-10 Networking diagram for configuring HQoS on E3 interfaces........................................................9-70 Figure 9-11 Networking diagram for configuring HQoS on a CPOS interface.................................................9-73 Figure 9-12 Networking diagram for configuring PBB-TE-based HQoS..........................................................9-77 Figure 9-13 Networking diagram for configuring class-based HQoS................................................................9-82 Figure 9-14 Networking diagram of template-based HQoS...............................................................................9-89
Issue 03 (2008-09-22)
Tables
Tables
Table 1-1 Classification of DSCP........................................................................................................................ 1-6 Table 1-2 AF codepoint........................................................................................................................................1-7 Table 1-3 The default mapping between IPv4 precedence and CSCP.................................................................1-8 Table 4-1 Traffic classifiers and behaviors defined in policy1............................................................................ 4-7 Table 4-2 Traffic classifiers and behaviors defined in policy2............................................................................ 4-7 Table 4-3 Traffic classifiers and behaviors defined in policy3............................................................................ 4-8 Table 4-4 Default mapping between DSCP value and COS value of IP packets...............................................4-18 Table 4-5 Default mapping between the CoS value and the DSCP value..........................................................4-20 Table 4-6 Default mapping between DSCP value and COS value of IP packets in QinQ domain....................4-20 Table 4-7 Default mapping between the EXP value and the COS value of MPLS packets...............................4-21 Table 4-8 Default mapping between the CoS value and the EXP value............................................................4-21 Table 4-9 Mappings from 802.1p priorities to QoS CoSs and colors in the 5p3d domain template..................4-22 Table 4-10 Mappings from QoS CoSs and colors to 802.1p priorities in the 5p3d domain template................4-23 Table 4-11 Mappings from 802.1p priorities to QoS CoSs and colors in the default domain template............4-23 Table 4-12 Mappings from QoS CoSs and colors to 802.1p priorities in the default domain template............4-23 Table 6-1 Default mapping between the CoS value and the EXP value..............................................................6-6
Issue 03 (2008-09-22)
xi
About This Document
About This Document

Purpose
This document describes the basic knowledge and configurations of QoS, including traffic policing, traffic shaping, congestion management and avoidance, and traffic classification and provides an introduction of QPPB, VPN QoS, ATM QoS, FR QoS, and HQoS. This document can be used as a guide for QoS configurations.
Related Versions
The following table lists the product versions related to this document. Product Name Quidway NetEngine80E/40E Router Version V300R003
Intended Audience
This document is intended for:
l l l l
Commissioning engineer Data configuration engineer Network monitoring engineer System maintenance engineer
Organization
This document is organized as follows.
Issue 03 (2008-09-22)
About This Document
Chapter 1 QoS Overview
Description This chapter describes the performance measurement of services provided by the service provider. It also introduces some QoS solutions, such as RSVP and Diff-Serv Model. This chapter describes the traffic policing, traffic shaping and limit rate concepts. It also describes the configuration steps, along with typical examples. This chapter introduces the WRED concept and the configuration steps. This chapter describes the configuration of traffic policy based on complex traffic classification and simple traffic classification. This chapter describes concepts and configuration steps of QPPB. This chapter describes the implementation and configuration of QoS policies in VPN. This chapter describes the configuration of simple ATM traffic classification and forced ATM traffic classification. This chapter describes the configuration of frame relay traffic policing, frame relay traffic shaping, frame relay congestion management, frame relay congestion avoidance, and frame fragmentation. This chapter describes the basic concept, configuration procedure and examples of HQoS. This appendix collates frequently used glossaries in this document. This appendix collates frequently used acronyms and abbreviations in this document.
2 Traffic Policing and Shaping Configuration 3 Congestion Avoidance Configuration 4 Class-based QoS Configuration 5 QPPB Configuration 6 VPN QoS Configuration 7 ATM QoS Configuration 8 Frame Relay QoS Configuration
9 HQoS Configuration A Glossary B Acronyms and Abbreviations
Conventions
Symbol Conventions
The symbols that may be found in this document are defined as follows. Symbol Description Indicates a hazard with a high level of risk, which if not avoided, will result in death or serious injury.
Issue 03 (2008-09-22)
About This Document
Symbol
Description Indicates a hazard with a medium or low level of risk, which if not avoided, could result in minor or moderate injury.
Indicates a potentially hazardous situation, which if not avoided, could result in equipment damage, data loss, performance degradation, or unexpected results. Indicates a tip that may help you solve a problem or save time. Provides additional information to emphasize or supplement important points of the main text.
General Conventions
The general conventions that may be found in this document are defined as follows. Convention Times New Roman Boldface Italic Courier New Description Normal paragraphs are in Times New Roman. Names of files, directories, folders, and users are in boldface. For example, log in as user root. Book titles are in italics. Examples of information displayed on the screen are in Courier New.
Command Conventions
The command conventions that may be found in this document are defined as follows. Convention Boldface Italic [] { x | y | ... } [ x | y | ... ] Description The keywords of a command line are in boldface. Command arguments are in italics. Items (keywords or arguments) in brackets [ ] are optional. Optional items are grouped in braces and separated by vertical bars. One item is selected. Optional items are grouped in brackets and separated by vertical bars. One item is selected or no item is selected.
Issue 03 (2008-09-22)
About This Document
Convention { x | y | ... }*
Description Optional items are grouped in braces and separated by vertical bars. A minimum of one item or a maximum of all items can be selected. Optional items are grouped in brackets and separated by vertical bars. Several items or no item can be selected. The parameter before the & sign can be repeated 1 to n times. A line starting with the # sign is comments.
[ x | y | ... ]* &<1-n> #
GUI Conventions
The GUI conventions that may be found in this document are defined as follows. Convention Boldface > Description Buttons, menus, parameters, tabs, window, and dialog titles are in boldface. For example, click OK. Multi-level menus are in boldface and separated by the ">" signs. For example, choose File > Create > Folder.
Keyboard Operations
The keyboard operations that may be found in this document are defined as follows. Format Key Key 1+Key 2 Key 1, Key 2 Description Press the key. For example, press Enter and press Tab. Press the keys concurrently. For example, pressing Ctrl+Alt +A means the three keys should be pressed concurrently. Press the keys in turn. For example, pressing Alt, A means the two keys should be pressed in turn.
Mouse Operations
The mouse operations that may be found in this document are defined as follows. Action Click Description Select and release the primary mouse button without moving the pointer.
Issue 03 (2008-09-22)
About This Document
Action Double-click Drag
Description Press the primary mouse button twice continuously and quickly without moving the pointer. Press and hold the primary mouse button and move the pointer to a certain position.
Update History
Updates between document issues are cumulative. Therefore, the latest document issue contains all updates made in previous issues.
Updates in Issue 03 (2008-09-22)

This document is the third commercial release.

This document is the second commercial release.

Initial field trial release
Issue 03 (2008-09-22)
1 QoS Overview
1
About This Chapter
QoS Overview
This chapter describes the performance measurement of services provided by the service provider. It also introduces some QoS solutions, such as RSVP and Diff-Serv Model. 1.1 Introduction This section describes the basic concepts of the Quality of Service (QoS), traditional packet delivery services, new demands resulting from new services, and QoS features supported by the product. 1.2 End-to-End QoS Model This section describes the end-to-end service of QoS. 1.3 Techniques Used for the QoS Application Techniques Used for the QoS Application 1.4 QoS Supported by the NE80E/40E This section describes the QoS supported by the NE80E/40E
Issue 03 (2008-09-22)
1-1
1 QoS Overview
1.1 Introduction
This section describes the basic concepts of the Quality of Service (QoS), traditional packet delivery services, new demands resulting from new services, and QoS features supported by the product. Quality of service (QoS) is used to assess the ability of the supplier to meet the customer demands. In the Internet, QoS is used to assess the ability of the network to transmit packets. The network provides a wide variety of services and therefore, QoS should be assessed from different aspects. QoS generally refers to the analysis of the issues related to the process of sending packets such as, bandwidth, delay, jitter, and packet loss ratio. 1.1.1 Traditional Packet Transmission Application 1.1.2 New Application Requirements
1.1.1 Traditional Packet Transmission Application

It is difficult to ensure QoS in the traditional IP network. Because routers in the network handle all the packets equally and adopt First In First Out (FIFO) method to transfer packets. Resources used for forwarding packets are allocated based on the arrival sequence of the packets. All packets share the bandwidth of networks and routers. Resources are allocated according to the arrival time of the packets. This policy is called best effort (BE) . The device in this mode tries its best to transmit packets to the destination. The BE mode, however, does not ensure any improvement in delay time, jitter, packet loss ratio, and high reliability. The traditional BE mode applies only to services such as World Wide Web (WWW), file transfer, and email, which have no specific request for bandwidth and jitter.
1.1.2 New Application Requirements

With the rapid development of the network, increasing number of networks are connected to the Internet. The Internet expands greatly in size, scope, and users. The use of the Internet as a platform for data transmission and implementation of various applications is on the rise. Further, the service providers also want to develop new services for more profits. Apart from traditional applications such as WWW, email, and File Transfer Protocol (FTP), the Internet has expanded to accommodate other services such as E-learning, telemedicine, videophone, videoconference, and video on demand. Enterprise users want to connect their branches in different areas through VPN technologies to implement applications such as accessing corporate databases or managing remote devices through Telnet. These new applications put forward special requirements for bandwidth, delay, and jitter. For example, videoconference and video on demand require high bandwidth, low delay, and low jitter. Telnet stresses on low delay and priority handling in the event of congestion. As new services spring up, the number of requests for the service capability of IP networks has been on the rise. Users expect improved service transmission to the destination and also better quality of services. For example, IP networks are expected to provide dedicated bandwidth, reduce packet loss ratio, avoid network congestion, control network flow, and set the preference of packets to provide different QoS for various services.
1-2 Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2008-09-22)
1 QoS Overview
All these demand better service capability from the network, and QoS is just an answer to the requirements.
1.2 End-to-End QoS Model

This section describes the end-to-end service of QoS. Different service models are provided for user services to ensure QoS according to users' requirements and the quality of the network. The common service models are as follows:
l l l
Best-Effort service model Integrated service model Differentiated service model
1.2.1 Best-Effort Service Model 1.2.2 Integrated Service Model 1.2.3 Differentiated Service Model
1.2.1 Best-Effort Service Model

Best-Effort is an indiscriminate and the simplest service model. Application programs can, without notifying the network or obtaining any approval from the network, send any number of packets at any time. For the Best-Effort service, the network tries its best to send packets, but cannot ensure the performance such as delay and reliability. The Best-Effort model is the default service model of the Internet and can be applied to most networks, such as FTP and email, through the First-in-First-out (FIFO) queue.
1.2.2 Integrated Service Model

The integrated service model is called Antiserum for short. Antiserum is an integrated service model and can meet various QoS requirements. In this service model, before sending packets, an application program needs to apply for specific services through signaling. The application program first notifies the network of its traffic parameters and the request for special service qualities such as bandwidth and delay. After receiving the confirmation of the network that resources have been reserved for packets, the application program begins sending packets. The sent packets are controlled within the range specified by the flow parameters. After receiving the request for resources from the application program, the network checks the resource allocation. That is, based on the request and current available resources, the network determines whether to allocate resources for the application program or not. Once the network confirms that resources are allocated for the packets, and as long as the packets are controlled within the range specified by the flow parameters, the network is certain to meet the QoS requirements of the application program. The network maintains a state for each flow that is specified by the source and destination I addresses, interface number, and protocol number. Based on the state, the network classifies packets and performs traffic policing, queuing, and scheduling to fulfil its commitment to the application program. Antiserum can provide the following services:
Issue 03 (2008-09-22)
1-3
1 QoS Overview
l
Guaranteed service: provides the preset bandwidth and delay to meet the requirements of the application program. For example, a 10 Bit/s bandwidth and a delay less than one second can be provided for Voice over I (VoIP) services. Controlled-load service: If network overload occurs, packets can still be provided with the service similar to that provided in the absence of network overload. That is, when traffic congestion occurs on the network, less delay and high pass rate are ensured for the packets of certain application programs.
1.2.3 Differentiated Service Model

The differentiated service model is called DiffServ for short. In the model, the application program does not need to send its request for network resource before sending the packets. The application program informs network nodes of its demand for QoS by using QoS parameters in the IP packet header. Then routers along the path obtain the demand by analyzing the header of the packet. To implement Diff-Serv, the access router classifies packets and marks the class of service (CoS) in the IP packet header. The downstream routers then identify the CoS and forward the packets on the basis of CoS. Diff-Serv is therefore a class-based QoS solution.
Diff-Serv Model in IP Network

l
Diff-Serv Networking The network node that implements Diff-Serv is called a DS node. A group of DS nodes that adopt the same service policy and the same per-hop behavior (PHB) is called a DS domain. See Figure 1-1. DS nodes are classified into the following two modes:
DS border node: Connects DS domain with non-DS domain. This node controls traffic and sets Differentiated Services CodePoint (DSCP) value in packets according to the Traffic Conditioning Agreement (TCA). DS interior node: Connects a DS border node with other interior nodes in a DS domain. This node carries out only the simple traffic classification and traffic control based on the DSCP value.
1-4
Issue 03 (2008-09-22)
1 QoS Overview
Figure 1-1 Diff-Serv networking diagram
DS Field and DSCP The Type of Service (ToS) octet in IPv4 packet header is defined in RFC791, RFC134, and RFC1349. As shown in Figure 1-2, the ToS octet contains the following fields: Precedence: It is of three bits (bits 0 through 2). It indicates the precedence of the IP packet. D bit: It is of one bit and indicates delay. T bit: It is of one bit and indicates throughput. R bit: It is of one bit and indicates reliability. C bit: It is of one bit and indicates cost. The highest bit of ToS field has to be 0. The router first checks the IP precedence of packets to implement QoS. The other bits are not fully used. The ToS octet of IPv4 packet header is redefined in RFC2474, called DS field. As shown in Figure 1-2: Bits 0 through 5 in DS field are used as DSCP. Bit 6 and bit 7 are the reserved bits. Bits 0 through 2 are Class Selector CodePoint (CSCP), which indicate a type of DSCP. DS node selects PHB according to the DSCP value. Figure 1-2 ToS field and DS field
The DSCP field within the DS field is capable of conveying 64 distinct codepoints. The codepoint space is divided into three pools as shown in Table 1-1.
Issue 03 (2008-09-22)
1-5
1 QoS Overview
Table 1-1 Classification of DSCP Code Pool 1 2 3 Code Space xxxxx0 xxxx11 xxxx01 Usage Standard action EXP/LU (experiment or local use) EXP/LU (can be used as the extended space for future standard action)
Code pool 1 (xxxxx0) is used for standard action, code pool 2 (xxxx11) and code pool 3 (xxxx01) are used for experiment or future extension.
l
Standard PHB The DS node implements the PHB behavior on the data flow. The network administrator can configure the mapping from DSCP to PHB. When a packet is received, the DS node detects its DSCP to find the mapping from DSCP to PHB. If no matching mapping is found, the DS node selects the default PHB (Best-Effort, DSCP=000000) to forward the packet. All the DS nodes support the default PHB. The following are the four standard PHBs defined by the IETF: Class selector (CS), Expedited forwarding (EF), Assured forwarding (AF) and Best-Effort (BE). The default PHB is BE.
CS PHB Service levels defined by the CS are the same as the IP precedence used on the network. The value of the DSCP is XXX000 where the value of "X" is either 1 or 0. When the value of DSCP is 000000, the default PHB is selected.
EF PHB EF means that the flow rate should never be less than the specified rate from any DS node. EF PHB cannot be re-marked in DS domain except on border node. New DSCP is required to meet EF PHB features. EF PHB is defined to simulate the forwarding of a virtual leased line in the DS domain to provide the forwarding service with low drop ratio, low delay, and high bandwidth.
AF PHB AF PHB allows traffic of a user to exceed the order specification agreed by the user and the ISP. It ensures that traffic within the order specification is forwarded. The traffic exceeding the specification is not simply dropped, but is forwarded at lower service priorities. Four classes of AF: AF1, AF2, AF3, and AF4 are defined. Each class of AF can be classified into three different dropping priorities. AF codepoint AFij indicates AF class is i (1<=i<=4) and the dropping priority is j (1<=j<=3). When providing AF service, the carrier allocates different bandwidth resource for each class of AF. A special requirement for AF PHB is that the traffic control cannot change the packet sequence in a data flow. For instance, in traffic policing, different packets in a service flow are marked with different dropping priorities even if the packets belong to the same AF class. Although the packets in different service flows have different dropping ratio, their sequence remains unchanged. This mechanism is especially applicable to the transmission of multimedia service.
1-6
Issue 03 (2008-09-22)
1 QoS Overview
BE PHB BE PHB is the traditional IP packet transmission that focuses only on reachability. All routers support BE PHB.
Recommended DSCP Different DS domains can have self-defined mapping from DSCP to PHB. RFC2474 recommends code values for BE, EF, AFij, and Class Selector Codepoints (CSCP). CSCP is designed to be compatible with IPv4 precedence model.

BE: DSCP=000000 EF: DSCP=101110 AFij codepoint AFij codepoint is shown in Table 1-2. Table 1-2 AF codepoint Service Class AF(i=4) AF(i=3) AF(i=2) AF(i=1) Low Dropping Priority, j=1 100010 011010 010010 001010 Medium Dropping Priority, j=2 100100 011100 010100 001100 High Dropping Priority, j=3 100110 011110 010110 001110
In traffic policing:

If j=1, the packet color is marked as green. If j=2, the packet color is marked as yellow. If j=3, the packet color is marked as red. The first three bits of the same AF class are identical. For example, the first three bits of AF1j are 001; that of AF3j are 011, that of AF4j are 100. Bit 3 and bit 4 indicate the dropping priority which has three valid values including 01, 10, and 11. The greater the Bit value, the higher the dropping priority.
Class selector codepoint In the Diff-Serv standard, the CSCP is defined to make the DSCP compatible with the precedence field of the IPv4 packet header. The routers identify the priority of the packets through IP precedence. The IP precedence and the CSCP parameters map with each other. The user should configure the values for these parameters. In CSCP, the higher the value of DSCP=xxx000 is, the lower the forwarding delay of PHB is. The default mapping between CSCP and IPv4 precedence is shown in Table 1-3.
Issue 03 (2008-09-22)
1-7
1 QoS Overview
Table 1-3 The default mapping between IPv4 precedence and CSCP IPv4 Precedence 0 1 2 3 4 5 6 7 Other codepoints Besides the preceding DSCPs, other DSCPs correspond with BE services. CSCP (in binary) 000000 001000 010000 011000 100000 101000 110000 111000 CSCP (in dotted decimal) 0 8 16 24 32 40 48 56 Service Class BE AF1 AF2 AF3 AF4 EF EF EF
Diff-Serv Model in the MPLS Network

l
EXP field Defined in RFC3032, MPLS packet header is shown in Figure 1-3. EXP field is of three bits. Its value ranges from 0 to 7 and indicates the traffic type. By default, EXP corresponds to IPv4 priority. Figure 1-3 Position of EXP field
Processing QoS Traffic in MPLS Domain
Processing QoS Traffic on the Ingress LER On the Ingress Label Edger Router (LER) of MPLS domain, you can limit the data flow by setting the Committed Access Rate (CAR) to ensure that the data flow complies with MPLS bandwidth regulations. Besides, you can assign different priorities to the IP packets according to certain policies. One-to-one mapping can be achieved since the IP precedence field and the EXP field are both 3 bits. In Diff-Serv domain, however, the DSCP field of IP packet is 6 bits, which is different from the length of EXP and thus leads to many-to-one mapping. It is defined that the first 3 bits of DSCP (that is, CSCP) are mapped with EXP.
Processing QoS Traffic on the Device in the MPLS Domain
1-8
Issue 03 (2008-09-22)
1 QoS Overview
When forwarding the MPLS label, the LSR in MPLS carries out queue scheduling according to the EXP field in the labels of packets that are received. This ensures that packets with higher priority enjoy better service.
Processing QoS Traffic on the Egress LER On the Egress LER of MPLS domain, you need to map EXP field to DSCP field of IP packet. By standard, the first 3 bits of DSCP (that is, CSCP) take the value of EXP, and the last 3 bits take 0.
It should be noted that QoS is an end-to-end solution, while MPLS only ensures that data can enjoy the services regulated in SLA. After the data enters the IP network, IP network ensures QoS.
1.3 Techniques Used for the QoS Application

Techniques Used for the QoS Application The primary technologies for implementing DiffServ include:
l l l l l
Traffic classification Traffic policing Traffic shaping Congestion management Congestion avoidance
Traffic classification is the basis of the QoS application. With this technique, packets are identified based on certain mapping rules. This is a precondition for providing differentiated services. Traffic policing, traffic shaping, congestion management, and congestion avoidance control the network traffic and resource allocation from different aspects. They feature the DiffServ concept. The following describes these techniques in detail:
l
Traffic classification: Identifies objects according to specific rules. It is the prerequisite of Diff-Serv and is used to identify packets according to defined rules. Traffic policing: Controls the traffic rate. The rate of the traffic that enters the network is monitored and the traffic exceeding its rate limit is restricted. Only a reasonable traffic range is allowed to pass through the network. This optimizes the use of network resources and protects the interests of the service providers. Traffic shaping: Actively adjusts the rate of outputting traffic. It adjusts the volume of output traffic according to the network resources that can be afforded by the downstream router to prevent dropping of packets and congestion. Congestion management: Handles resource allocation during network congestion. It stores packets in the queue first, and then takes a dispatching algorithm to decide the forwarding sequence of packets. Congestion avoidance: Monitors the usage of network resources, and actively drops packets in case of heavy congestion. This addresses the problem of network overload.
For the common QoS features in the DiffServ model, see Figure 1-4.
Issue 03 (2008-09-22)
1-9
1 QoS Overview
Figure 1-4 Common QoS features in the DiffServ model
In the IntServ model, the Resource Reservation Protocol (RSVP) is used as signaling for the transmission of QoS requests. When a user needs QoS guarantee, the user sends a QoS request to the network devices through the RSVP signaling. The request may be a requirement for delay, bandwidth, or packet loss ratio. After receiving the RSVP request, the nodes along the transfer path perform admission control to check the validity of the user and the availability of resources. Then the nodes decide whether to reserve resources for the application program. The nodes along the transfer path meet the request of the user by allocating resources to the user. This ensures the QoS of the user services. In addition, the link efficiency mechanism carries out packet header compression on low-rate links, which greatly improves the efficiency of links. The headers such as IP headers, Transmission Control Protocol (TCP) headers, and User Datagram Protocol (UDP) headers of packets transmitted on the link layer are compressed through the mechanism. This mechanism applies mainly to PPP link layers. 1.3.1 Traffic Classification 1.3.2 Traffic Policing and Shaping 1.3.3 Congestion Avoidance Configuration 1.3.4 RSVP
1.3.1 Traffic Classification

When implementing QoS in Diff-Serv model, the router needs to identify each class of traffic. The following are the two methods for the router to classify traffic:

l
1 QoS Overview
Complex traffic classification: This classification is based on IP protocol domain, source IP address range, destination IP address range, DSCP, IP precedence, source port range, destination port range, type and code of ICPM protocol, type of IGMP protocol. Simple traffic classification: This classification is based on IP precedence, DSCP, MPLS EXP, 802.1P precedence in packets. A collection of packets of the same class is called Behavior Aggregate (BA). Generally, the core router in Diff-Serv domain performs only simple traffic classification.
1.3.2 Traffic Policing and Shaping

In a Diff-Serv domain, traffic policing, and traffic shaping is completed by the traffic conditioner. A traffic conditioner consists of four parts: Meter, Marker, Shaper, and Dropper as shown in Figure 1-5.
l
Meter: Measures the traffic and judges whether the traffic complies with the specifications defined in TCS. Based on the result, the router performs other actions through Marker, Shaper, and Dropper. Marker: Re-marks the DSCP of the packet, and puts the re-marked packet into the specified BA. The available measures include lowering the service level of the packet flow which does not match the traffic specifications (Out-of-Profile) and maintaining the service level. Shaper: Indicates the traffic shaper. Shaper buffers the traffic received and ensures that packets are sent at a rate not higher than the committed rate. Dropper: Indicates the action in traffic policing to control the traffic in accordance with the traffic specification by dropping packets. Dropper can be implemented by setting the Shaper buffer to 0 or a small value.
Figure 1-5 Traffic policing and shaping
In Diff-Serv, routers must support traffic control on the inbound and outbound interfaces simultaneously. The functions of routers vary with their locations. The functions of a router are as follows:
l
The border router processes the access of a limited number of low-speed users. In this way, traffic control on the border router can be completed efficiently. A large amount of traffic classification and traffic control are completed by the border router. The core router only performs PHB forwarding of BA to which packets flow belong. In this way, PHB forwarding can be completed with high efficiency, which also meets the requirements of high-speed forwarding by Internet core network.
1.3.3 Congestion Avoidance Configuration

Issue 03 (2008-09-22) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 1-11
1 QoS Overview
Low QoS in the traditional networks is mainly caused by network congestion. When the available resources temporarily fail to meet the requirements of the service transmission, the bandwidth cannot be ensured. As a result, service rate decreases, resulting in long delay and high jitter. This phenomenon is called congestion.
Causes of Congestion
Congestion often occurs in complex packet switching environment of the Internet. It is caused by the bandwidth bottleneck of two types of links, as shown in Figure 1-6. Figure 1-6 Schematic diagram of traffic congestion
Packets enter the router at high rate through v1, and are forwarded at low rate through v2. Congestion occurs in the router because the rate of v1 is greater than that of v2. Packets from multiple links enter the router at the rate of v1, v2, and v3. They are forwarded at the same rate of v4 through a single link. Congestion occurs in the router because the total rate of v1, v2, and v3 is greater than that of v4.
Congestion also occurs due to the causes as follows:

l l
Packets enter the router at line speed. Resources such as available CPU time, buffer, or memory used for sending packets are insufficient. Packets that arrive at the router within a certain period of time are not well controlled. As a result, the network resources required to handle the traffic exceed the available resources.
Congestion Results
The impact of congestion is as follows:
l
Increases the delay and the jitter in sending packets. Long delay can cause retransmission of packets. Reduces the efficiency of throughput of the network and result in waste of the network resources. Consumes more network resources, particularly storage resources when congestion is aggravated. If not properly allocated, the network resources may be exhausted, and the system may crash.
Congestion is the main cause of low QoS. It is very common in complex networks and must be solved to increase the efficiency of the network.
1 QoS Overview
Congestion Solutions
When congestion occurs or aggravates, queue scheduling and packet discard policies can be used to allocate network resources for traffic of each service class. The commonly used packet discard policies are as follows:
l
Tail Drop When the queue is full, subsequent packets that arrive are discarded. Random Early Detection (RED) When the queue reaches a certain length, packets are discarded randomly. This can avoid global synchronization due to slow TCP start.
Weighted Random Early Detection (WRED) When discarding packets, the router considers the queue length and packet precedence. The packets with low precedence are discarded first and are more likely to be discarded.
The NE80E/40E adopts WRED to avoid congestion problems.
1.3.4 RSVP
RSVP is an end-to-end protocol. Requests for resources are transmitted between nodes through RSVP. The nodes allocate resources at the requests. This is the process of resource reservation. Nodes check the requests against current network resources before determining whether to accept the requests. If the current network resources are quite limited, certain requests can be rejected. Different priorities can be set for different requests for resources. Therefore, a request with a higher priority can preempt reserved resources when network resources are limited. RSVP determines whether to accept requests for resources and promises to meet the accepted requests. RSVP itself, however, does not implement the promised service. Instead, it uses the techniques such as queuing to guarantee the requested service. Network nodes need to maintain some soft state information for the reserved resource. Therefore, the maintenance cost is very high when RSVP is implemented on large networks. RSVP is therefore not recommended for the backbone network.
1.4 QoS Supported by the NE80E/40E

This section describes the QoS supported by the NE80E/40E The NE80E/40E supports unicast QoS and multicast QoS. The mechanism of multicast QoS is similar to that of unicast QoS; the only difference between them is that multicast packets enter different queues for QoS processing. Therefore, you do not need to perform special configurations. NE80E/40E supports IPv4 QoS and IPv6 QoS and can classify, re-mark service priorities of, and redirect IPv6 packets. NE80E/40E supports the following QoS techniques:
l l
Traffic classification Traffic policing

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 1-13
Issue 03 (2008-09-22)
1 QoS Overview
l l l l l
Traffic shaping Congestion avoidance Congestion management HQoS that enables more specific scheduling MPLS DiffServ, MPLS TE, and MPLS DS-TE that enable comprehensive combination between QoS and MPLS VPN QoS that enables VPN services with end-to-end QoS deployment
NE80E/40E supports ATM QoS and FR QoS, thus enabling QoS deployment on non-IP networks and delivery of QoS parameters between IP networks and non-IP networks.
1-14
Issue 03 (2008-09-22)
2 Traffic Policing and Shaping Configuration
Traffic Policing and Shaping Configuration
About This Chapter

This chapter describes the concepts of traffic policing and traffic shaping. It also describes the configuration steps, along with typical examples. 2.1 Introduction This section describes some concepts related to traffic policing and traffic shaping, and rate limitation. 2.2 Configuring Interface-based Traffic Policing This section describes the procedure for configuring interface-based traffic policing. 2.3 Configuring CTC-based Traffic Policing This section describes the procedure for configuring CTC-based traffic policing. 2.4 Configuring Traffic Shaping This section describes how to configure traffic shaping. 2.5 Maintaining Statistics The section describes how to maintain statistics. 2.6 Configuration Examples This section provides an example for configuring traffic policing and traffic shaping.
Issue 03 (2008-09-22)
2-1
2.1 Introduction
This section describes some concepts related to traffic policing and traffic shaping, and rate limitation. 2.1.1 Traffic Policing 2.1.2 Traffic Shaping 2.1.3 Traffic Policing and Shaping Supported by NE80E/40E
2.1.1 Traffic Policing

Traffic policing (TP) is used to monitor the specifications of the traffic that enters a network and keep it within a reasonable range. In addition, TP optimizes network resources and protects the interests of carriers by restricting the traffic that exceeds the rate limit.
CAR
The Committed Access Rate (CAR) is applied to limit certain categories of traffic. For example, Hypertext Transfer Protocol (HTTP) packets can be kept from taking up more than 50% of the network bandwidth. Packets are first classified according to the pre-defined matching rules. Packets that comply with the specified rate limit are forwarded directly. Packets that exceed the specifications are dropped or have their priorities re-set.
Token Bucket
CAR uses token buckets (TBs) to implement traffic policing. As shown in Figure 2-1, the token bucket is regarded as a container of tokens with a pre-defined capacity. The system puts tokens into the bucket at a defined rate. If the token bucket is full, no more tokens can be added. Figure 2-1 Traffic policing according to CAR
The process is as follows:

1. 2.
If there are enough tokens in the bucket, packets are forwarded. At the same time, the amount of tokens in the bucket decreases based on the length of the packets. If the token bucket does not hold enough tokens for sending packets, the packets are dropped or their priority values are re-set.
l
Traffic policing with a single token bucket A single token bucket can implement traffic measurement in simple situations. When a single token bucket is used, one token is used to forward one byte of data. If there are enough tokens available to forward a packet, the packet is regarded as compliant and is marked green. Otherwise, the packet is regarded as noncompliant or over the limit, and is marked red. The following are the two parameters used in traffic policing with a single token bucket:
Committed Information Rate: the rate of putting tokens into the bucket, that is, the permitted average traffic rate. . Committed Burst Size : the capacity of the token bucket, that is, the maximum amount of traffic. The value of the CBS must be greater than that of the maximum packet size.
A new evaluation is made when a new packet arrives. If there are enough tokens in the bucket for each evaluation, it implies that the packet is within the range. In this case, the number of tokens taken equals the byte size of the forwarded packet.
l
Traffic policing with two token buckets You can use two token buckets to measure traffic in more complex conditions and implement more flexible traffic policing. These two buckets are called C bucket and P bucket. The C bucket places tokens at a rate of the Committed Information Rate (CIR) and its size is called Committed Burst Size (CBS). The P bucket places tokens at a rate of Peak Information Rate (PIR) and its size is called Peak Burst Size (PBS). The value of CBS is less than that of PBS. Each time the traffic is measured, the following rules are applied:

If there are enough tokens in C bucket, packets are marked green. If there are not enough tokens in C bucket but enough tokens in P bucket, packets are marked yellow. If tokens in neither of the buckets are enough, packets are marked red. CIR: the rate of putting tokens into C bucket, that is, the permitted average traffic rate of C bucket. CBS: the capacity of the C bucket, that is, the maximum amount of traffic of C bucket. PIR: the rate of putting tokens into P bucket, that is, the permitted average traffic rate of P bucket. PBS: the capacity of the P bucket, that is, the maximum amount of traffic of P bucket.
The parameters used in traffic policing with two token buckets are described as follows:
The NE80E/40E uses two algorithms, srTCM and trTCM, in traffic policing with two token buckets. The algorithms have two working modes, Color-blind and Color-aware. The color-blind mode is more commonly used. For details, refer to "QoS Overview."
Traffic Policing Action

According to different evaluation results, TP implements the pre-configured policing actions, which are described as follows:

l
Pass: Forwards the packets evaluated as "compliant" or re-forwards the service marked Differentiated Services Code Point (DSCP) for DiffServ. Discard: Drops the packets evaluated as "noncompliant." Remark: Changes the precedence of the packet that is evaluated as "partly compliant" and then forwards it.
l l
Statistics Function
It is necessary to control and measure users' traffic on a network. The traditional method of statistics based on the interface has the following disadvantages:
l
Of the upstream traffic, only the traffic before CAR operation can be measured. It is impossible to measure the actual traffic of users and the loss of packets that occurs when the traffic rate exceeds the bandwidth limit. Of the downstream traffic, only the interface traffic after CAR operation at the egress can be measured. Forwarded and dropped traffic cannot be measured.
To analyze how users' traffic exceeds the limit, carriers have to collect statistics again after CAR. Based on this statistic data, carriers can advise users to buy a higher bandwidth. With the interface CAR statistics function, the NE80E/40E can measure and record the traffic after upstream CAR operation, that is, the actual access traffic of a company user or an Internet bar, as well as the forwarded and dropped packets after downstream CAR operation. This can help carriers know users' network traffic.
2.1.2 Traffic Shaping

Traffic shaping (TS) is an active way to adjust the traffic output rate. A typical application of TS is to control the volume and burst of outgoing traffic based on the network connection. Thus the packets can be transmitted at a uniform rate. TS is implemented by using the buffer and token bucket. As shown in Figure 2-2, after classification, packets are processed as follows:
l l
For packets not involved in TS, the packets are forwarded directly. For packets involved in TS, when no General Traffic Shaping (GTS) queue exists, the length of packets is compared with the number of tokens in the token bucket. If there are sufficient tokens to send packets, packets are sent; if there are insufficient tokens, the GTS queue is enabled where packets are cached. Tokens are placed in the token bucket at the user-defined rate. Packets in the GTS queue are removed and sent periodically. As packets are sent, the number of tokens reduces based on the number of packets. During the course of sending packets, the number of packets is compared with the number of tokens in the token bucket. The number of tokens in the token bucket stops decreasing when all the packets in the GTS queue are sent or can no longer be sent. For packets involved in TS, packets enter the GTS queue to wait before being sent periodically, if the GTS queue is enabled. If the GTS queue is full when new packets arrive at the queue, the packets are dropped.
2-4
Issue 03 (2008-09-22)
Figure 2-2 TS diagram
As shown in Figure 2-3, Router A sends packets to Router B. Router B performs TP on the packets, and directly drops the packets over the traffic limits. Figure 2-3 Application of traffic policing and shaping
To reduce the number of packets that are dropped, you can use TS on the output interface of Router A. The packets beyond the traffic limits of TS are cached in Router A. While sending the next batch of packets, TS gets the cached packets from the buffer or queues and sends them out. In this way, all the packets sent to Router B abide by the traffic regulation of Router B. The main difference between TS and TP is that TS buffers the packets which exceed the traffic limits. When there are enough tokens in the Token Bucket, these buffered packets are sent out at a uniform rate. Another difference is that TS may increase delay but TP causes almost no extra delay.
2.1.3 Traffic Policing and Shaping Supported by NE80E/40E

NE80E/40E supports traffic policing and shaping. It includes:
l
Interface-based traffic policing.

Issue 03 (2008-09-22)

l
Interface-based statistics function of CAR. It can measure the interface upstream traffic after CAR operation. CTC-based traffic policing. CoSs and color of packets can be re-marked after traffic policing. Traffic shaping on the outbound interface.
2.2 Configuring Interface-based Traffic Policing

This section describes the procedure for configuring interface-based traffic policing.
NOTE
You can obtain CAR statistics of the following interfaces: Ethernet interfaces, POS interfaces, Ethernet sub-interfaces (excluding QinQ sub-interface), and Layer 2 Ethernet ports, GRE Tunnel interface, EthTrunk interface, Layer 2 Eth-Trunk interface, Eth-Trunk sub-interface, and IP-Trunk interface. Note that when you query the statistics of Layer 2 ports, you must specify a VLAN. Interface-based traffic policing does not differentiate unicast, multicast, or broadcast packets.
2.2.1 Establishing the Configuration Task 2.2.2 Configuring CAR on a Layer 3 Interface 2.2.3 Configuring CAR on a Layer 2 Interface 2.2.4 Checking the Configuration
2.2.1 Establishing the Configuration Task

Applicable Environment
If users' traffic is not limited, burst data from numerous users can make the network congested. To optimize the use of network resources, you need to limit users' traffic. Traffic policing is a traffic control method that limits network traffic and control the usage of network resources by monitoring network specifications. Traffic policing can be implemented on both inbound interfaces and outbound interfaces. Traffic policing based on the interface controls all traffic that enters an interface without differentiating types of packets. This method is used on core routers of a network.
Pre-configuration Tasks
Before configuring TP, complete the following tasks:
l l
Configuring the physical parameters of interfaces Configuring the link layer attributes of interfaces to ensure normal operation of the interfaces Configuring IP addresses for interfaces (This is done when you configure CAR on Layer 3 interfaces.) Enabling routing protocols and ensuring that routers interwork with each other (This is done when you configure CAR at Layer 3 interfaces.)
Data Preparation
To configure traffic policing, you need the following data:
No. 1 2
Data CIR, PIR, CBS, and PBS Interfaces where CAR and directions (inbound or outbound) are configured
2.2.2 Configuring CAR on a Layer 3 Interface

Context
NOTE
You can configure traffic policing for the NE80E/40E only on the Ethernet (excluding QinQ), POS, Layer 2 Ethernet, GRE Tunnel, Eth-Trunk, Layer 2 Eth-Trunk, or IP-Trunk interface, or the Ethernet or EthTrunk sub-interface.
The NE80E/40E supports configuration of traffic policing in both inbound and outbound directions on major Layer 3 interfaces. Traffic policing includes two types: STB traffic policing and DTB traffic policing.
l
If the network traffic is simple, you can configure STB traffic policing with parameters cir and cbs. If the network traffic is complex, you need to configure DTB traffic policing with parameters cir, pir, cbs, and pbs.
Do as follows on the router:
Procedure
Step 1 Run:
system-view
The system view is displayed. Step 2 Run:

interface interface-type interface-number
The interface view is displayed. Step 3 Run:

qos car { cir cir-value [ pir pir-value ] } [ cbs cbs-value pbs pbs-value ] [ green { discard | pass [ service-class class color color ] } | yellow { discard | pass [ service-class class color color ] } | red { discard | pass [ serviceclass class color color ] } ]* { inbound | outbound }
The interface is configured with CAR. ----End
Postrequisite
If packets are re-marked to service classes of EF, BE, CS6, and CS7, these packets can only be re-marked green in color.
2.2.3 Configuring CAR on a Layer 2 Interface

Context
The NE80E/40E supports configuration of traffic policing in both inbound and outbound directions on Layer 2 interfaces.
l l l l
To configure STB traffic policing, select parameters cir and cbs. To configure DTB traffic policing, select parameters cir, pir, cbs and pbs. To configure inbound traffic policing, select the parameter inbound. To configure outbound traffic policing, select the parameter outbound.
NOTE
You can configure traffic policing for the NE80E/40E only on the physical GE and Ethernet interfaces.
Procedure
Step 1 Run:
system-view

interface { ethernet | gigabitethernet } interface-number

portswitch
The Layer 2 interface view is displayed. Step 4 Run the following command as required:
l
Run:
port default vlan vlan-id
A Layer 2 interface is added to a VLAN.

l
Run:
port trunk allow-pass vlan { { vlan-id1 [ to vlan-id2 ] } & <1-10> | all }
The IDs of the VLANs allowed by the current interface are specified. Step 5 Run:
qos car { cir cir-value [ pir pir-value] } [ cbs cbs-value pbs pbs-value ] [ green { discard | pass [ service-class class color color ] } | yellow { discard | pass [ service-class class color color ] } | red { discard | pass [ service-class class color color ] } ]* { inbound | outbound } [ vlan { vlan-id1 [ to vlan-id2 ] &<1-9> } ]
CAR is configured on an interface. The parameter [ vlan { vlan-id1 [ to vlan-id2 ] &<1-9> } ] takes effect only on layer 2 interfaces, and VLAN ID must be configured. When this command is configured on a layer 3 interface, however, VLAN ID cannot be configured. ----End
Postrequisite
If packets are re-marked to service classes of EF, BE, CS6, and CS7, these packets can only be re-marked green in color.
2.2.4 Checking the Configuration

Run the following commands to check the previous configuration. Action Check the traffic information about an interface. Check the CAR statistics on a Layer 3 interface of a specified direction. Check the CAR statistics on a Layer 2 port of a specified direction. Command display interface [ interface-type [ interface-number ] ] [ | { begin | exclude | include } regular-expression ] display car statistics interface interface-type interfacenumber [ .sub-interface ] { inbound | outbound } display car statistics interface interface-type interfacenumber vlan vlan-id { inbound | outbound }
Using the display car statistics interface interface-type interface-number [ vlan vlan-id ] { inbound | outbound } command, you can view the statistics on an interface of a specified direction. The statistics include the number of passed packets, number of passed bytes, and rate of passed packets; number of dropped packets, number of dropped bytes, and rate of dropped packets. For example:
<Quidway> display car statistics interface pos 6/0/0 outbound interfacePos6/0/0 outbound Committed Access Rate: CIR 200(Kbps), PIR 0(Kbps), CBS 400(byte), PBS 500(byte) Conform Action: pass Yellow Action: pass Exceed Action: discard Passed: 840 bytes, 15 packets Dropped: 56 bytes, 1 packets Last 30 seconds passed rate: 0 bps, 0 pps Last 30 seconds dropped rate: 0 bps, 0 pps
2.3 Configuring CTC-based Traffic Policing

This section describes the procedure for configuring CTC-based traffic policing. 2.3.1 Establishing the Configuration Task 2.3.2 Defining Traffic Classes 2.3.3 Defining a Behavior and Configuring Traffic Policing Actions 2.3.4 Configuring a Traffic Policy 2.3.5 Applying Traffic Policies 2.3.6 Checking the Configuration

There are a large number of users in the network and they send data constantly. This can cause network congestion and have a great impact on the operation and service quality of the network. Therefore, to guarantee the bandwidth no matter the network is idle or congested, traffic control needs to be implemented on one or several types of packets. You can combine complex traffic classification (CTC) and traffic control to configure the traffic policing policy based on complex traffic classification. Then, apply the policy to the inbound interface to restrict the traffic of the specific packets within a reasonable range. Therefore limited network resources are better utilized.
NOTE
CTC means classifying packets based on the quintuple that includes the source address, source port number, protocol number, destination address, and destination address. It is usually implemented on the border routers in the network.
Before configuring CTC-based traffic policing, you need to complete the following preconfiguration tasks:
l l
Configure the physical parameters for related interfaces Configure the link layer attributes for related interfaces to ensure normal operation of the interfaces Configure IP addresses for related interfaces Enable the routing protocols for reachability
l l
Data Preparation
The following data is necessary for configuring CTC-based traffic policing. No. 1 2 3 4 5 6 Data Class name ACL number, source MAC address, destination MAC address, IP precedence, DSCP value, 802.1p value, and TCP flag value Traffic behavior name CIR, PIR, CBS, and PBS Policy name Interface type and number where the traffic policy is applied
2.3.2 Defining Traffic Classes

Context
NOTE
l l
If traffic classification is based on Layer 3 or Layer 4 information, the traffic policy can be applied to only Layer 3 interface. If traffic classification is based on Layer 2 information, the traffic policy can be applied to both Layer 3 interface and Layer 2 port. To apply such a traffic policy to a Layer 2 port or a Layer 3 interface, specify the key word link-layer in the command line.
Procedure
l Defining traffic classification based on layer 3 or layer 4 information Do as follows on the router: 1. Run:
system-view
The system view is displayed. 2. Run:

traffic classifier classifier-name [ operator { and | or } ]
A traffic classifier is defined and the view of the classifier is displayed. 3. Choose the desired matching rule according to your requirements:
To set a matching rule to classify traffic based on the ACL number, Run:
if-match [ ipv6 ] acl acl-number
To set a matching rule to classify traffic based on the DSCP value, Run:
if-match [ ipv6 ] dscp dscp-value
To set a matching rule to classify traffic based on the TCP flag, Run:
if-match tcp syn-flag tcpflag-value
To set a matching rule to classify traffic based on the IP precedence, Run:

if-match ip-precedence ip-precedence
To match all packets, Run:

if-match [ ipv6 ] any
To set a matching rule to classify traffic based on the source IPv6 address, Run:
if-match ipv6 source-address ipv6-address prefix-length
To set a matching rule to classify traffic based on the destination IPv6 address, Run:
if-match ipv6 destination-address ipv6-address prefix-length
A matching rule is set to classify traffic.

NOTE
If both the if-match [ ipv6 ] acl acl-number command and the if-match [ ipv6 ] any command are configured, the command that is configured first takes effect before the other. To match IPv6 packets, you must specify the key word ipv6 when you choose a matching rule in Step 3. A matching rule defined to match packets based on source or destination addresses is valid only with IPv6 packets, but not with IPv4 packets.
If you set more than one matching rule for the same classifier, you can set their relations by specifying the parameter operator in step 2:
Logic operator and: A packet belongs to the classifier only when it matches all the rules.
Issue 03 (2008-09-22)

Logic operator or: A packet belongs to the classifier if it matches one of the rules. By default, the logic operator of the rules is or.
Defining traffic classification based on layer 2 information Do as follows on the router: 1. Run:
system-view

A traffic classifier is defined and the view of the classifier is displayed. 3. Choose the desired matching rule according to your requirements:
To set a matching rule to classify VLAN packets based on the value of the 802.1p field, Run:
if-match 8021p 8021p-value
To set a matching rule to classify traffic based on the source MAC address, Run:
if-match source-mac mac-address
To set a matching rule to classify traffic based on the destination MAC address, Run:
if-match destination-mac mac-address
To set a matching rule to classify traffic based on MPLS EXP, Run:

if-match mpls-exp exp-value
If you set more than one matching rule for the same classifier, you can set their relations by specifying the parameter operator in step 2:

Logic operator and: A packet belongs to the classifier only when it matches all the rules. Logic operator or: A packet belongs to the classifier if it matches one of the rules. By default, the logic operator of the rules is or.
----End
2.3.3 Defining a Behavior and Configuring Traffic Policing Actions

Context
Procedure
Step 1 Run:
system-view

traffic behavior behaviorname
2-12
Issue 03 (2008-09-22)
A traffic behavior is set and the behavior view is displayed. Step 3 Run:
car { cir cir-value [ pir pir-value] } [ cbs cbs-value pbs pbs-value ] [ green { discard | pass [ service-class class color color ] } | yellow { discard | pass [ service-class class color color ] } | red { discard | pass [ service-class class color color ] } ]*
A traffic policing action is set for the traffic behavior. In step 3, choose parameters according to your requirement:
l
To set traffic policing with a single token bucket, select cir and cbs, and set the value of pbs to 0. To set traffic policing with double token buckets, select cir, cbs, and pbs. Use parameters cir, pir, cbs, and pbs to configure traffic policing with two rates and two token buckets.
l l
----End
Postrequisite
The NE80E/40E supports marking the priority and color of packets after traffic policing. If packets are re-marked as the service levels of ef, be, cs6, and cs7, the packet color can only be re-marked in green.
2.3.4 Configuring a Traffic Policy

Context
Procedure
Step 1 Run:
system-view

traffic policy policy-name
A policy is defined and the view of the policy is displayed. Step 3 Run:
classifier traffic-class-name behavior behavior-name
The specified behavior and classifier are associated in the policy. ----End
2.3.5 Applying Traffic Policies

Procedure
l Applying Traffic Policies to Layer 3 Interfaces
NOTE
l l l
This product supports traffic policies on physical interfaces POS ports and GE ports, as well as logical interfaces, such as the sub-interface, ring-if, IP-Trunk and Eth-Trunk interface. Traffic policies cannot be directly applied to the VLANIF interface. They can be implemented by combining physical or Eth-trunk interfaces with VLAN IDs. If traffic is to be classified on a layer 3 interface based on layer 2 information 802.1p, the interface must be a sub-interface.
Do as follows on the router. 1. Run:

system-view

The specified interface view is displayed. 3. Run:

traffic-policy policy-name { inbound | outbound } [ link-layer| alllayer ]
The specified traffic policy is applied to the interface. If the parameter all-layer is specified, the system performs the complex classification according to Layer 2 information about packets. If the Layer 2 information about a packet fails to match the classification rules, the system goes on with the Layer 3 information about the packet. By default, the system performs the complex traffic classification according to Layer 3, Layer 4, or other information. When applying a traffic policy to a Layer 3 interface, you can specify traffic classification based on Layer 2, Layer 3 or Layer 4 information about the packet. In step 3, choose parameters according to your requirements:
To perform complex traffic classification based on Layer 2 information first, and then on Layer 3 or Layer 4 information if the Layer 2 information fails to match the classification rules, choose the parameter all-layer. To configure complex classification of the incoming traffic, choose the parameter inbound. To configure complex classification of the outgoing traffic, choose the parameter outbound.
Applying the Traffic Policy to Layer 2 Interfaces Do as follows on the router. 1. Run:
system-view
The system view is displayed. 2.

2-14
Run:
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. Issue 03 (2008-09-22)
interface { ethernet | gigabitethernet | eth-trunk } interface-number

portswitch
The interface changes to a layer 2 interface. 4. Run:

traffic-policy policy-name { inbound | outbound } [ vlan vlan-id1 [ to vlan-id2 ] ] [ link-layer | all-layer]
The specified traffic policy is applied to the layer 2 port.

NOTE
If you apply a traffic policy to the VLAN traffic on a Layer 2 interface, you need to configure the port trunk allow-pass vlan { { vlan-id1 [ to vlan-id2 ] } & <1-10> | all } or the port default vlan vlan-id command on the Layer 2 interface. If you apply a traffic policy without specifying a VLAN, the traffic policy is applied to the VLAN switch services that pass through the interface or the service traffic that is added to PBB-TE in interface mode. When applying a traffic policy to VLAN switch services on a Layer 2 interface or the service traffic that is added to PBB-TE in interface mode, you do not need to specify a VLAN ID. You must, however, specify a VLAN ID when you apply a traffic policy to the VLAN traffic that goes through a Layer 2 interface.
When applying traffic policies on Layer 2 interfaces, you can set trafffic classification based on only the Layer 2 information of the packet:

To configure complex classification of the incoming traffic, use parameter inbound. To configure complex classification of the outgoing traffic, use parameter outbound.
----End

Use the following display commands to check the configuration. Action Check the traffic of an interface. Check the traffic behavior. Check the classifier. Check the associated behavior and classifier in the traffic policy. Command display interface [ interface-type [ interface-number ] ] [ | { begin | exclude | include } regular-expression ] display traffic behavior { system-defined | userdefined } [ behavior-name ] display traffic classifier { system-defined | userdefined } [ classifier-name ] display traffic policy { system-defined | user-defined } [ policy-name [ classifier classifier-name ] ]
If the configuration succeeds,


l
The name of the configured traffic behavior and the actions are displayed if you run the display traffic behavior command:
<Quidway> display traffic behavior user-defined User Defined Behavior Information: Behavior: database Redirecting: Redirect Ip-NextHop 20.13.9.3 Behavior: huawei Marking: Remark IP Precedence 4 Committed Access Rate: CIR 1000 (Kbps), PIR 0 (Kbps), CBS 10000 (byte), PBS 0 (byte) Conform Action: pass Yellow Action: pass Exceed Action: discard Redirecting:
The name of the configured traffic classifier and its matching rules, as well as the logical operator of the rules are displayed if you run the display traffic classifier command:
<Quidway> display traffic classifier user-defined User Defined Classifier Information: Classifier: database Operator: OR Rule(s) : if-match acl 3000 Classifier: huawei Operator: AND Rule(s) : if-match ip-precedence 3
The name of the configured traffic policy and the associated behavior and classifier are displayed if you run the display traffic policy command:
<Quidway> display traffic policy user-defined User Defined Traffic Policy Information: Policy: test Classifier: default-class Behavior: be -noneClassifier: huawei Behavior: huawei Marking: Remark IP Precedence 4 Committed Access Rate: CIR 1000 (Kbps), PIR 0 (Kbps), CBS 10000 (byte), PBS 0 (byte) Conform Action: pass Yellow Action: pass Exceed Action: discard Redirecting: Classifier: database Behavior: database Redirecting:
2.4 Configuring Traffic Shaping

This section describes how to configure traffic shaping. 2.4.1 Establishing the Configuration Task 2.4.2 Configuring Traffic Shaping 2.4.3 Checking the Configuration

When the traffic is heavy on the network, the packets that exceed specifications will be dropped. To avoid network congestion or loss of packets at the downstream network caused by too much traffic sent from the upstream network, you can configure traffic shaping on the outbound interface of the upstream router. Traffic shaping refers to restricting the packets of a specific connection flowing out of a network so that the packets are sent out at an even rate. TS is usually carried out with cache buffer and token buckets. When the rate for sending packets is too high, packets are first placed in buffer queue, and then are forwarded steadily. The forwarding of packets is controlled by the token bucket, based on the priority of the queue. This can avoid retransmission of the packet.
Before configuring TS, you need to complete the tasks as follows:
l l
Configure the physical parameters of related interfaces Configure the link layer attributes of related interfaces to ensure normal operation of the interface Configure IP addresses for related interfaces Enable routing protocols so that routes are reachable
l l
Data Preparation
To configure TS, you need the following data. No. 1 2 Data Interface to be configured with TS TS rate
2.4.2 Configuring Traffic Shaping

Context
At present, the NE80E/40E supports TS only on the outbound interface.
NOTE
The NE80E/40E distributes resources to services of specific classes such as EF and AF through the predefined queue scheduling mechanism. Users need not configure queue management.
Procedure
Step 1 Run:
system-view
Issue 03 (2008-09-22)
2-17

The specified interface view is displayed. Step 3 Run:

port shaping shaping-value
TS is configured on the interface. You can perform TS for the outgoing traffic on the interface. ----End

Run the following display commands to check the previous configuration. Action Check information about traffic of an interface. Command display interface [ interface-type [ interface-number ] ] [ | { begin | exclude | include } regular-expression ]
2.5 Maintaining Statistics

The section describes how to maintain statistics. 2.5.1 Clearing Statistics
2.5.1 Clearing Statistics
CAUTION
CAR statistic information cannot be restored after you clear it. So, confirm the action before you use the command. To clear the CAR statistic information, run the following reset commands in the user view. Action Clear the CAR statistics of a Layer 3 interface in a direction. Clear the CAR statistics of a Layer 2 port in a direction. Command reset car statistics interface interface-type interfacenumber [ .sub-interface ] { inbound | outbound } reset car statistics interface interface-type interfacenumber vlan vlan-id { inbound | outbound }
2-18
Issue 03 (2008-09-22)
2.6 Configuration Examples

This section provides an example for configuring traffic policing and traffic shaping. 2.6.1 Example for Configuring Traffic Policing and Traffic Shaping
2.6.1 Example for Configuring Traffic Policing and Traffic Shaping

Networking Requirements
As shown in Figure 2-4, the POS3/0/0 of Router A is connected with the POS1/0/0 of Router B. Server, PC1 and PC2 can access the Internet through Router A and Router B. Server, PC1 and the GE1/0/0 of Router A are on the same network segment. PC2 and the GE2/0/0 of Router A are on the same network segment. The process to control traffic from Server and PC1 received by the GE1/0/0 of Router A is as follows:
l
A bandwidth of up to 6 Mbit/s is assured for traffic from Server. The default value is 5 Mbit/s and the maximum value is not more than 6 Mbit/s. For traffic whose rate is beyond 5 Mbit/s but is within the assured rate of 6 Mbit/s, packets are forwarded properly. When the traffic rate exceeds 6 Mbit/s, the packets are sent in the BE fashion. The rate-limit on traffic from PC1 is 2 Mbit/s. Traffic below this rate-limit can be transmitted properly. When the traffic exceeds this rate-limit, packets are dropped.
In addition, the POS3/0/0 and POS2/0/0 of Router A and Router B should meet the following requirements for sending and receiving packets:
l
The rate-limit on the traffic that travels from the POS 3/0/0 of Router A to Router B is 20 Mbit/s. When the traffic exceeds this rate-limit, packets are dropped. The rate-limit on traffic going to the Internet through the POS2/0/0 of Router B is 30 Mbit/ s. When the traffic exceeds this rate-limit, packets are dropped.
Networking Diagram
Figure 2-4 Networking diagram of TS
Issue 03 (2008-09-22)
2-19
Configuration Roadmap
The configuration roadmap is as follows: 1. 2. 3. On the inbound interface GE 1/0/0 of Router A, perform traffic policing based on complex traffic classification on traffic from Server and PC1. On the outbound interface POS 3/0/0 of Router A, configure traffic shaping and restrict the rate of the traffic that goes into Router B to 20 Mbit/s. On the outbound interface POS 2/0/0 of Router B, configure traffic shaping and restrict the rate of the traffic that goes into the Internet to 30 Mbit/s.
Data Preparation
To complete the configuration, you need the following data:
l
The ACL number, traffic classifier name, traffic behavior name, traffic policy name, and the interface where the traffic policy is applied, of Server and PC1 CIR, PIR, CBS, and MBS Traffic rate for traffic shaping and the interface where traffic shaping is configured
l l
Configuration Procedure
1. 2. Configure IP addresses for interfaces (The detailed configuration is not mentioned here). Configure Router A. # Configure an ACL for matching data flows from Server and PC1.
<RouterA> system-view [RouterA] acl number 2001 [RouterA-acl-basic-2001] rule permit source 1.1.1.1 0.0.0.0 [RouterA-acl-basic-2001] quit [RouterA] acl number 2002 [RouterA-acl-basic-2002] rule permit source 1.1.1.2 0.0.0.0 [RouterA-acl-basic-2002] quit
# Configure traffic classes and define ACL-based class matching rules.

[RouterA] traffic classifier class1 [RouterA-classifier-class1] if-match acl 2001 [RouterA-classifier-class1] quit [RouterA] traffic classifier class2 [RouterA-classifier-class2] if-match acl 2002 [RouterA-classifier-class2] quit
# Define a behavior so that the default rate-limit on traffic from Server is 5 Mbit/s. Set the upper limit to 6 Mbit/s: When the traffic rate is higher that 5 Mbit/s but below 6 Mbit/s, packets are forwarded properly; when the traffic rate exceeds 6 Mbit/s, packets are sent in the BE fasion.
[RouterA] traffic behavior behavior1 [RouterA-behavior-behavior1] car cir 5000 pir 6000 green pass yellow pass red pass service-class be color green [RouterA-behavior-behavior1] quit
# Define a behavior so that the rate-limit is 2 Mbit/s. When the traffic rate exceeds 2 Mbit/ s, packets are dropped.
[RouterA] traffic behavior behavior2 [RouterA-behavior-behavior2] car cir 2000 green pass yellow discard red discard [RouterA-behavior-behavior2] quit
# Define a policy to associate classes with behaviors.

[RouterA] traffic policy policy1
2-20
Issue 03 (2008-09-22)
[RouterA-trafficpolicy-policy1] classifier class1 behavior behavior1 [RouterA-trafficpolicy-policy1] classifier class2 behavior behavior2 [RouterA-trafficpolicy-policy1] quit
# Apply the policy to GE1/0/0.

[RouterA] interface gigabitethernet 1/0/0 [RouterA-GigabitEthernet1/0/0] undo shutdown [RouterA-GigabitEthernet1/0/0] traffic-policy policy1 inbound
# Configure TS on POS3/0/0 of Router A to shape the EF traffic on the interface (EF traffic beyond than 20 Mbit/s is dropped) to lower the packet loss ratio on POS1/0/0 of Router B.
[RouterA] interface pos 3/0/0 [RouterA-Pos3/0/0] undo shutdown [RouterA-Pos3/0/0] port shaping 20
3.
Configure Router B. # Shape the traffic on POS2/0/0.

<RouterB> system-view [RouterB] interface pos2/0/0 [RouterB-Pos2/0/0] undo shutdown [RouterB-Pos2/0/0] port shaping 30 [RouterB-Pos2/0/0] return
Configuration Files
l
Configuration file of Router A

# sysname RouterA # acl number 2001 rule permit source 1.1.1.1 0.0.0.0 acl number 2002 rule permit source 1.1.1.2 0.0.0.0 # traffic classifier class1 if-match acl 2001 traffic classifier class2 if-match acl 2002 # traffic behavior behavior1 car cir 5000 pir 6000 green pass yellow pass red pass service-class be color green traffic behavior behavior2 car cir 2000 green pass yellow discard red discard # traffic policy policy1 classifier class1 behavior behavior1 classifier class2 behavior behavior2 # interface GigabitEthernet1/0/0 undo shutdown ip address 1.1.1.3 255.255.255.0 traffic-policy policy1 inbound # interface Pos3/0/0 undo shutdown ip address 2.1.1.2 255.255.255.0 port shaping 20 # ospf 1 area 0.0.0.0 network 1.1.1.0 0.255.255.255 network 2.1.1.0 0.0.0.255 # return
Configuration file of Router B

Issue 03 (2008-09-22)

# sysname RouterB # interface Pos 2/0/0 undo shutdown ip address 2.2.2.1 255.255.255.0 port shaping 30 # ospf 1 area 0.0.0.0 network 2.2.2.0 0.0.0.255 network 2.1.1.0 0.0.0.255 # return
2-22
Issue 03 (2008-09-22)
3 Congestion Avoidance Configuration
Congestion Avoidance Configuration
About This Chapter

This chapter introduces the WRED concept and the configuration steps. 3.1 Introduction This section describes the traffic policies for congestion avoidance. 3.2 Configuring WRED This section describes the procedure of configuring WRED. 3.3 Configuration Examples This section provides an example on configuring WRED.
Issue 03 (2008-09-22)
3-1
3.1 Introduction
This section describes the traffic policies for congestion avoidance. 3.1.1 Introduction to Congestion Avoidance 3.1.2 Congestion Avoidance Supported by NE80E/40E
3.1.1 Introduction to Congestion Avoidance

Congestion avoidance is a traffic control mechanism used to avoid network overload by adjusting network traffic. With this mechanism, the router can monitor the usage of network resources and discard packets when the network congestion gets heavier. Compared with the end-to-end traffic control, congestion avoidance involves the traffic load of more service flows in the router. When dropping packets, however, the router can cooperate with traffic control actions on the source end, such as TCP traffic control, to adjust the load of the network to a reasonable state.
Traditional Packet-Dropping Policy

In the traditional tail-drop policy, all the newly received packets are dropped when a queue reaches its maximum length. This policy may lead to global TCP synchronization. When queues drop the packets of several TCP connections at the same time, the TCP connections start to adjust their traffic simultaneously. There is a possibility that all the TCP connection sources begin the slow start process to perform congestion avoidance. Then, all the TCP connection sources start to build up traffic, causing the traffic to peak at a certain time. Therefore, traffic on the network fluctuates cyclically.
RED and WRED

To avoid global TCP synchronization, the following two algorithms are introduced:
l l
Random Early Detection (RED) Weighted Random Early Detection (WRED)
The RED algorithm sets the upper and lower limits for each queue and specifies the following rules:
l l l
When the length of a queue below the lower limit, no packet is dropped. When the length of a queue exceeds the upper limit, all the incoming packets are dropped. When the length of a queue is between the lower and upper limits, the incoming packets are dropped randomly. A random number is set for each received packet. It is compared with the drop probability of the current queue. The packet is dropped when the random number is larger than the drop probability. The longer the queue, the higher the discard probability.
Unlike RED, the random number in WRED is based on the IP precedence of IP packets. WRED keeps a lower drop probability for the packet that has a higher IP precedence.
RED and WRED employ the random packet drop policy to avoid global TCP synchronization. When the packets of a TCP connection are dropped and sent at a lower rate, the packets of other TCP connections are still being sent at a relatively higher rate. There are always some TCP connections whose packets are sent at a relatively higher rate, improving the utilization of network bandwidth. If packets are dropped by directly comparing the length of queues with the upper and lower limits (which set the absolute length of the queue threshold), the transmission of burst data stream is affected. The average queue length is hence used to set the relative value to compare the queue threshold and average queue length. The average length of a queue is the average length of the queues passing through a low pass filter. It reflects queue changes and is not affected by the burst change in queue length. This prevents adverse impact on the burst data stream. Using Weighted Fair Queuing (WFQ), you can set the minimum threshold, maximum threshold and packet discard probability for every queue to provide different drop features for different classes of packets. The relationship between WRED and queue mechanism is shown in Figure 3-1. Figure 3-1 Relationship between WRED and queue mechanism
3.1.2 Congestion Avoidance Supported by NE80E/40E

The NE80E/40E supports WRED for congestion avoidance on outbound interface.
3.2 Configuring WRED

This section describes the procedure of configuring WRED. 3.2.1 Establishing the Configuration Task 3.2.2 Configuring WRED Parameters 3.2.3 Applying WRED 3.2.4 Checking the Configuration

Due to limited memory resources, packets that exceed specifications are traditionally discarded in the case of network congestion. When a large number of TCP packets are discarded, TCP connections will time out. As a result, slow start of TCP connections and congestion avoidance are triggered so as to reduce the forwarding of TCP packets. When the packets of many TCP connections are discarded at the same time, slow start and congestion avoidance of the TCP connections occur simultaneously. This is called global TCP synchronization and it lowers the utilization of link bandwidth. To avoid global TCP synchronization, you can set the queue to discard packets randomly using the WRED mechanism. Random packet discarding of WRED can prevent multiple TCP connections from reducing their transmit rates. As a result, global TCP synchronization is avoided. In addition, the bandwidth can be efficiently utilized.
NOTE
The random packet discarding is usually used together with WFQ queue.
Before configuring WRED, you need to complete the following pre-configuration tasks:
l l l l
Configure physical parameters for related interfaces Configure link layer attributes for related interfaces Configure IP addresses for related interfaces Enable routing protocols to achieve reachable routes
Data Preparation
To configure WRED, you need the following data. No 1 2 Data WRED object name, lower limit and upper limit percentage, discarding probability, and color of packets in each queue The interface where the WRED is applied and parameters for the class queue
3.2.2 Configuring WRED Parameters

Context
With a WRED template, you can set the parameters for packets of three colors. Generally, the green packets have the smallest discarding probability and the highest thresholds; the yellow packets have the medium discarding probability and thresholds; the red packets have the highest discarding probability and the lowest thresholds.
By configuring a WRED object, you can set the upper limit, lower limit, and discarding probability for queues.
l l
When the length of a queue is below the lower percentage limit, no packet is dropped. When the length of a queue exceeds the upper percentage limit, all the incoming packets are dropped. When the length of a queue is between the lower and upper percentage limits, the incoming packets are dropped randomly. The longer the queue, the higher the discarding probability. You can configure limits and discarding probability for each color of packets. By default, the system can contain a maximum of eight class queue WRED objects. Among them, one is the default object (the lower percentage limit, the upper percentage limit and the discarding percentage are all 100) and seven objects can be created by users.
NOTE
l l
l l
If you do not configure a port-wred object, the system uses the default tail-drop policy. You can configure the smallest upper and lower percentage limits for the queue containing red packets, medium upper and lower percentage limits for the queue containing yellow packets, and the highest upper and lower percentage limits for the queue containing green packets. In actual configuration, it is recommended that the lower percentage threshold for WRED starts from 50%; the thresholds for packets of different colors are then adjusted accordingly. It is recommended that the discarding probability is set to 100%.
Procedure
Step 1 Run:
system-view

port-wred port-wred-name
A WRED object of a class queue is created and the WRED view is displayed. Step 3 Run:
color { green | yellow | red } low-limit low-limit-percentage high-limit high-limitpercentage discard-percentage discard-percentage
The lower percentage limit, upper percentage limit and discarding probability are set for different colors of packets. ----End
3.2.3 Applying WRED

Context
Currently, the WRED template can only be applied in the outbound direction of an interface. Do as follows on the router where a WRED object is configured:
Procedure
Step 1 Run:
system-view


port-queue cos-value { { pq | wfq weight weight-value | lpq} | shaping { shapingvalue | shaping-percentage shaping-percentage-value } | port-wred wred-name } * outbound
The scheduling policy is set for the class queue with the specified CoS and the WRED object is applied in the scheduling policy. ----End

Run the following display command to check the previous configuration. Action Check the traffic statistics on an interface. Check the parameters for a WRED object of a class queue. Check the detailed configuration of a class queue. Check the statistics on a class queue. Command display interface [ interface-type [ interface-number ] ] [ | { begin | exclude | include } regular-expression ] display port-wred configuration [ verbose [ portwred-name ] ] display port-queue configuration interface interfacetype interface-number outbound display port-queue statistics interface interface-type interface-number [ cos-value ] outbound
Running the display port-queue statistics interface interface-type interface-number [ cosvalue ] outbound command, you can view the statistics on a class queue. For example:
<Quidway> display port-queue statistics interface gigabitethernet 2/0/1 af1 outbound [af1] Total pass: 27,697,521 packets, 2,006,796,750 bytes Total discard: 0 packets, 0 bytes --Drop tail discard: 0 packets, 0 bytes --Wred discard: 0 packets, 0 bytes Last 30 seconds pass rate: 0 pps, 0 bps
3-6
Issue 03 (2008-09-22)

Last 30 seconds discard rate: 0 pps, --Drop tail discard rate: 0 pps, --Wred discard rate: 0 pps,
0 bps 0 bps 0 bps
If the configuration succeeds, the following results can be obtained by running the preceding command:
l
In the system view, you can see that the upper threshold, lower threshold, and discard probability of the WRED templates for all colors of packets are configured correctly. The WRED template is applied to packets with the specified class of service (CoS).

This section provides an example on configuring WRED. 3.3.1 Example for Configuring Congestion Avoidance
3.3.1 Example for Configuring Congestion Avoidance

As shown in Figure 3-2, devices Server, Telephone, PC1 and PC2 all send data to the network through Router A. The data sent from Server is of critical traffic class; the data sent from Telephone is of voice services; the data from PC1 and PC2 is of normal services. Because the rate of the inbound interface GE 1/0/0 on Router A is greater than that of the outbound interface POS 2/0/0, congestion may occur on POS 2/0/0. When network congestion occurs, the data sent by Server and Telephone must be transmitted first. Users PC1 and PC2 allow a little delay to the transmission of their data but they also require bandwidth guarantee because they are VIP users. Therefore, Router A must discard packets based on the priority of the packets when the network congestion intensifies. Thus, WFQ and WRED must be both configured on Router A. Figure 3-2 Networking diagram for configuring congestion avoidance
Issue 03 (2008-09-22)
3-7
The configuration roadmap is as follows: 1. 2. 3. On GE 1/0/0 of Router A, mark the priority of different flows. Configure a WRED object to set the lower and upper percentage limits for discarding packets as well as the discarding probability. On POS 2/0/0, set the scheduling policy for the class queue and apply the WRED object in the scheduling policy.
Data Preparation
l
ACL number, traffic classifier name, traffic behavior name, priority of the service to be remarked and the traffic policy name WRED object name, lower percentage limit and upper percentage limit, discarding probability and packet color in each queue The interface where the packet discarding of WRED is applied and parameters for the class queue
1. Set ACL rules for packets that are sent from Server, Telephone, PC1 and PC2.
<RouterA> system-view [RouterA] acl number 2001 [RouterA-acl-basic-2001] rule permit [RouterA-acl-basic-2001] quit [RouterA] acl number 2002 [RouterA-acl-basic-2002] rule permit [RouterA-acl-basic-2002] quit [RouterA] acl number 2003 [RouterA-acl-basic-2001] rule permit [RouterA-acl-basic-2001] quit [RouterA] acl number 2004 [RouterA-acl-basic-2002] rule permit [RouterA-acl-basic-2002] return source 10.1.1.3 0.0.0.0 source 10.1.1.2 0.0.0.0 source 10.1.1.4 0.0.0.0 source 10.1.1.5 0.0.0.0
2.
On GE 1/0/0 of Router A, configure the complex traffic classification to mark the priority of services.
<RouterA> system-view [RouterA] traffic classifier aa [RouterA-classifier-aa] if-match acl 2001 [RouterA-classifier-aa] quit [RouterA] traffic classifier bb [RouterA-classifier-bb] if-match acl 2002 [RouterA-classifier-bb] quit [RouterA] traffic classifier cc [RouterA-classifier-cc] if-match acl 2003 [RouterA-classifier-cc] quit [RouterA] traffic classifier dd [RouterA-classifier-dd] if-match acl 2004 [RouterA-classifier-dd] quit [RouterA] traffic behavior aa [RouterA-behavior-aa] remark ip-precedence 5 [RouterA-behavior-aa] quit [RouterA] traffic behavior bb [RouterA-behavior-bb] remark ip-precedence 4 [RouterA-behavior-bb] quit [RouterA] traffic behavior cc [RouterA-behavior-cc] remark ip-precedence 3
3-8
Issue 03 (2008-09-22)
[RouterA-behavior-cc] quit [RouterA] traffic behavior dd [RouterA-behavior-dd] remark ip-precedence 2 [RouterA-behavior-dd] quit [RouterA] traffic policy ee [RouterA-trafficpolicy-ee] classifier aa behavior aa [RouterA-trafficpolicy-ee] classifier bb behavior bb [RouterA-trafficpolicy-ee] classifier cc behavior cc [RouterA-trafficpolicy-ee] classifier dd behavior dd [RouterA-trafficpolicy-ee] quit [RouterA] interface gigabiethernet1/0/0 [RouterA-gigabitEthernet1/0/0] undo shutdown [RouterA-gigabitEthernet1/0/0] traffic-policy ee inbound [RouterA-gigabitEthernet1/0/0] return
3.
Configure a WRED object on Router A.

<RouterA> system-view [RouterA] port-wred pw [RouterA-port-wred-pw] percentage 100 [RouterA-port-wred-pw] percentage 100 [RouterA-port-wred-pw] 100 [RouterA-port-wred-pw] color green low-limit 70 high-limit 100 discardcolor yellow low-limit 60 high-limit 90 discardcolor red low-limit 50 high-limit 80 discard-percentage return
After the preceding configuration, run the display port-wred configuration verbose command to check the parameters set for the WRED object:
<RouterA> display port-wred configuration verbose pw port-wred-name : pw color low-limit high-limit discard-percent green 70 100 100 yellow 60 90 100 red 50 80 100 [reference relationship] NULL
4.
On POS 2/0/0 of Router A, configure class queues and apply the WRED object pw.
<RouterA> system-view [RouterA] interface pos2/0/0 [RouterA-POS2/0/0] undo shutdown [RouterA-POS2/0/0] port-queue ef pq port-wred pw outbound [RouterA-POS2/0/0] port-queue af4 wfq weight 15 shaping 100 port-wred pw outbound [RouterA-POS2/0/0] port-queue af3 wfq weight 10 shaping 50 port-wred pw outbound [RouterA-POS2/0/0] port-queue af2 wfq weight 10 shaping 50 port-wred pw outbound [RouterA-POS2/0/0] return
After the preceding configuration, run the display port-queue configuration interface command to view the configuration of class queues:
<Quidway> display port-queue configuration interface pos 2/0/0 outbound POS2/0/0 be current configuration: Arithmetic: wfq weight: 10 tm weight: 3 fact weight: 10.00 shaping(mbps): NA port-wred name: NA af1 current configuration: Arithmetic: wfq weight: 10 tm weight: 3 fact weight: 10.00 shaping(mbps): NA port-wred name: NA af2 current configuration:
Issue 03 (2008-09-22)
3-9

Arithmetic: wfq weight: 10 tm weight: 3 fact weight: 10.00 shaping(mbps): 50 port-wred name: pw af3 current configuration: Arithmetic: wfq weight: 10 tm weight: 3 fact weight: 10.00 shaping(mbps): 50 port-wred name: pw af4 current configuration: Arithmetic: wfq weight: 15 tm weight: 2 fact weight: 15.00 shaping(mbps): 100 port-wred name: pw ef current configuration: Arithmetic: pq weight: NA tm weight: NA fact weight: NA shaping(mbps): NA port-wred name: pw cs6 current configuration: Arithmetic: pq weight: NA tm weight: NA fact weight: NA shaping(mbps): NA port-wred name: NA cs7 current configuration: Arithmetic: pq weight: NA tm weight: NA fact weight: NA shaping(mbps): NA port-wred name: NA
5.
Check the configuration. When traffic transits the network, run the display port-queue statistics command on the outbound interface POS 2/0/0 of Router A. The output shows that the traffic volume of services EF, AF4, AF3, AF2, and BE increases rapidly. When the traffic volume increases rapidly in the network, the output shows that the discarded traffic of services EF, AF4, AF3, AF2, and BE is also increasing. The traffic of AF4, AF3,and AF2 is forwarded using the configured bandwidth.
<Quidway> display port-queue statistics interface pos 2/0/0 outbound Pos 2/0/0 outbound traffic statistics: [be] Total pass: 633,876,898 packets, 48,076,301,860 bytes Total discard: 0 packets, 0 bytes --Drop tail discard: 0 packets, 0 bytes --Wred discard: 0 packets, 0 bytes Last 30 seconds pass rate: 0 pps, 0 bps Last 30 seconds discard rate: 0 pps, 0 bps --Drop tail discard rate: 0 pps, 0 bps --Wred discard rate:
3-10
Issue 03 (2008-09-22)

0 pps, [af1] Total pass: 0 packets, Total discard: 0 packets, --Drop tail discard: 0 packets, --Wred discard: 0 packets, Last 30 seconds pass rate: 0 pps, Last 30 seconds discard rate: 0 pps, --Drop tail discard rate: 0 pps, --Wred discard rate: 0 pps, [af2] Total pass: 58 packets, Total discard: 24,478,662 packets, --Drop tail discard: 0 packets, --Wred discard: 0 packets, Last 30 seconds pass rate: 0 pps, Last 30 seconds discard rate: 0 pps, --Drop tail discard rate: 0 pps, --Wred discard rate: 0 pps, [af3] Total pass: 0 packets, Total discard: 0 packets, --Drop tail discard: 0 packets, --Wred discard: 0 packets, Last 30 seconds pass rate: 0 pps, Last 30 seconds discard rate: 0 pps, --Drop tail discard rate: 0 pps, --Wred discard rate: 0 pps, [af4] Total pass: 0 packets, Total discard: 0 packets, --Drop tail discard: 0 packets, --Wred discard: 0 packets, Last 30 seconds pass rate: 0 pps, Last 30 seconds discard rate: 0 pps, --Drop tail discard rate: 0 pps, --Wred discard rate: 0 pps,

0 bps 0 bytes 0 bytes 0 bytes 0 bytes 0 bps 0 bps 0 bps 0 bps 5,684 bytes 1,860,378,312 bytes 0 bytes 0 bytes 0 bps 0 bps 0 bps 0 bps 0 bytes 0 bytes 0 bytes 0 bytes 0 bps 0 bps 0 bps 0 bps 0 bytes 0 bytes 0 bytes 0 bytes 0 bps 0 bps 0 bps 0 bps
Issue 03 (2008-09-22)
3-11

[ef] Total pass: 19,126,381 packets, Total discard: 24,353,802 packets, --Drop tail discard: 0 packets, --Wred discard: 0 Last 30 seconds pass rate: 196,829 Last 30 seconds discard rate: 0 --Drop tail discard rate: 0 --Wred discard rate: 0 [cs6] Total pass: 3,789 Total discard: 0 --Drop tail discard: 0 --Wred discard: 0 Last 30 seconds pass rate: 0 Last 30 seconds discard rate: 0 --Drop tail discard rate: 0 --Wred discard rate: 0 [cs7] Total pass: 0 Total discard: 0 --Drop tail discard: 0 --Wred discard: 0 Last 30 seconds pass rate: 0 Last 30 seconds discard rate: 0 --Drop tail discard rate: 0 --Wred discard rate: 0 packets, pps, pps, pps, pps, packets, packets, packets, packets, pps, pps, pps, pps, packets, packets, packets, packets, pps, pps, pps, pps,
1,874,388,964 bytes 406,888,952 bytes 0 bytes 0 bytes 19,286,890 bps 0 bps 0 bps 0 bps 330,302 bytes 0 bytes 0 bytes 0 bytes 0 bps 0 bps 0 bps 0 bps 0 bytes 0 bytes 0 bytes 0 bytes 0 bps 0 bps 0 bps 0 bps
Configuration Files
Configuration file on Router A
# sysname RouterA # acl number 2001 rule permit source 10.1.1.3 0 # acl number 2002 rule permit source 10.1.1.2 0 # acl number 2003 rule permit source 10.1.1.4 0 # acl number 2004
3-12
Issue 03 (2008-09-22)
rule permit source 10.1.1.5 0 # traffic classifier cc operator or if-match acl 2003 traffic classifier dd operator or if-match acl 2004 traffic classifier aa operator or if-match acl 2001 traffic classifier bb operator or if-match acl 2002 # traffic behavior cc remark ip-precedence 3 traffic behavior dd remark ip-precedence 2 traffic behavior aa remark ip-precedence 5 traffic behavior bb remark ip-precedence 4 # traffic policy ee classifier aa behavior aa classifier bb behavior bb classifier cc behavior cc classifier dd behavior dd # port-wred pw color green low-limit 40 high-limit 90 discard-percentage 10 color yellow low-limit 30 high-limit 70 discard-percentage 20 color red low-limit 20 high-limit 60 discard-percentage 50 # interface gigabitEthernet1/0/0 undo shutdown ip address 10.1.1.1 0.0.0.255 traffic-policy ee inbound # interface POS2/0/0 undo shutdown ip address 100.1.1.1 0.0.0.255 port-queue ef pq port-wred pw outbound port-queue af4 wfq weight 15 shaping 100 port-wred pw outbound port-queue af3 wfq weight 10 shaping 50 port-wred pw outbound port-queue af2 wfq weight 10 shaping 50 port-wred pw outbound # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 100.1.1.0 0.0.0.255 # return
Issue 03 (2008-09-22)
3-13
4 Class-based QoS Configuration
4
About This Chapter
Class-based QoS Configuration
This chapter describes the configuration of traffic policy based on complex traffic classification and simple traffic classification. 4.1 Overview This section describes the Differentiated Service (DiffServ) traffic management policy supported by the NE80E/40E. 4.2 Configuring a Traffic Policy Based on the Complex Traffic Classification This section describes the procedure of configuring a traffic policy based on the complex traffic classification. 4.3 Configuring Precedence Mapping Based on the Simple Traffic Classification This section describes the procedure of configuring precedence mapping based on the simple traffic classification. 4.4 Maintaining Class-based QoS Configuration This section describes how to clear statistics about a traffic policy. 4.5 Configuration Examples This section provides some examples for configuring class-based QoS.
Issue 03 (2008-09-22)
4-1
4.1 Overview
This section describes the Differentiated Service (DiffServ) traffic management policy supported by the NE80E/40E. 4.1.1 Introduction to Class-based QoS 4.1.2 Class-based QoS Supported by the NE80E/40E
4.1.1 Introduction to Class-based QoS

The NE80E/40E supports DiffServ and provides standard forwarding services such as EF and AF for users by using the following traffic management measures:
l l l l
Traffic classification Traffic policing Traffic shaping Congestion avoidance
QoS of the NE80E/40E supports traffic policy with the above measures and mapping between the QoS fields in the IP header and the MPLS header. The traffic policies in the NE80E/40E are as follows:
l
Traffic policy based on complex traffic classification The NE80E/40E carries out traffic policing, re-marking, filtering, policy-based routing and traffic sampling based on the class of the packet. Such a policy is usually applied to the border router of a DiffServ domain.
Traffic policy based on simple traffic classification The NE80E/40E re-sets the CoS, color and drop precedence of packets based on the mark fields in the packet. Such a traffic policy is usually configured on a router near the core of a network.
Internal traffic policy in the router The NE80E/40E uses the internal traffic policy to control the traffic sent from the LPU to the SRU so that the SRU remains in a stable state.
NOTE
DiffServ is mainly used to guarantee the bandwidth for BA data flows. The NE80E/40E uses the predefined queuing mechanism to assign resources for EF, AF and other services. Users do not need to configure queue management. The precedence of complex traffic classification is higher than that of simple traffic classification.
Traffic Classification
Traffic classification is used to identify packets that have the same characters according to specific rules. It is the basis for providing differentiated services. Traffic classification consists of complex traffic classification and simple traffic classification:
l
Simple traffic classification The simple traffic classification refers to classifying packets according to the IP precedence or DSCP of the IP packet, the EXP of the MPLS packet, or the 802.1p field of the VLAN
4-2
Issue 03 (2008-09-22)
packet. It is used to simply identify the traffic that has the specific precedence or class of service.
l
Complex traffic classification The complex traffic classification refers to classifying packets according to more complex rules, for example, the combination of the link layer, the network layer, and the transport layer information.
Traffic Behavior
Traffic classification is meaningful only after it is associated with traffic control actions. The NE80E/40E supports the following traffic actions and the combination of these traffic actions:
l
Deny/Permit It is the simplest traffic control action. It enables the NE80E/40E to control traffic by discarding packets or allowing packets to pass through.
Mark This traffic control action is used to set the precedence field in the packet. The precedence field in a packet varies with the network type. For example, the packet carries the 802.1p field in the VLAN, the DSCP field in the DiffServ network, and the EXP filed in the MPLS network. Therefore, the router is required to mark the precedence of packets according to their network type. Usually, devices at the border of a network marks the precedence of incoming packets. Devices in the core of the network provides corresponding QoS services according to the precedence marked by the border device, or re-mark the precedence according to its own standard.
Redirection It indicates that the router does not forward a packet according to the destination address in the packet but forwards it to another next hop or Label Distribution Path (LSP). This is policy-based routing.
Traffic policing It is a traffic control action used to limit the traffic and the resource used by the traffic by monitoring the specifications of the traffic. With traffic policing, the router can discard, remark the color or precedence of, or perform other QoS measures over packets that exceed the specifications.
Security It refers to performing such measures as Unicast Reverse Path Forwarding (URPF), port mirroring, or traffic statistics over packets. Security actions are not QoS measures but can be used together with other QoS actions to improve the security of the network and packets.
Precedence Mapping
The precedence field in a packet varies with the network type. For example, the packet carries the 802.1p field in the VLAN, the DSCP field in the DiffServ network, and the EXP filed in the MPLS network. When a packet passes through different networks, the mapping between the precedence used in the networks must be set on the gateway that connects the networks to keep the precedence of the packet.
When the NE80E/40E serves as the gateway of different networks, the precedence fields in the packets that go into the NE80E/40E are all mapped as the internal precedence of the router. When the NE80E/40E sends out the packet, the internal precedence is mapped back to the external precedence.
4.1.2 Class-based QoS Supported by the NE80E/40E

The NE80E/40E supports class-based QoS to carry out:
l
Traffic policing based on complex traffic classification, re-marking, packet filtering, policy-based routing, load balancing, URPF, NetStream, and mirroring. Mapping of priorities of services between networks based on simple traffic classification.
4.2 Configuring a Traffic Policy Based on the Complex Traffic Classification

This section describes the procedure of configuring a traffic policy based on the complex traffic classification.
Context
NOTE
The NE80E/40E supports complex traffic classification on physical interfaces POS and GE and their sub-interfaces, QinQ interfaces, and QinQ sub-interfaces. The NE80E/40Ealso supports complex traffic classification on logical interfaces such as ring-if, IP trunk and Eth-trunk. For details of configuring a QinQ interface, refer to "QinQ Configuration" in the Quidway NetEngine80E/40E Router Configuration Guide LAN Access and MAN Access. Traffic policies cannot be directly applied to the VLANIF interface. The traffic policies can be applied to the scenario of the physical or layer 2 Eth-trunk interface plus VLAN ID range.
4.2.1 Establishing the Configuration Task 4.2.2 Defining a Traffic Classifier 4.2.3 Defining a Traffic Behavior and Configuring Traffic Actions 4.2.4 Defining a Policy and Specifying a Behavior for the Classifier 4.2.5 Applying a Traffic Policy 4.2.6 Applying the Statistic Function of a Traffic Policy 4.2.7 Checking the Configuration

To manage or limit the traffic that goes into or flows in a network according to the class of service, you need to configure QoS traffic policies based on the complex traffic classification. That is, you need to provide differentiated services according to parameters such as DSCP, protocol type, IP address, or port number in the packet. In this way, traffic from different users,
such as voice services, video services, and data services can be served differently in terms of bandwidth, delay, and precedence. It is usually applied to the edge of the network and must be associated with specific traffic control or resource allocation actions. It is used to provide differentiated services.
Before configuring a traffic policy based on traffic classification, you need to complete the following pre-configuration tasks:
l l
Configuring physical parameters for related interfaces Configuring link layer attributes for related interfaces to ensure normal operation of the interfaces Configuring IP addresses for related interfaces Enabling routing protocols to achieve reachable routes
l l
Data Preparation
The following data is necessary for configuring a traffic policy based on traffic classification: No. 1 2 3 4 Data Class name ACL number, DSCP value, 802.1p value, TCP flag value Behavior name Committed information rate (CIR), peak information rate (PIR), committed burst size (CBS), peak burst size (PBS), DSCP value, IP preference value, EXP value, 8021P value, next hop address or outbound interface Traffic policy name Interface type and number where the traffic policy is applied
5 6
4.2.2 Defining a Traffic Classifier

Procedure
l Defining a Traffic Classifier Based on Layer-3 or Layer-4 Information Do as follows on the router: 1. Run:
system-view

Issue 03 (2008-09-22)
4-5
A traffic classifier is defined and the view of the classifier is displayed. 3. Choose the required match rule according to your needs:
To set a matching rule to classify traffic based on the ACL number, run:
if-match [ ipv6 ] acl acl-number
To set a matching rule to classify traffic based on the DSCP value, run:
if-match [ ipv6 ] dscp dscp-value
To set a matching rule to classify traffic based on the TCP flag, run:
To set a matching rule to classify traffic based on the IP precedence, run:

To set a match rule to classify traffic based on the MPLS EXP value, run:
NOTE
NE80E/40E supports the complex traffic classification of upstream packets based on the MPLS EXP at the outermost layer. The classified packets support only the actions of Deny, Remark, mpls-exp, Mirror, and CAR.
To match all packets, run:

if-match [ ipv6 ] any
To set a matching rule to classify traffic based on the source IPv6 address, run:
if-match ipv6 source-address ipv6-address prefix-length
To set a matching rule to classify traffic based on the destination IPv6 address, run:
if-match ipv6 destination-address ipv6-address prefix-length
For IPv6 packets, you need to specify the parameter ipv6 in step 3. Source IP- and destination IP-based matching rules are applicable to only IPv6 packets. IPv4 packets are not supported. If you set more than one match rule for the same classifier, you can set their relations with the parameter operator in step 2:

Logic operator and: A packet belongs to the classifier only when it matches all the rules. Logic operator or: A packet belongs to the classifier if it matches any one of the rules. By default, the logical operator of the rules is or.
Defining a Traffic Classifier Based on Layer-2 Information Do as follows on the router: 1. Run:
system-view

A traffic classifier is defined and the view of the classifier is displayed. 3. Run the following command as required:
To set an 802.1p match rule to classify VLAN packets, run:

if-match 8021p 8021p-value
To set a match rule to classify traffic based on the source MAC address, run:
4-6

if-match source-mac mac-address
To set a match rule to classify traffic based on the source MAC address, run:
if-match destination-mac mac-address
If you set more than one match rule for the same classifier, you can set their relations with the parameter operator in step 2:

Logic operator and: A packet belongs to the classifier only when it matches all the rules. Logic operator or: A packet belongs to the classifier if it matches any one of the rules. By default, the logical operator of the rules is or.
If multiple traffic rules are configured in one traffic policy, the traffic behaviors corresponding to the traffic classes are implemented in different orders.
When many traffic rules match different IP packet fields, the traffic behavior corresponding to the traffic class that is bound first is implemented. For example, three matching rules with their mapping traffic behaviors are bound in policy1; classifier1 is configured first and classifier3 last, as shown in Table 4-1. If a packet matches all the three traffic rules, the packet performs the action of behavior1, that is, re-marking 802.1p as 1. Table 4-1 Traffic classifiers and behaviors defined in policy1 Traffic Class Name Classifier1 Classifier2 Classifier3 Traffic Rule Matching a destination MAC Matching a VLAN ID Matching a source MAC Traffic Behavior Name Behavior1 Behavior2 Behavior3 Traffic Action Re-marking 802.1p as 1 Re-marking 802.1p as 2 Re-marking 802.1p as 3
Multiple traffic rules can match the same IP packet field, but no packet can match all the traffic rules; as a result, the packet performs the traffic action corresponding to the traffic class that matches the traffic rule. For example, three traffic rules with their corresponding traffic behaviors are bound in policy2; classifier1 is configured first and classifier3 last, as shown in Table 4-2. Because the traffic rules match the same IP packet field, a packet can match only one traffic rule. As a result, the packet performs the traffic behavior corresponding to the traffic class that matches the traffic rule. Table 4-2 Traffic classifiers and behaviors defined in policy2 Traffic Classifier Name Classifier1 Traffic Behavior Name Behavior1
Traffic Rule Matching destination MAC 1-1-1
Traffic Action Remarking 802.1p as 1

4-7
Issue 03 (2008-09-22)
Traffic Classifier Name Classifier2 Classifier3
Traffic Rule Matching destination MAC 2-2-2 Matching destination MAC 3-3-3
Traffic Behavior Name Behavior2 Behavior3
Traffic Action Remarking 802.1p as 2 Remarking 802.1p as 3
If some traffic rules match the same packet field and others match different packet fields, they are different.

If traffic classes match the same IP packet field, no conflict occurs. If traffic classes match different IP packet field, the traffic behavior corresponding to the traffic class that is bound first in a traffic policy is performed.
For example, three traffic rules with their corresponding traffic behaviors are bound in policy3; classifier1 is configured first and classifier3 last, as shown in Table 4-3. In this policy, classifier1 and classifier3 match the same IP packet field, no conflict occurs. When a packet matches both classifier1 and classifier2, the packet performs the traffic behavior corresponding to classifier1. When a packet matches both classifier2 and classifier3, the traffic behavior corresponding to classifer2 is also performed. Table 4-3 Traffic classifiers and behaviors defined in policy3 Traffic Classifier Name Classifier1 Traffic Behavior Name Behavior1
Traffic Rule Matching destination MAC 1-1-1 Matching source MAC 2-2-2 Matching destination MAC 3-3-3
Traffic Action Remarking 802.1p as 1 Remarking 802.1p as 2 Remarking 802.1p as 3
Classifier2 Classifier3
Behavior2 Behavior3
----End
4.2.3 Defining a Traffic Behavior and Configuring Traffic Actions

Context
The NE80E/40E supports various types of traffic behaviors. You can choose one or more behaviors to meet your requirements.
4-8
Issue 03 (2008-09-22)
Procedure
l Setting Packet Filtering Actions Do as follows on the router: 1. Run:
system-view

A traffic behavior is defined and the traffic behavior view is displayed. 3. Run:
permit
Packets are allowed to pass. Or run:

deny
Packets are discarded.

NOTE
If you run both the if-match any and the deny commands to configure the complex traffic classification, the device discards all packets, including protocol packets, that flow through an interface. Therefore, be cautious about configuring traffic classifiers and traffic behaviors by using the preceding commands.
Setting Traffic Policing Actions Do as follows on the router: 1. Run:

system-view

A traffic behavior is set and the behavior view is displayed. 3. Run:

car { cir cir-value [ pir pir-value] } [ cbs cbs-value pbs pbs-value ] [ green { discard | pass [ service-class class color color ] } | yellow { discard | pass [ service-class class color color ] } | red { discard | pass [ service-class class color color ] } ]*
A traffic policing action is set in the traffic behavior. After you configure a traffic policing action for a traffic policy, the traffic policy can be applied to both an inbound and an outbound interface. After the traffic policy for traffic policing is applied to an interface, the statistics may be incorrect due to the previous configuration with the command qos car. If you run this command for the same traffic policy more than once, the latest configuration takes effect.
If packets are re-marked as the service levels of ef, be, cs6, and cs7, the packet can only be re-marked in green. l Defining a Traffic Behavior to Set the Precedence of Packets Do as follows on the router: 1. Run:
system-view

A traffic behavior is set and the behavior view is displayed. 3. Run the following command as required.
To re-configure the precedence of IP packets, run:

remark ip-precedence ip-precedence
To re-configure the DSCP value of IPv6 packets, run:

remark [ ipv6 ] dscp dscp-value
To re-configure the precedence of MPLS packets, run:

remark mpls-exp exp
NOTE
The remark mpls-exp exp command can be run only on the inbound interface of the router.
To re-configure the precedence of VLAN packets, run:

remark 8021p 8021p-value
NOTE
The 802.1p-based complex traffic classification does not support MPLS and DSCP remarking. The traffic policy that contains the action of re-marking the 802.1p priority can be applied to only the outbound Ethernet sub-interface.
To re-configure the DSCP value of IPv6 packets, run:

remark ipv6 dscp dscp-value
Defining a Traffic Behavior to Set the Class of Service in Packets Do as follows on the router: 1. Run:
system-view


service-class service-class color color
The class of service (CoS) in packets is set. Setting the COS is valid only in the upstream packets. It is used to specify the CoS and to discard precedence of packets so that matched packets can be placed in corresponding queues. In this way, the router need not look up the BA table according
to the precedence field in the packets to get the CoS. Further, the router need not change the precedence field in the packet to transmit the packet transparently. If the service level of packets is EF, BE, CS6, or CS7, the packets cannot be remarked in yellow or red. l Defining a Traffic Behavior to Redirect Packets
CAUTION
l
Logical interfaces such as VLANIF, ring-if and trunk interface, do not support direction of packets to multiple next hops and the outbound interface. Redirection to LSP on the public network can be set only on the ingress of the MPLS network. Redirection to LSP on the public network can be set only to the application with a single MPLS tag.
Do as follows on the router: 1. Run:

system-view

A traffic behavior is set and the behavior view is displayed. 3. Run the following command as required.
To forward packets directly instead of redirecting them, run (in the traffic behavior view):
permit
To discard packets directly instead of redirecting them, run (in the traffic behavior view):
deny
To re-configure a singe next hop to be re-directed, run:

redirect ip-nexthop ip-address [ interface interface-type interfacenumber ]
To re-configure multiple next hops to be re-directed, run:

redirect ipv4-multinhp nhp ip-address interface interface-type interface-number { nhp ip-address interface interface-type interfacenumber } &<1-3>
To redirect IP data flows to a destination LSP on the public network, run:

redirect lsp public dest-ipv4-address [ nexthop-address | interface interface-type interface-number | secondary ]
To redirect packets to a service instance, run:

redirect service-instance instance-name
To re-configure a singe next hop to be re-directed for IPv6 packets, run:

redirect ipv6-nexthop ipv6-address number interface interface-type interface-
Issue 03 (2008-09-22)
4-11
The action deny is mutually exclusive with other traffic actions. If traffic has been configured with the deny action, you must apply the permit action before executing other traffic actions. l Setting the Load Balancing Mode Do as follows on the router: 1. Run:
system-view


load-balance { flow | packet }
The load balancing mode is specified as flow after flow, or packet after packet. ----End
4.2.4 Defining a Policy and Specifying a Behavior for the Classifier

Context
Procedure
Step 1 Run:
system-view

A traffic policy is defined and the policy view is displayed. Step 3 Run:
classifier classifier-name behavior behavior-name
A traffic behavior is specified for a traffic classifier in the traffic policy. ----End
4.2.5 Applying a Traffic Policy

Procedure
l
4-12
Applying a Traffic Policy to Layer 3 Interfaces


NOTE
The NE80E/40E supports traffic policies on physical interfaces such as POS and GE or their subinterfaces. The NE80E/40E also supports traffic policies on logical interfaces such as Ringif, IPTrunk, and Eth-Trunk interface. Traffic policies cannot be directly implemented on the VLANIF interface. They can be applied on the basis of the physical or layer-2 Eth-Trunk interface plus VLAN ID.

system-view


traffic-policy policy-name { inbound | outbound } [ link-layer layer ] | all-
The specified traffic policy is applied to the interface. If you specify link-layer, the NE80E/40E classifies traffic based on the layer-2 information of the packet. Specify the parameter all-layer indicates the following rule-matching method after an associated traffic policy is applied to an interface. The system first performs rulematching according to Layer 2 information and implements a corresponding traffic action. If Layer 2 information of a packet does not match the traffic rule, the system performs rule-matching according to Layer 3 information and implements a corresponding traffic action. By default, the NE80E/40E classifies traffic based on Layer 3 or Layer 4 information. l Applying the Traffic Policy to Layer 2 Interfaces Do as follows on the router: 1. Run:
system-view


portswitch
The interface becomes a layer 2 interface. 4. Run:

traffic-policy policy-name { inbound | outbound } [ vlan vlan-id1 [ to vlan-id2 ] ] [ link-layer | all-layer ]
The specified traffic policy is applied to the layer 2 interface.


NOTE
If you apply a traffic policy without specifying a VLAN, the traffic policy is applied to the VLAN switch services that flow through the interface or the service traffic that is added to a PBB-TE tunnel in interface mode. To apply a traffic policy to VLAN switch services on a Layer 2 interface or the service traffic that is added to PBB-TE tunnel in interface mode, you do not need to specify a VLAN ID. You must, however, specify a VLAN ID if you apply a traffic policy to the VLAN traffic that goes through a Layer 2 interface.
----End
4.2.6 Applying the Statistic Function of a Traffic Policy

Context
Do as follows on the router where a traffic policy is applied:
Procedure
Step 1 Run:
system-view

The defined policy view is displayed. Step 3 Run:

statistics enable
The statistic function of a traffic policy is enabled. Step 4 Run:

share-mode
The shared mode is specified for the traffic policy.

NOTE
Step 3 is optional. To save the memory, the system does not enable the statistic function of a traffic policy by default. To display the statistics of a traffic policy, you can enable the statistic function of a traffic policy. Step 4 is optional. The default mode depends on the paf file.
l
After a traffic policy is applied to an interface, you cannot modify the shared or unshared mode of a traffic policy. Before modifying the shared or unshared mode of a traffic policy, you must cancel the application of the traffic policy from the interface. A traffic policy with the shared attribute: Although traffic policies are applied on different interfaces, statistics to be displayed are the final data (which is after calculation). Therefore, the original data on each interface is not identified. A traffic policy with the unshared attribute: You can identify the statistics of a traffic policy according to the interface where the traffic policy is applied. Traffic is differentiated as incoming and outgoing no matter whether the shared mode is enabled or not.
l l
----End

Use the following display commands to check the previous configuration. Action Check information about the traffic on an interface. Check the traffic behavior. Check the traffic classifier. Check the class and the behavior in the traffic policy. Check information about traffic policies configured on a specified interface or all interfaces. Check the statistics about the traffic policy on an interface. Command display interface [ interface-type [ interface-number ] ] [ | { begin | exclude | include } regular-expression ] display traffic behavior { system-defined | userdefined } [ behavior-name ] display traffic classifier { system-defined | userdefined } [ classifier-name ] display traffic policy { system-defined | user-defined } [ policy-name [ classifier classifier-name ] ] display traffic policy interface brief [ interface-type [ interface-number ] ]
display traffic policy statistics interface interface-type interface-number [ .sub-interface ] [ vlan vlan-id ] { inbound | outbound } [ verbose { classifier-based | rulebased} [ class class-name ] ]
If the configuration succeeds:

l
You can view the name of the configured traffic behavior and actions when you run the display traffic behavior command. You can view the name of the configured traffic classifier and its matching rules, as well as the logic operator of the rules when you run the display traffic classifier command. You can view the name of the configured traffic policy and the associated behavior and classifier. You can view the statistics on traffic policies configured on interfaces when you run the display traffic policy interface brief command. For example:
<Quidway> display traffic policy interface brief Interface InboundPolicy Ethernet2/1/0 tp3 Ethernet2/1/1 Ethernet2/1/1.1 GigabitEthernet3/2/0 tp1 Vlan 1 to 100 Vlan 200 to 300 tp3 Pos4/2/0 OutboundPolicy tp4 tp6 tp2 tp4 tp2
Running the display traffic policy statistics command, you can view the statistics on the traffic policy on an interface. For example:
<Quidway> display traffic policy statistics interface gigabitethernet 1/0/0 inbound Interface: GigabitEthernet1/0/0 Traffic policy inbound: test Traffic policy applied at 2007-08-30 18:30:20
Issue 03 (2008-09-22)
4-15
Statistics enabled at 2007-08-30 18:30:20 Statistics last cleared: Never Rule number: 7 IPv4, 1 IPv6 Current status: OK! Item Packets Bytes ------------------------------------------------------------------Matched 1,000 100,000 +--Passed 500 50,000 +--Dropped 500 50,000 +--Filter 100 10,000 +--URPF 100 10,000 +--CAR 300 30,000 Missed 500 50,000 Last 30 seconds rate Item pps bps ------------------------------------------------------------------Matched 1,000 100,000 +--Passed 500 50,000 +--Dropped 500 50,000 +--Filter 100 10,000 +--URPF 100 10,000 +--CAR 300 30,000 Missed 500 50,000
4.3 Configuring Precedence Mapping Based on the Simple Traffic Classification

This section describes the procedure of configuring precedence mapping based on the simple traffic classification.
NOTE
Apart from the POS and GE interfaces and sub-interfaces, QinQ interface, QinQ sub-interface, the NE80E/ 40E also supports simple traffic classification on many logical interfaces such as Ring-if, IP-Trunk, and Eth-Trunk. For details about the QinQ interface and its configuration, refer to "QinQ Configuration" in the Quidway NetEngine80E/40E Router Configuration Guide LAN Access and MAN Access. Using the qos default-service-class command, you can configure the upstream traffic on the interface to enter the specific queues. By default, the traffic enters the queues with the service class as BE. After this command is run, other packets cannot be enabled to enter the queues, and simple traffic classification cannot be enabled.
4.3.1 Establishing the Configuration Task 4.3.2 Defining the DiffServ Domain and Configuring a Traffic Policy 4.3.3 Applying Traffic Policy Based on Simple Traffic Classification to an Interface 4.3.4 Checking the Configuration

Applicable Environments
Traffic policy based on simple traffic classification is used to map the precedence of traffic on one type of network to another type. That is, to transmit the traffic in the other network according to the original precedence. When the NE80E/40E serves as the border router of different networks, the precedence fields in the packets that go into the NE80E/40E are all mapped to the internal precedence of the
router. When the NE80E/40E sends out the packet, the internal precedence is mapped back to the external precedence. Simple traffic classification is usually implemented on the core devices of the network. It can be applied to both physical and logical interfaces. If implemented on the logical interface, simple traffic classification can limit traffic congestion on member ports of the logical interface and restrict the precedence of packets on the logical interface.
NOTE
For precedence mappings in the simple traffic classification, packets with the CoSs of BE, EF, CS6, and CS7 can be marked only in green. A Diff-Serv (DS) domain is a group of Diff-Serv nodes that adopt the same service policies and implement the same PHB aggregate. The precedence of packets is usually accepted or re-defined on the core router. On the border router in the IP domain or MPLS domain, DSCP and EXP also need to be mapped. The simple traffic classification can map the internal precedence to the external precedence, and the external precedence to the internal precedence. However, mapping between traffic of the same type, for example, IP traffic or MPLS traffic, is not supported.
Before configuring the precedence mapping based on simple traffic classification, you need to complete the following pre-configuration tasks:
l l
Configuring physical parameters for related interfaces Configuring link layer attributes for related interfaces to ensure normal operation of the interfaces Configuring IP addresses for related interfaces Enabling routing protocols to achieve reachable routes
l l
Data Preparations
The following data is necessary for configuring the priority mapping based on simple traffic classification: No. 1 2 3 4 5 Data DS domain name 802.1p value and class of service of uplink/downlink VLAN packets DSCP code value and class of service of uplink/downlink IP packets EXP field, class of service and color for packet marking for uplink/downlink MPLS packets Type and number of the interface on which DS domain is enabled
4.3.2 Defining the DiffServ Domain and Configuring a Traffic Policy

Procedure
l Configuring a traffic policy based on simple traffic classification for IP packets Do as follows on the router: 1. Run:
system-view

diffserv domain { ds-domain-name | default | qinq }
A DS domain is defined and the DS domain view is displayed. 3. Run:

ip-dscp-inbound dscp-value phb service-class [ color ]
Mapping from the DSCP value to the COS value is set for incoming IP packets.
ip-dscp-outbound service-class color map dscp-code
Mapping from the COS value to the DSCP value is set for outgoing IP packets. The default and QinQ domain is pre-defined by the system. If the precedence mapping in Step 3 is not set in the DS domain, the system uses the default mapping. The default and QinQ domain template describes the default mapping relations from the DSCP of IP packets to the QoS services classes and colors, or from the QoS services classes and colors to the DSCP value. You can change the mapping relations in the default domain template. The DSCP values of the packets from an upstream device are mapped to the QoS CoSs and colors. Their mapping relations are shown in Table 4-4. The QoS CoSs and colors of the packets going to a downstream device are mapped to the DSCP value. Their mapping relations are shown in Table 4-5. In QinQ domain, the DSCP values of the packets from an upstream device are mapped to the QoS CoSs and colors. Their mapping relations are shown in Table 4-6. The QoS CoSs and colors of the packets going to a downstream device are mapped to the DSCP value. Their mapping relations are the same with that in the default domain.
NOTE
Using the common-inbound command, you can configure the corresponding relationship between the DSCP priority of the upstream packets in the QinQ domain and colorize the packets. The sub-interface for QinQ termination on the LPUF-20 or the sub-interface for QinQ termination on the Trunk that includes the member interfaces of the LPUF-20 can be configured with only the QinQ domain, rather than other domains.
The default mapping between DSCP and CoS of IP packets is shown inTable 4-4. Table 4-4 Default mapping between DSCP value and COS value of IP packets DSCP 00 01 02 03
4-18
Service BE BE BE BE
Color Green Green Green Green
DSCP 32 33 34 35
Service AF4 BE AF4 BE
Color Green Green Green Green

Issue 03 (2008-09-22)
DSCP 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Service BE BE BE BE AF1 BE AF1 BE AF1 BE AF1 BE AF2 BE AF2 BE AF2 BE AF2 BE AF3 BE AF3 BE AF3 BE AF3 BE
Color Green Green Green Green Green Green Green Green Yellow Green Red Green Green Green Green Green Yellow Green Red Green Green Green Green Green Yellow Green Red Green
DSCP 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63
Service AF4 BE AF4 BE EF BE BE BE BE BE EF BE CS6 BE BE BE BE BE BE BE CS7 BE BE BE BE BE BE BE
Color Yellow Green Red Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green Green
The default mapping between the CoS value and the DSCP value is shown inTable 4-5.
Table 4-5 Default mapping between the CoS value and the DSCP value Service BE AF1 AF1 AF1 AF2 AF2 AF2 AF3 AF3 AF3 AF4 AF4 AF4 EF CS6 CS7 Color Green Green Yellow Red Green Yellow Red Green Yellow Red Green Yellow Red Green Green Green DSCP 0 10 12 14 18 20 22 26 28 30 34 36 38 46 48 56
Table 4-6 Default mapping between DSCP value and COS value of IP packets in QinQ domain DSCP 0~7 16~23 32~39 48~55 Service be af2 af4 cs6 Color green green green green DSCP 8~15 24~31 40~47 56~63 Service af1 af3 ef cs7 Color green green green green
Configuring a traffic policy based on simple traffic classification for MPLS packets Do as follows on the router: 1. Run:
system-view
The system view is displayed.

2.
Run:

mpls-exp-inbound exp phb service-class [color ]
Mapping from the EXP value to the COS value is set for incoming MPLS packets.
mpls-exp-outbound service-class color map exp
Mapping from the COS value to the EXP value is set for outgoing MPLS packets. The default domain is pre-defined by the system. If the precedence mapping in Step 3 is not set in the DS domain, the system uses the default mapping. The default domain template describes the default mapping relations from the EXP of MPLS packets to the QoS services classes and colors, or from the QoS services classes and colors to the EXP value. You can change the mapping relations in the default domain template. The EXP of the packets from an upstream device are mapped to the QoS CoSs and colors. Their mapping relations are shown in Table 4-7. The QoS CoSs and colors of the packets going to a downstream device are mapped to the DSCP value. Their mapping relations are shown in Table 4-8. The default mapping between the EXP value and the COS value of MPLS packets is shown in Table 4-7. Table 4-7 Default mapping between the EXP value and the COS value of MPLS packets EXP 0 1 2 3 CoS BE AF1 AF2 AF3 Color Green Green Green Green EXP 4 5 6 7 CoS AF4 EF CS6 CS7 Color Green Green Green Green
The default mapping between the CoS value and the EXP value is shown in Table 4-8. Table 4-8 Default mapping between the CoS value and the EXP value CoS BE AF1 AF2 AF3 AF4 EF CS6
Issue 03 (2008-09-22)
Color Green Green, Yellow, Red Green, Yellow, Red Green, Yellow, Red Green, Yellow, Red Green Green
MPLS EXP 0 1 2 3 4 5 6
4-21
CoS CS7
Color Green
MPLS EXP 7
Configuring a traffic policy based on simple traffic classification for VLAN packets
NOTE
If congestion occurs to the interface on the 8GE sub-interface of the LPUF, run the set picforwarding command to configure the scheduling priorities of the untagged packets or tagged packets on the interface. The packets with higher priorities are scheduled first. Those with lower priorities are buffered before being scheduled. In this manner, the transmission quality can be guaranteed for the packets with higher priorities. The 802.1 p priorities must be specified for tagged packets.

system-view


8021p-inbound 8021p-code phb service-class [ color ]
Mapping from the 802.1p field to the COS value is set for incoming VLAN packets.
8021p-outbound service-class color map 8021p-code
Mapping from the COS value to the 802.1p field is set for outgoing VLAN packets. Three DS domain templates are pre-defined by the system for VLAN packets: the 5p3d domain template, the QinQ domain template and the default domain template.
The 5p3d domain template describes mapping relations from the 802.1 priorities of VLAN packets to the QoS CoSs and colors, or from the QoS CoSs and colors to the 802.1 priorities. These mapping relations are not configurable. The 802.1p priorities of the packets from an upstream device are mapped to the QoS CoSs and colors. Their mapping relations are shown in Table 4-9. The QoS CoSs and colors of the packets going to a downstream device are mapped to the 802.1p priorities. Their mapping relations are shown in Table 4-10. Table 4-9 Mappings from 802.1p priorities to QoS CoSs and colors in the 5p3d domain template 802.1p 0 1 2 3 CoS BE BE AF2 AF2 Color Yellow Green Yellow Green 802.1p 4 5 6 7 CoS AF4 AF4 CS6 CS7 Color Yellow Green Green Green
4-22
Issue 03 (2008-09-22)
Table 4-10 Mappings from QoS CoSs and colors to 802.1p priorities in the 5p3d domain template Service BE AF1 AF1 AF1 AF2 AF2 AF2 AF3 Color Green Green Yellow Red Green Yellow Red Green 802.1p 1 1 0 0 3 2 2 3 Service AF3 AF3 AF4 AF4 AF4 EF CS6 CS7 Color Yellow Red Green Yellow Red Green Green Green 802.1p 2 2 5 4 4 5 6 7
The default domain template describes the default mapping relations from the 802.1p priorities of VLAN packets to the QoS services classes and colors, or from the QoS services classes and colors to the 802.1p priorities. You can change the mapping relations in the default domain template. The 802.1p priorities of the packets from an upstream device are mapped to the QoS CoSs and colors. Their mapping relations are shown in Table 4-11. The QoS CoSs and colors of the packets going to a downstream device are mapped to the 802.1p priorities. Their mapping relations are shown in Table 4-12. Table 4-11 Mappings from 802.1p priorities to QoS CoSs and colors in the default domain template 802.1p 0 1 2 3 CoS BE AF1 AF2 AF3 Color Green Green Green Green 802.1p 4 5 6 7 CoS AF4 EF CS6 CS7 Color Green Green Green Green
Table 4-12 Mappings from QoS CoSs and colors to 802.1p priorities in the default domain template CoS BE AF1 AF2 AF3
Issue 03 (2008-09-22)
Color Green Green, yellow, and red Green, yellow, and red Green, yellow, and red
802.1p 0 1 2 3
4-23
CoS AF4 EF CS6 CS7
Color Green, yellow, and red Green Green Green
802.1p 4 5 6 7
The default mapping between the 802.1p field and the COS value of VLAN packets in QinQ domain is the same with that in the default domain.
NOTE
Using the common-inbound command, you can configure the corresponding relationship between the 802.1p priority of the upstream packets in the QinQ domain and colorize the packets. The sub-interface for QinQ termination on the LPUF-20 or the sub-interface for QinQ termination on the Trunk that includes the member interfaces of the LPUF-20 can be configured with only the QinQ domain, rather than other domains.
Configuring a traffic policy for control packets based on the simple traffic classification Control packets are usually forwarded with preference so that service interruption resulting from the loss of control packets due to network congestion is avoided. By default, the system places control packets into the EF queue for being forwarded with preference. Do as follows on the router: 1. Run:
system-view

A DS domain is created and the DS domain view is displayed. 3. Run:

ppp-inbound control phb service-class [ color ]
To map the priorities of PPP control packets to the interior priorities of a router. ----End
4.3.3 Applying Traffic Policy Based on Simple Traffic Classification to an Interface

Context
To apply the traffic policy based on simple traffic classification to an interface, you can add the interface to the DS domain that has been configured with the traffic policy. When you add an interface to a DS domain, the traffic policy configured for the domain is then automatically applied to the incoming and outgoing traffic on the interface.

NOTE
This NE80E/40E supports simple traffic classification both on physical interface such as GE and POS, and on logical interfaces such as Ethernet sub-interface, Eth-Trunk, IP-Trunk, and Ring-if.
Procedure
l Applying traffic policy to IP packets and control packetson a layer-3 interface Do as follows on the router: 1. Run:
system-view


trust upstream { 5p3d | ds-domain-name | default | qinq }
The interface is added in the DS domain and simple traffic classification is enabled. l Applying traffic policy to MPLS packets Do as follows on the router: 1. Run:
system-view


The interface is added in the DS domain and simple traffic classification is enabled. l Applying traffic policy to VLAN packets Do as follows on the router: 1. Run:
system-view

interface { ethernet | gigabitethernet } interface-number.subnumber

The interface is added in the DS domain. 4. Run:

trust 8021p
Issue 03 (2008-09-22)
4-25
Traffic classification based on the 802.1p field is enabled.

NOTE
l l
You can run the trust 8021p command only on the Ethernet (FE, GE and Eth-trunk) subinterface and the physical interface where you run the portswitch command. Before you run this command, you must add the interface to the DS domain first. Otherwise, the configuration does not take effect.
After an interface is added to a DS domain, the traffic policies defined in this domain can act on the incoming and outgoing traffic on this interface.
Applying traffic policy based on simple traffic classification to a layer-2 port Do as follows on the router: 1. Run:
system-view


portswitch
The interface becomes a layer 2 port. 4. Run:

trust upstream { 5p3d | ds-domain-name | default | qinq } [ vlan { vlanid1 [ to vlan-id2 ] } &<1-10> ]
The port is added to the specified DS domain. 5. Run:

trust 8021p vlan { vlan-id1 [ to vlan-id2 ] } &<1-10>
Traffic classification based on the 802.1p field is enabled.

NOTE
If you apply a traffic policy of the simple traffic classification without specifying a VLAN ID, the traffic policy is applied to the VLAN switch services that flow through the port or the service packets that are added to a PBB-TE tunnel in port mode. To apply a traffic policy to VLAN switch services on a Layer 2 port or the service packets that are added to a PBB-TE tunnel in port mode, you do not need to specify a VLAN ID. You must, however, specify a VLAN ID if you apply a traffic policy to the VLAN packets that go through a Layer 2 port.
----End

Use the following display command to check the previous configuration. Action Display the DS domain name.
4-26
Command display diffserv domain [ dsdomainname ]

Issue 03 (2008-09-22)
Action Display the traffic information on an interface.
Command display interface [ interface-type [ interfacenumber ] ] [ | { begin | exclude | include } regularexpression ]
If the configuration succeeds, you can see that, in the DS domain, the traffic policy based on simple traffic classification is configured correctly by running the display diffserv domain command.
4.4 Maintaining Class-based QoS Configuration

This section describes how to clear statistics about a traffic policy. 4.4.1 Clearing the Statistics About Traffic Policies 4.4.2 Troubleshooting
4.4.1 Clearing the Statistics About Traffic Policies
CAUTION
The statistics is deleted after you run the reset command. So, confirm the action before you use the command. To delete the statistics about traffic policies on an interface, run the following reset command in the user view. Action Clear the statistics about the traffic policy on an interface. Command reset traffic policy statistics interface interface-type interface-number [. sub-interface ] [ vlan vlan-id ] { inbound | outbound }
4.4.2 Troubleshooting
Fault Description
After the configuration, QoS on the router does not take effect.
Fault Analysis
QoS rules, behaviors, and traffic parameters must be set correctly. Further, they must be implemented in correct direction.
Troubleshooting Procedure
1. 2. 3. 4. Use the display commands about QoS to check that the rules, actions and traffic parameters are correct. Use the display current-configuration command to check that the configured inbound/ outbound interfaces are correct. Use the display device command to check the interface board status. The normal state should be "Registered." Use the ping command to check that the physical connection and the lower layer protocols run normally.

This section provides some examples for configuring class-based QoS. 4.5.1 Example for Configuring a Traffic Policy Based on Complex Traffic Classification 4.5.2 Example for Configuring Complex Traffic Classification on QinQ Termination Subinterface 4.5.3 Example for Configuring Priority Mapping Based on the Simple Traffic Classification (VLAN) 4.5.4 Example for Configuring Priority Mapping Based on the Simple Traffic Classification (MPLS)
4.5.1 Example for Configuring a Traffic Policy Based on Complex Traffic Classification
As shown in Figure 4-1, PE1, P, and PE2 are routers on an MPLS backbone network; CE1 and CE2 are access routers on the edge of the backbone network. Three users from the local network access the Internet through CE1.
l
On CE1, the CIR of the users from the network segment 1.1.1.0 is limited to 10 Mbit/s and the CBS is limited to 150000 bytes. On CE1, the CIR of the users from the network segment 2.1.1.0 is limited to 5 Mbit/s and the CBS is limited to 100000 bytes. On CE1, the CIR of the users from the network segment 3.1.1.0 is limited to 2 Mbit/s and the CBS is limited to 100000 bytes. On CE1, the DSCP values of the service packets from the three network segments are marked to 40, 26, and 0. PE1 accesses the MPLS backbone network at the CIR of 15 Mbit/s, the CBS of 300000 bytes, and the PIR of 20 Mbit/s. On CE1, the CIR of the UDP protocol packets (except DNS, SNMP, SNMP Trap, and Syslog packets) is limited to 5 Mbit/s, the CBS is limited to 100000 bytes, and the PIR is limited to 15 Mbit/s.
4-28
Figure 4-1 Diagram for configuring a traffic policy based on the complex traffic classification
The configuration roadmap is as follows: 1. 2. 3. 4. 5. Configure ACL rules. Configure traffic classifiers. Configure traffic actions. Configure traffic policies. Apply policies to interfaces
Data Preparation
l l
ACL numbers are 2001, 2002, 2003, 3001 and 3002. The DSCP values the packets from the three network segments are re-marked 40, 26, and 0. The CIRs of the traffic of the three network segments are 10 Mbit/s, 5 Mbit/s, and 2 Mbit/ s; their CBSs are 150000 bytes, 100000 bytes, and 100000 bytes. The CIR of the UDP protocol packets (except DNS, SNMP, SNMP Trap, and Syslog packets) on CE1 is 5 Mbit/s, the CBS is 100000 bytes, and the PIR is 15 Mbit/s. The CIR of PE1 is 15 Mbit/s; the CBS is 300000 bytes; the PIR is 20 Mbit/s. Names of traffic classifiers, traffic behaviors, and traffic policies; the numbers of interfaces where the traffic policies are applied.
l l
Issue 03 (2008-09-22)
1. 2. Configure the IP addresses of the interfaces, the routes, and the basic MPLS functions (not mentioned here). Configure complex traffic classification on CE1 to control the traffic that accesses CE1 from the three local networks. # Define ACL rules.
<CE1> system-view [CE1] acl number 2001 [CE1-acl-basic-2001] rule [CE1-acl-basic-2001] quit [CE1] acl number 2002 [CE1-acl-basic-2002] rule [CE1-acl-basic-2002] quit [CE1] acl number 2003 [CE1-acl-basic-2003] rule [CE1-acl-basic-2003] quit [CE1] acl number 3001 [CE1-acl-basic-3001] rule [CE1-acl-basic-3001] rule [CE1-acl-basic-3001] rule [CE1-acl-basic-3001] rule [CE1-acl-basic-3001] quit [CE1] acl number 3002 [CE1-acl-basic-3002] rule [CE1-acl-basic-3002] quit permit source 1.1.1.0 0.0.0.255 permit source 2.1.1.0 0.0.0.255 permit source 3.1.1.0 0.0.0.255 0 1 2 3 permit udp destination-port eq dns permit udp destination-port eq snmp dpermit udp destination-port eq snmptrap permit udp destination-port eq syslog
4 permit udp
# Configure traffic classifiers and define ACL-rule-based matching rules.

[CE1] traffic classifier a [CE1-classifier-a] if-match acl 2001 [CE1-classifier-a] quit [CE1] traffic classifier b [CE1-classifier-b] if-match acl 2002 [CE1-classifier-b] quit [CE1] traffic classifier c [CE1-classifier-c] if-match acl 2003 [CE1-classifier-c] quit [CE1]traffic classifier udplimit operator or [CE1-classifier-udplimit] if-match acl 3001 [CE1-classifier-udplimit] quit [CE1] traffic classifier udplimit1 operator or [CE1-classifier-udplimit1] if-match acl 3002 [CE1-classifier-udplimit1] quit
After the preceding configuration, you can run the following display traffic classifier command to view the configuration of the traffic classifiers.
[CE1] display traffic classifier user-defined User Defined Classifier Information: Classifier: a Operator: OR Rule(s): if-match acl 2001 Classifier: c Operator: OR Rule(s): if-match acl 2003 Classifier: b Operator: OR Rule(s): if-match acl 2002 Classifier: udplimit Operator: OR Rule(s) : if-match acl 3001 Classifier: udplimit1 Operator: OR Rule(s) : if-match acl 3002
# Define traffic behaviors; configure traffic policing, and DSCP values to be re-marked.
[CE1] traffic behavior e
4-30
Issue 03 (2008-09-22)
[CE1-behavior-e] car cir 10000 cbs 150000 pbs 0 [CE1-behavior-e] remark dscp 40 [CE1-behavior-e] quit [CE1] traffic behavior f [CE1-behavior-f] car cir 5000 cbs 100000 pbs 0 [CE1-behavior-f] remark dscp 26 [CE1-behavior-f] quit [CE1] traffic behavior g [CE1-behavior-g] car cir 2000 cbs 100000 pbs 0 [CE1-behavior-g] remark dscp 0 [CE1-behavior-g] quit [CE1] traffic behavior udplimit [CE1-behavior-udplimit] quit [CE1] traffic behavior udplimit1 [CE1-behavior-udplimit1] car cir 5000 cbs 100000 pbs 150000 green pass yellow discard red discard [CE1-behavior-udplimit1] quit
# Define traffic policies and associate the traffic classifiers with the traffic behaviors.
[CE1] traffic policy 1 [CE1-trafficpolicy-1] classifier a behavior e [CE1-trafficpolicy-1] quit [CE1] traffic policy 2 [CE1-trafficpolicy-2] classifier b behavior f [CE1-trafficpolicy-2] quit [CE1] traffic policy 3 [CE1-trafficpolicy-3] classifier c behavior g [CE1-trafficpolicy-3] quit [CE1] traffic policy udplimit [CE1-trafficpolicy-udplimit] classifier udplimit behavior udplimit [CE1-trafficpolicy-udplimit] classifier udplimit1 behavior udplimit1 [CE1-trafficpolicy-3] quit
After the preceding configuration, run the display traffic policy command to view the configuration of the traffic policies, traffic classifiers defined in the traffic policies, and the traffic behaviors associated with traffic classifiers.
[CE1] display traffic policy user-defined User Defined Traffic Policy Information: Policy: 1 Classifier: default-class Behavior: be -noneClassifier: a Behavior: e Committed Access Rate: CIR 10000 (Kbps), PIR 0 (Kbps), CBS 15000 (byte), PBS 0 (byte) Conform Action: pass Yellow Action: pass Exceed Action: discard Marking: Remark DSCP cs5 Policy: 2 Classifier: default-class Behavior: be -noneClassifier: b Behavior: f Committed Access Rate: CIR 5000 (Kbps), PIR 0 (Kbps), CBS 100000 (byte), PBS 0 (byte) Conform Action: pass Yellow Action: pass Exceed Action: discard Marking: Remark DSCP af31 Policy: 3 Classifier: default-class Behavior: be -noneClassifier: c
Issue 03 (2008-09-22)
4-31
Behavior: g Committed Access Rate: CIR 2000 (Kbps), PIR 0 (Kbps), CBS 100000 (byte), PBS 0 (byte) Conform Action: pass Yellow Action: pass Exceed Action: discard Marking: Remark DSCP default Policy: udplimit Classifier: default-class Behavior: be -noneClassifier: udplimit Behavior: udplimit -noneClassifier: udplimit1 Behavior: udplimit1 Committed Access Rate: CIR 5000 (Kbps), PIR 0 (Kbps), CBS 10000 (byte), PBS 15000 (byte) Conform Action: pass Yellow Action: discard Exceed Action: discard
# Apply the traffic policies to the inbound interfaces.

[CE1] interface gigabitethernet 1/0/0 [CE1-GigabitEthernet1/0/0] undo shutdown [CE1-GigabitEthernet1/0/0] traffic-policy [CE1-GigabitEthernet1/0/0] quit [CE1] interface gigabitethernet 3/0/0 [CE1-GigabitEthernet3/0/0] undo shutdown [CE1-GigabitEthernet3/0/0] traffic-policy [CE1-GigabitEthernet3/0/0] quit [CE1] interface gigabitethernet 4/0/0 [CE1-GigabitEthernet4/0/0] undo shutdown [CE1-GigabitEthernet4/0/0] traffic-policy [CE1] interface gigabitethernet 2/0/0 [CE1-GigabitEthernet2/0/0] undo shutdown [CE1-GigabitEthernet2/0/0] traffic-policy 1 inbound
2 inbound
3 inbound udplimit outbound
3.
Configure complex traffic classification on PE1 to control the traffic that goes to the MPLS backbone network. # Configure traffic classifiers and define matching rules.
<PE1> system-view [PE1] traffic classifier pe [PE1-classifier-pe] if-match any [PE1-classifier-pe] quit
After the preceding configuration, you can run the display traffic classifier command to view the configuration of the traffic classifiers.
[PE1] display traffic classifier user-defined User Defined Classifier Information: Classifier: pe Operator: OR Rule(s): if-match any
# Define traffic behaviors; configure traffic policing and DSCP values to be re-marked.
[PE1] traffic behavior pe [PE1-behavior-pe] car cir 15000 pir 20000 cbs 300000 pbs 500000 [PE1-behavior-pe] quit
# Define traffic policies and associate the traffic classifiers with the traffic behaviors.
[PE1] traffic policy pe [PE1-trafficpolicy-pe] classifier pe behavior pe [PE1-trafficpolicy-pe] quit
After the preceding configuration, you can run the display traffic policy command to view the configuration of the traffic policies, traffic classifiers defined in the traffic policies, and the traffic behaviors associated with traffic classifiers.
[PE1] display traffic policy user-defined User Defined Traffic Policy Information: Policy: pe Classifier: default-class Behavior: be -noneClassifier: pe Behavior: pe Committed Access Rate: CIR 15000 (Kbps), PIR 20000 (Kbps), CBS 300000 (byte), PBS 500000 (byte) Conform Action: pass Yellow Action: pass Exceed Action: discard
# Apply the traffic policies to the inbound interfaces.

[PE1] interface gigabitethernet 1/0/0 [PE1-GigabitEthernet1/0/0] undo shutdown [PE1-GigabitEthernet1/0/0] traffic-policy pe inbound [PE1-GigabitEthernet1/0/0] quit
4.
Verify the configuration. Run the display interface command on CE1 and PE1. You can view that the traffic on the interfaces are controlled according to the configured traffic policies.
Configuration Files
l
Configuration file of CE1

# sysname CE1 # acl number 2001 rule permit source 1.1.1.0 0.0.0.255 acl number 2002 rule permit source 2.1.1.0 0.0.0.255 acl number 2003 rule permit source 3.1.1.0 0.0.0.255 acl number 3001 rule 0 permit udp destination-port eq dns rule 1 permit udp destination-port eq snmp rule 2 dpermit udp destination-port eq snmptrap rule 3 permit udp destination-port eq syslog acl number 3302 rule 4 permit udp # traffic classifier a operator or if-match acl 2001 traffic classifier c operator or if-match acl 2003 traffic classifier b operator or if-match acl 2002 traffic classifier udp-limit operator or if-match acl 3001 traffic classifier udp-limit1 operator or if-match acl 3002 # traffic behavior e car cir 10000 cbs 150000 pbs 0 green pass red discard remark dscp cs5 traffic behavior g car cir 2000 cbs 100000 pbs 0 green pass red discard remark dscp default traffic behavior f car cir 5000 cbs 100000 pbs 0 green pass red discard remark dscp af31 traffic behavior udp-limit traffic behavior udp-limit1 car cir 5000 cbs 100000 pbs 150000 green pass yellow discard red discard #
Issue 03 (2008-09-22)
4-33

traffic policy 3 classifier c behavior g traffic policy 2 classifier b behavior f traffic policy 1 classifier a behavior e traffic policy udp-limit classifier udp-limit behavior udp-limit classifier udp-limit1 behavior udp-limit1 # interface GigabitEthernet1/0/0 undo shutdown ip address 1.1.1.1 255.255.255.0 traffic-policy 1 inbound # interface GigabitEthernet2/0/0 undo shutdown ip address 10.1.1.1 255.255.255.0 traffic-policy udplimit outbound # interface GigabitEthernet3/0/0 undo shutdown ip address 2.1.1.1 255.255.255.0 traffic-policy 2 inbound # interface GigabitEthernet4/0/0 undo shutdown ip address 3.1.1.1 255.255.255.0 traffic-policy 3 inbound # ospf 1 area 0.0.0.0 network 1.1.1.0 0.0.0.255 network 2.1.1.0 0.0.0.255 network 3.1.1.0 0.0.0.255 network 10.1.1.0 0.0.0.255 # return l
Configuration file of PE1

# sysname PE1 # mpls lsr-id 11.11.11.11 mpls # mpls ldp # traffic classifier pe operator or if-match any # traffic behavior pe car cir 15000 pir 20000 cbs 300000 pbs 500000 green pass yellow pass red discard # traffic policy pe classifier pe behavior pe # interface GigabitEthernet1/0/0 undo shutdown ip address 10.1.1.2 255.255.255.0 traffic-policy pe inbound # interface Pos2/0/0 undo shutdown ip address 100.1.1.1 255.255.255.0 mpls mpls ldp # interface LoopBack0
4-34
Issue 03 (2008-09-22)

ip address 11.11.11.11 255.255.255.255 # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 100.1.1.0 0.0.0.255 network 11.11.11.11 0.0.0.0 # return l
Configuration file of P
# sysname P # mpls lsr-id 33.33.33.33 mpls # mpls ldp # interface Pos1/0/0 link-protocol ppp ip address 100.1.1.2 255.255.255.0 mpls mpls ldp # interface Pos2/0/0 link-protocol ppp ip address 110.1.1.1 255.255.255.0 mpls mpls ldp # interface LoopBack0 ip address 33.33.33.33 255.255.255.255 # ospf 1 area 0.0.0.0 network 100.1.1.0 0.0.0.255 network 110.1.1.0 0.0.0.255 network 33.33.33.33 0.0.0.0 # return

# sysname PE2 # mpls lsr-id 22.22.22.22 mpls # mpls ldp # interface GigabitEthernet1/0/0 undo shutdown ip address 20.1.1.2 255.255.255.0 # interface Pos2/0/0 undo shutdown ip address 110.1.1.1 255.255.255.0 mpls mpls ldp # interface LoopBack0 ip address 22.22.22.22 255.255.255.255 # ospf 10 area 0.0.0.0 network 110.1.1.0 0.0.0.255 network 20.1.1.0 0.0.0.255 network 22.22.22.22 0.0.0.0 #
Issue 03 (2008-09-22)
4-35

return l

# sysname CE2 # interface GigabitEthernet2/0/0 undo shutdown ip address 20.1.1.1 255.255.255.0 # ospf 1 area 0.0.0.0 network 20.1.1.0 0.0.0.255 # return
4.5.2 Example for Configuring Complex Traffic Classification on QinQ Termination Sub-interface
As shown in Figure 4-2, Switch A and Switch B connect the carrier's network through Router A and Router B. On the QinQ termination sub-interface GE2/0/0.1 on Router A, configure complex traffic classification to limit the user access rate on Switch A to 10 Mbit/s and the committed burst size (CBS) to 150,000 bytes.
NOTE
For details about the QinQ interface and its configuration, refer to "QinQ Configuration" in the Quidway NetEngine80E/40E Router Configuration Guide LAN Access and MAN Access.
Figure 4-2 Networking diagram for configuring complex traffic classification on QinQ termination sub-interface
The roadmap for configuring the complex traffic classification on a QinQ sub-interface is as follows: 1.
4-36
Configure the GE2/0/0.1 on Router A and on Router B to a QinQ termination sub-interface.

2.
Configure traffic policing based on the complex traffic classification on the QinQ termination sub-interface.
Data Preparation
l l l l
The IP addresses of the interfaces The range of VLAN IDs to be terminated on the QinQ termination sub-interface For users attached to Switch A, the CIR is 10 Mbit/s and the CBS is 150000 bytes Traffic classifier name, traffic behavior name, traffic policy name, and the interface number where the traffic policy is applied
Configuration Procedures
1. Configure the IGP of the backbone network. In this example, OSPF is used. # Configure Router A.
<Quidway> system-view [Quidway] sysname RouterA [RouterA] interface pos 1/0/0 [RouterA-Pos1/0/0] undo shutdown [RouterA-Pos1/0/0] ip address 100.1.1.1 24 [RouterA-Pos1/0/0] quit [RouterA] ospf [RouterA-ospf-1] area 0 [RouterA-ospf-1-area-0.0.0.0] network 100.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] quit [RouterA-ospf-1] quit
# Configure Router B.
<Quidway> system-view [Quidway] sysname RouterB [RouterB] interface pos 1/0/0 [RouterB-Pos1/0/0] undo shutdown [RouterB-Pos1/0/0] ip address 100.1.1.2 24 [RouterB-Pos1/0/0] quit [RouterB] ospf [RouterB-ospf-1] area 0 [RouterB-ospf-1-area-0.0.0.0] network 100.1.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] quit [RouterB-ospf-1] quit
2.
Configure QinQ termination sub-interface. # Configure Router A.

[RouterA] interface gigabitethernet 2/0/0 [RouterA-GigabitEthernet2/0/0] undo shutdown [RouterA-GigabitEthernet2/0/0] mode user-termination [RouterA-GigabitEthernet2/0/0] quit [RouterA] interface gigabitethernet 2/0/0.1 [RouterA-GigabitEthernet2/0/0.1] control-vid 1 qinq-termination [RouterA-GigabitEthernet2/0/0.1] qinq termination pe-vid 100 ce-vid 10 to 20 [RouterA-GigabitEthernet2/0/0.1] ip address 10.1.1.1 24 [RouterA-GigabitEthernet2/0/0.1] arp broadcast enable [RouterA-GigabitEthernet2/0/0.1] quit
[RouterB] interface gigabitethernet 2/0/0 [RouterB-GigabitEthernet2/0/0] undo shutdown [RouterB-GigabitEthernet2/0/0] mode user-termination [RouterB-GigabitEthernet2/0/0] quit
Issue 03 (2008-09-22)
4-37
[RouterB] interface gigabitethernet 2/0/0.1 [RouterB-GigabitEthernet2/0/0.1] control-vid 1 qinq-termination [RouterB-GigabitEthernet2/0/0.1] qinq termination pe-vid 100 ce-vid 10 to 20 [RouterB-GigabitEthernet2/0/0.1] ip address 10.2.1.1 24 [RouterB-GigabitEthernet2/0/0.1] arp broadcast enable [RouterB-GigabitEthernet2/0/0.1] quit
3.
Configure the complex traffic classification function for the QinQ termination sub-interface on Router A. # Configure a traffic class and define a matching rule.
[RouterA] traffic classifier c1 [RouterA-classifier-c1] if-match any [RouterA-classifier-c1] quit
# Define a traffic behavior.

[RouterA] traffic behavior b1 [RouterA-behavior-b1] car cir 10000 cbs 150000 pbs 0 [RouterA-behavior-b1] quit
# Define a traffic policy and associate the traffic class with the traffic behavior.
[RouterA] traffic policy p1 [RouterA-trafficpolicy-p1] classifier c1 behavior b1 [RouterA-trafficpolicy-p1] quit
# After the preceding configuration, use the display traffic policy command to view the configuration result, paying attention to the traffic policy, the traffic class defined in the traffic policy and the traffic behavior that is associated with the traffic class.
[RouterA] display traffic policy user-defined User Defined Traffic Policy Information: Policy: p1 Classifier: default-class Behavior: be -noneClassifier: c1 Behavior: b1 Committed Access Rate: CIR 10000 (Kbps), PIR 0 (Kbps), CBS 150000 (byte), PBS 0 (byte) Conform Action: pass Yellow Action: pass Exceed Action: discard
# Apply the traffic policy to the interface.

[RouterA] interface gigabitethernet 2/0/0.1 [RouterA-GigabitEthernet2/0/0.1] traffic-policy p1 inbound [RouterA-GigabitEthernet2/0/0.1] quit
4.
Check the configuration. After the interface is bound with the traffic policy, the GE2/0/0 interface on Router A only admits a traffic rate of 10 Mbit/s. If the traffic rate is more than that, the packets are discarded.
Configuration Files
l

# sysname RouterA # traffic classifier c1 operator and if-match any # traffic behavior b1 car cir 10000 cbs 150000 pbs 0 green pass yellow pass red discard # traffic policy p1 classifier c1 behavior b1
4-38
Issue 03 (2008-09-22)

# interface GigabitEthernet2/0/0 undo shutdown mode user-termination # interface GigabitEthernet2/0/0.1 control-vid 1 qinq-termination qinq termination pe-vid 100 ce-vid 10 to 20 ip address 10.1.1.1 255.255.255.0 traffic-policy p1 inbound arp broadcast enable # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.1.1.1 255.255.255.0 # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 100.1.1.0 0.0.0.255 # return l

# sysname RouterB # interface GigabitEthernet2/0/0 undo shutdown mode user-termination # interface GigabitEthernet2/0/0.1 control-vid 1 qinq-termination qinq termination pe-vid 100 ce-vid 10 to 20 ip address 10.2.1.1 255.255.255.0 arp broadcast enable # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.1.1.2 255.255.255.0 # ospf 1 area 0.0.0.0 network 10.2.1.0 0.0.0.255 network 100.1.1.0 0.0.0.255 # return
4.5.3 Example for Configuring Priority Mapping Based on the Simple Traffic Classification (VLAN)
As shown in Figure 4-3, Router A and Router B connect to each other through VLAN. When IP packets sent from Router A go into VLAN, the precedence of the IP packets is mapped to the 802.1p priority according to the default mapping. When the packets from VLAN go into Router B, the precedence is mapped according to the precedence mapping for the DS domain set on Router B.
Issue 03 (2008-09-22)
4-39
Figure 4-3 Networking diagram for configuring VLAN QoS
The configuration roadmap is as follows: 1. 2. 3. Set VLAN and routes on RouterA and RouterB. On the inbound interface of RouterA, set the router to trust the precedence of packets from the upstream device. On the inbound interface of RouterB, set the precedence mapping based on simple traffic classification.
Data Preparation
l l
VLAN ID The 802.1p priority, internal CoS and color inside the router, and the IP DSCP value
1. 2. Assign IP addresses for the interfaces (not mentioned). Set VLAN on RouterA and RouterB. # Create the sub-interface GigabitEthernet4/0/0.1 and add it to the VLAN.
[RouterA] interface gigabitethernet 4/0/0.1 [RouterA-GigabitEthernet4/0/0.1] vlan-type dot1q 10 [RouterA-GigabitEthernet4/0/0.1] return
# Create the sub-interface GigabitEthernet2/0/0.1 and add it to the VLAN.

<RouterB> system-view [RouterB] interface gigabitethernet 2/0/0.1 [RouterB-GigabitEthernet2/0/0] vlan-type dot1q 10 [RouterB-GigabitEthernet2/0/0] return
3.
Configure dynamic routing protocols on Router A and Router B. Take OSPF as an example. # Configure Router A.
<RouterA> system-view [RouterA] ospf 1 [RouterA-ospf-1] area 0.0.0.0 [RouterA-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] return
<RouterB> system-view [RouterB] ospf 1 [RouterB-ospf-1] area 0.0.0.0 [RouterB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] network 11.1.1.0 0.0.0.255
4-40
Issue 03 (2008-09-22)

[RouterB-ospf-1-area-0.0.0.0] return
4.
Enable the simple traffic classification on GE 1/0/0 of Router A to map the precedence in IP packets to the 802.1p priority according to the default mapping.
<RouterA> system-view [RouterA] interface gigabitethernet 1/0/0 [RouterA-GigabitEthernet1/0/0] undo shutdown [RouterA-GigabitEthernet1/0/0] trust upstream default [RouterA-GigabitEthernet1/0/0] quit [RouterA] interface gigabitethernet 4/0/0.1 [RouterA-GigabitEthernet4/0/0.1] trust upstream default [RouterA-GigabitEthernet4/0/0.1] trust 8021p [RouterA-GigabitEthernet4/0/0.1] return
After the said configuration, the DSCP field value in the IP packets that are sent from the upstream device is mapped on Router A to the 802.1p priority according to the default mapping. 5. On GE 2/0/0.1 of Router B, set the mapping from the 802.1p priority to IP DSCP field.
<RouterB> system-view [RouterB] diffserv domain default [RouterB-dsdomain-default] 8021p-inbound 2 phb ef green [RouterB-dsdomain-default] ip-dscp-outbound ef green map 34 [RouterB-dsdomain-default] quit [RouterB] interface gigabitethernet 2/0/0.1 [RouterB-GigabitEthernet2/0/0.1] trust upstream default [RouterB-GigabitEthernet2/0/0.1] trust 8021p [RouterB-GigabitEthernet2/0/0.1] return
After the said configuration, the VLAN frames that are upstream device and in which the 80.21p priority value is 2 are converted to the IP packets in which the DSCP value is 34, the CoS is AF4, and the packet color is green. The 802.1p priority values in other VLAN frames are mapped to the DSCP values according to the default mapping. 6. Check the configuration. On GE 3/0/0 of Router B, run the display port-queue statistics interface gigabitethernet 3/0/0 outbound command and the output is as follows. The statistics about AF2 packets are not displayed because the mapping from the 802.1p priority 2 to the service priority EF of IP packets is configured on the inbound interface.
<RouterB> display port-queue statistics interface gigabitethernet 3/0/0 outbound GigabitEthernet3/0/0 outbound traffic statistics: [be] Total pass: 18,466,135 packets, 1,735,817,160 bytes Total discard: 0 packets, 0 bytes --Drop tail discard: 0 packets, 0 bytes --Wred discard: 0 pps, 0 bps Last 30 seconds pass rate: 33,599 pps, 3,158,306 bps Last 30 seconds discard rate: 0 pps, 0 bps --Drop tail discard rate: 0 pps, 0 bps --Wred discard rate: 0 pps, 0 bps [af1] Total pass: 670,712 packets, 63,046,928 bytes Total discard: 0 packets, 0 bytes --Drop tail discard: 0 packets, 0 bytes --Wred discard:
Issue 03 (2008-09-22)
4-41

0 pps, Last 30 seconds pass rate: 33,600 pps, Last 30 seconds discard rate: 0 pps, --Drop tail discard rate: 0 pps, --Wred discard rate: 0 pps, [af2] Total pass: 58 packets, Total discard: 24,478,662 packets, --Drop tail discard: 0 packets, --Wred discard: 0 pps, Last 30 seconds pass rate: 33,599 pps, Last 30 seconds discard rate: 0 pps, --Drop tail discard rate: 0 pps, --Wred discard rate: 0 pps, [af3] Total pass: 58 packets, Total discard: 478,662 packets, --Drop tail discard: 0 packets, --Wred discard: 0 pps, Last 30 seconds pass rate: 0 pps, Last 30 seconds discard rate: 0 pps, --Drop tail discard rate: 0 pps, --Wred discard rate: 0 pps, [af4] Total pass: 670,709 packets, Total discard: 0 packets, --Drop tail discard: 0 packets, --Wred discard: 0 pps, Last 30 seconds pass rate: 33,598 pps, Last 30 seconds discard rate: 0 pps, --Drop tail discard rate: 0 pps, --Wred discard rate: 0 pps, [ef] Total pass: 670,712 packets, Total discard: 353,802 packets, --Drop tail discard: 0 packets, --Wred discard: 0 pps,

0 bps 3,158,400 bps 0 bps 0 bps 0 bps 5,684 bytes 1,860,378,312 bytes 0 bytes 0 bps 3,158,306 bps 0 bps 0 bps 0 bps 5,684 bytes 1,860,378,312 bytes 0 bytes 0 bps 0 bps 0 bps 0 bps 0 bps 63,046,646 bytes 0 bytes 0 bytes 0 bps 3,158,212 bps 0 bps 0 bps 0 bps 63,046,928 bytes 406,888,952 bytes 0 bytes 0 bps
4-42
Issue 03 (2008-09-22)

Last 30 seconds pass rate: 33,600 Last 30 seconds discard rate: 0 --Drop tail discard rate: 0 --Wred discard rate: 0 [cs6] Total pass: 147 Total discard: 0 --Drop tail discard: 0 --Wred discard: 0 Last 30 seconds pass rate: 33,599 Last 30 seconds discard rate: 0 --Drop tail discard rate: 0 --Wred discard rate: 0 [cs7] Total pass: 670,708 Total discard: 0 --Drop tail discard: 0 --Wred discard: 0 Last 30 seconds pass rate: 33,599 Last 30 seconds discard rate: 0 --Drop tail discard rate: 0 --Wred discard rate: 0
pps, pps, pps, pps, packets, packets, packets, pps, pps, pps, pps, pps, packets, packets, packets, pps, pps, pps, pps, pps,
3,158,400 bps 0 bps 0 bps 0 bps 12,667 bytes 0 bytes 0 bytes 0 bps 3,158,306 bps 0 bps 0 bps 0 bps 63,046,458 bytes 0 bytes 0 bytes 0 bps 3,158,306 bps 0 bps 0 bps 0 bps
Configuration Files
l
Configuration file of Router A.

# sysname RouterA # vlan batch 10 # interface GigabitEthernet 1/0/0 undo shutdown ip address 20.1.1.1 255.255.255.0 trust upstream default # interface GigabitEthernet 4/0/0.1 ip address 10.1.1.1 255.255.255.0 vlan-type dot1q 10 trust upstream default trust 802.1p # ospf 1 area 0.0.0.0 network 20.1.1.0 0.0.0.255 network 10.1.1.0 0.0.0.255 # return
Issue 03 (2008-09-22)
4-43

l
Configuration file on Router B

# sysname RouterB # vlan batch 10 # diffserv domain default 8021p-inbound 2 phb ef green ip-dscp-outbound ef green map 34 # interface GigabitEthernet 2/0/0.1 ip address 10.1.1.2 255.255.255.0 vlan-type dot1q 10 trust upstream default trust 802.1p # interface GigabitEthernet 3/0/0 undo shutdown ip address 11.1.1.1 255.255.255.0 # ospf 1 area 0.0.0.0 network 11.1.1.0 0.0.0.255 network 10.1.1.0 0.0.0.255 # return
4.5.4 Example for Configuring Priority Mapping Based on the Simple Traffic Classification (MPLS)
As shown in Figure 4-4, Router A, Router B, and Router C establish MPLS neighbor relationship. When IP packets reach Router A, it adds MPLS header to the packets. The packets are then transmitted from Router A to Router C as MPLS packets. When the MPLS packets reach Router C, Router C removes the MPLS headers and the packets are sent out from Router C as IP packets. It is necessary to configure Router A to change the priority of MPLS packets when required. Similarly, it is necessary to configure Router C to change the priority of IP packets at any given time. Figure 4-4 Mapping from DSCP priority to MPLS priority
NOTE
l l
Assume that the three routers in this example have been configured to forward IP packets as MPLS packets from Router A to Router C, and are sent as IP packets again when they flow out of Router C. This example lists only the commands related to the QoS.
4-44
Issue 03 (2008-09-22)
The configuration roadmap is as follows: 1. 2. On the inbound interface POS 1/0/0 of Router A, set the mapping from the IP DSCP field to the MPLS EXP field and enable simple traffic classification. On the inbound interface POS 1/0/0 of Router C, set the mapping from the MPLS EXP field to the IP DSCP field and enable simple traffic classification.
Data Preparation
To complete the configuration, you need the following data: The MPLS EXP value, internal CoS and color inside the router, and the IP DSCP value
1. Configure basic MPLS functions and routes (not mentioned). For details, see the Chapter "Basic MPLS Configuration" in the Quidway NetEngine80E/ 40E Router Configuration Guide MPLS. 2. Set the mapping between DSCP field and EXP field at POS1/0/0 on Router A.
<RouterA> system-view [RouterA] diffserv domain default [RouterA-dsdomain-default] ip-dscp-inbound 18 phb af4 green [RouterA-dsdomain-default] mpls-exp-outbound af4 green map 5 [RouterA-dsdomain-default] quit [RouterA] interface pos 1/0/0 [RouterA-Pos1/0/0] undo shutdown [RouterA-Pos1/0/0] trust upstream default [RouterA] interface pos 2/0/0 [RouterA-Pos2/0/0] undo shutdown [RouterA-Pos2/0/0] trust upstream default [RouterA-Pos2/0/0] quit
After the above settings, the AF2 green service (DSCP value 18) is converted into the AF4 service on the inbound interface of Router A. On the outbound interface, the AF4 service is converted into the EF service of the MPLS service (MPLS priority 5). 3. Set the mapping from MPLS priority 5 to DSCP AF3 at POS1/0/0 on Router C.
<RouterC> system-view [RouterC] diffserv domain default [RouterC-dsdomain-default] mpls-exp-inbound 5 phb af3 green [RouterC-dsdomain-default] ip-dscp-outbound af3 green map 32 [RouterC] interface pos 1/0/0 [RouterC-Pos1/0/0] undo shutdown [RouterC-Pos1/0/0] trust upstream default [RouterC] interface pos 2/0/0 [RouterC-Pos2/0/0] undo shutdown [RouterC-Pos2/0/0] trust upstream default [RouterC-Pos2/0/0] quit
Configure the mapping from MPLS priority 5 to AF3 green service on the inbound interface of Router C and configure on the outbound interface the conversion from AF3 green service to DSCP value 32. The traffic going out of Router C is of AF4. 4. Check the configuration. After the preceding settings, when POS 1/0/0 on Router A sends packets at 100 Mbit/s with the DSCP value of 18, Router C outputs packets with the DSCP value of 32 at 100 Mbit/ s.
Configuration Files
l
Configuration file on Router A

# sysname RouterA # diffserv domain default ip-dscp-inbound 18 phb af4 green mpls-exp-outbound af4 green map 5 # interface Pos1/0/0 undo shutdown ip address 2.2.2.1 255.255.255.0 trust upstream default # interface Pos2/0/0 undo shutdown ip address 3.3.3.1 255.255.255.0 trust upstream default # return
Configuration file of Router C

# sysname RouterC # diffserv domain default ip-dscp-outbound af3 green map 32 mpls-exp-inbound 5 phb af3 green # interface Pos1/0/0 undo shutdown ip address 4.4.4.1 255.255.255.0 trust upstream default # interface Pos2/0/0 undo shutdown ip address 5.5.5.1 255.255.255.0 trust upstream default # return
4-46
Issue 03 (2008-09-22)
5 QPPB Configuration
5
About This Chapter
QPPB Configuration
This chapter describes concepts and configuration steps of QPPB. 5.1 Introduction This section describes the basic concept of QPPB. 5.2 Configuring QPPB This section describes the configuration procedures of QPPB. 5.3 Configuration Examples This section provides an example for configuring QPPB. 5.4 Maintaining QPPB Configuration This section describes the methods for fault analysis and troubleshooting QPPB.
Issue 03 (2008-09-22)
5-1
5.1 Introduction
This section describes the basic concept of QPPB. 5.1.1 QPPB Overview 5.1.2 QPPB Supported by the NE80E/40E
5.1.1 QPPB Overview

The NE80E/40E provides the QoS Policy Propagation through the Border Gateway Protocol (QPPB) feature. With the QPPB feature, the BGP route sender can set community attributes for BGP routes by matching the route with route policies; the BGP route receiver can set traffic behaviors for BGP routes based on the BGP community attribute, AS path list, ACL number, and prefix list. The traffic behavior, together with the routing information, is delivered to the FIB. The route receiver forwards packets. It then can apply different QoS polices based on the traffic behavior and local polices for receiving routes. QPPB configuration involves that on the route sender and that on the route receiver.
l
On the BGP route sender, you can set attributes, by matching route polices, for the BGP route to be sent out, such as AS path, community attribute, and extended community attribute. On the BGP route receiver: By matching the routing policy for receiving routes, you can set QoS parameters for received BGP routes based on the attribute such as AS path, community attribute, and extended community attribute of the routes. The product only supports setting traffic behaviors for traffic that matches the policy for receiving BGP routes. When the BGP route receiver forwards packets, it applies different QoS policies to the packets according to the associated traffic behavior. Thus, QPPB is carried out.
l l
With the QPPB feature, the BGP route sender can classify routes in advance based on the community attribute; the BGP receiver can apply different QoS policies to BGP routes based on the community attribute set on the BGP route sender. In the complex networking environment, the policy for route classification needs to be changed periodically. QPPB can simplify the process of changing the policy on the BGP receiver. Using QPPB, you can change the routing policy on the BGP receiver by changing the policy on the BGP sender.
5.1.2 QPPB Supported by the NE80E/40E

NE80E/40E supports traffic classification according to community attributes, ACLs, prefixes, or AS paths and the definition of QoS policies. The reduces the workload of modifying configuration resulting from the frequent change of network structure.
5.2 Configuring QPPB

This section describes the configuration procedures of QPPB. 5.2.1 Establishing the Configuration Task
5.2.2 Configuring the Routing Policy on the BGP Route Sender 5.2.3 Advertising Routing Policy on the Route Sender 5.2.4 Configuring the Traffic Behavior on the Route Receiver 5.2.5 Configuring a Routing Policy to the Route Receiver 5.2.6 Applying a Routing Policy to the Route Receiver 5.2.7 Applying QPPB to the Interface 5.2.8 Checking the Configuration

Application Environment
In the large-scaled complex network, a lot of complex traffic classification must be performed and it is unable to classify packets based on the community attribute, ACL number, prefix, or AS path list. If the network structure is not very stable, it is very difficult to modify the network configuration. Applying QPPB can decrease the workload for modifying the configuration. QPPB enables the BGP route sender to classify routes in ahead by setting BGP attributes. Thus, the route receiver only needs to configure BGP route policies when the network topology changes. This simplifies the policy modification at the route receiver. QPPB is applicable to both IBGP and EBGP. So, QPPB can be configured in the same AS or among different ASs. As shown in Figure 5-1, Router B is the BGP route sender and Router A is the receiver. Router B advertises BGP routes that carry the community attribute to Router A. When receiving the BGP route, Router A associates the BGP route with the traffic behavior based on the community list number, ACL number, or BGP AS path list. When QPPB is enabled on the inbound interface, the routing policy has an effect on all the traffic that goes into Router A. Figure 5-1 Networking diagram for applying QPPB
Before configuring QPPB, complete the following tasks:
l
Configure the basic functions of BGP

Issue 03 (2008-09-22)
l l
Configure the local routes advertised by BGP Configure the interfaces used for setting up BGP connection
Data Preparation
To configure QPPB, you need the following data. No. 1 2 3 Data Traffic behavior name , DSCP value, IP precedence, CIR, CBS, PIR, and PBS Name of the routing policy Matching rule, ACL number, AS path list, community attribute, route cost, and IP address prefix list
5.2.2 Configuring the Routing Policy on the BGP Route Sender

Context
Do as follows on the BGP route sender:
Procedure
Step 1 Run:
system-view

route-policy route-policy-name { permit | deny } node node-number
The node of the routing policy is created and the policy view is displayed Step 3 Choose one of the following command to configure the matching rule of the routing policy:
l
To match ACL rules, run:

if-match acl acl-number.
To match the AS path list in the BGP route, run:

if-match as-path-filter as-path-filter &<1-16>.
To match the community attribute in the BGP route, run:

if-match community-filter { basic-comm-filter-num [ whole-match ] | ext-commfilter-num } * &<1-16>.
To match the route cost, run:

if-match cost cost.
To match the IP address prefix list, run:

if-match ip-prefix ip-prefix.
Step 4 Choose one of the following command to set the community attribute for BGP routes by matching the routing policy:

l
To set the AS path list number, run:

apply as-path as-number &<1-10> [ additive ]
To set the community attribute, run

apply community { [ community-number | aa:nn ] &<1-16> | internet | noadvertise | no-export | no-export-subconfed } * [ additive ]
To set the route cost, run:

apply cost [ + | - ] cost.
AS path list number, community attribute, and the extended community attribute are used to set the BGP route attribute for the routes that match the routing policy. You need to only configure one of them. ----End
5.2.3 Advertising Routing Policy on the Route Sender

Context
Procedure
Step 1 Run:
system-view

bgp as-number
The BGP view is displayed. Step 3 Run:

peer { ip-address | group-name } route-policy route-policy-name export
The routing policy is applied to the BGP routes advertised to the peer. Step 4 Run:
peer ip-address advertise-community
The community attribute is advertised to the peer. By default, BGP does not advertise the community attribute to the peer. When you set QoS policies to enable the peers to match the routing policy based on the community attribute, you need to enable advertising the community attribute to the peer. ----End
5.2.4 Configuring the Traffic Behavior on the Route Receiver

Context
Procedure
Step 1 Run:
system-view

A traffic behavior is set and the behavior view is displayed. Step 3 Do as follows as required:
l
To configured the traffic policing action, run :

car { cir cir-value [ pir pir-value] } [ cbs cbs-value pbs pbs-value ] [ { green { discard | pass [ service-class class color color ] } } | { yellow { discard | pass [ service-class class color color ] } } | {red { discard | pass [ service-class class color color ] } } ]*
To mark the DSCP value of IP packets, run:

remark dscp dscp-value
To mark the IP precedence of IP packets, run:

To allow matched packets to pass, run:

permit
To deny the matched packets, run:

deny
----End
5.2.5 Configuring a Routing Policy to the Route Receiver

Context
A routing policy consists of several nodes and each node consists of multiple if-match and apply clauses. You can set multiple if-match clauses for each node. The logical relation of the clauses for the same node is AND. That is, a packet can pass the routing policy only when it matches all the clauses. The logical relation of the clauses for different nodes is OR. That is, a packet can pass the routing policy if it matches one of the nodes. In step 3, you can choose one or more matching rules according to the type of traffic classification required:
l l
To classify traffic based on ACL list, choose acl acl-number. To classify traffic based on AS path list of BGP routes, choose as-path-filter as-pathfilter &<1-16>. You can set up to 16 path filters. To classify traffic based on the community attribute list of BGP routes (basic or extended), choose community-filter. You can specify up to 16 community attribute lists. You can also choose whole-match to classify traffic based on all the basic community attribute lists. To classify traffic based on the cost of routes, choose cost cost.
5-6

l
To classify traffic based on the IP address prefix list, choose ip-prefix ip-prefix-name.
In step 4, the specified traffic behavior must be defined in advance. Do as follows on the BGP route receiver:
Procedure
Step 1 Run:
system-view

The node of the routing policy is created and the policy view is displayed. Step 3 Choose one of the following commands to configure the matching rule on the route receiver for receiving routes:
l
To match the AS path list in the BGP route, run

if-match as-path-filter as-path-filter &<1-16>
To match the community attribute in the BGP route, run

if-match community-filter { basic-comm-filter-num [ whole-match ] | ext-commfilter-num } * &<1-16>
To match the route cost, run

if-match cost cost.
Step 4 Run:
apply behavior behavior-name
or
apply ip-precedence precedence-value
The specified traffic behavior or IP precedence is associated with the matched routing policy.
NOTE
The traffic behavior or IP precedence to be associated with the routing policy must be defined in advance.
----End
5.2.6 Applying a Routing Policy to the Route Receiver

Context
Do as follows on the BGP route receiver:
Procedure
Step 1 Run:
system-view

Step 2 Run:
bgp as-number
BGP is run and the BGP view is displayed. Step 3 Run:

peer ip-address route-policy route-policy-name import
The routing policy is applied to the routes received from the peer (route sender). ----End
5.2.7 Applying QPPB to the Interface

Context
QPPB and QoS actions can be applied only to the inbound interface. The QPPB configured at the outbound interface has an effect on all the packets that match the rules. BGP route in QPPB refers to only public BGP routes. In private networks, QPPB is applied in L3VPN. Do as follows on the BGP route receiver:
Procedure
Step 1 Run:
system-view


qppb-policy behavior { source | destination }
QPPB is applied to the inbound interface. The router looks up FIB based on the source or destination IP address to perform traffic behaviors. ----End

In any of the views, use the following display command to check the configuration. Action Display QPPB Command display fib verbose [ | { begin | exclude | include } regular-expression ]
If the configuration succeeds, the QosInfo item in the display of FIB information is 0x2000000. Of the information related to the QosInfo item, 0x2 means that the interface on Router A matches
QPPB; 0000001 means that the IP precedence matched based on destination addresses is 1. The following information is displayed when you run the above command:
[Quidway] display fib verbose FIB Table: Total number of Routes : 1 Destination: 66.1.1.1 Mask : 255.255.255.255 Nexthop : 100.1.1.2 OutIf : Pos1/0/0 LocalAddr : 100.1.1.1 LocalMask: 0.0.0.0 Flags : DGU Age : 165sec ATIndex : 0 Slot : 1 LspFwdFlag : 0 LspToken : 0x0 InLabel : NULL OriginAs : 200 BGPNextHop : 2.2.2.2 PeerAs : 200 QosInfo : 0x20000001 OriginQos: 0x0 NexthopBak : 0.0.0.0 OutIfBak : [No Intf] LspTokenBak: 0x0 InLabelBak : NULL LspToken_ForInLabelBak : 0x0 EntryRefCount : 1 rt_ulVlanId : 0x0 rt_ulVlinkBak : NULL

This section provides an example for configuring QPPB. 5.3.1 Example for QPPB Configuration
5.3.1 Example for QPPB Configuration

As shown in Figure 5-2, Router A and Router B are BGP neighbors. Router B is the sender of BGP routes, while Router A is the receiver of the BGP route. The BGP route from Router B to Router A has been configured with community attribute. The community attributes are set on Router A for BGP routes received from Router B. After Router A receives a BGP route from Router B, it sets the traffic behavior for the imported route by matching the community attribute using routing policy. Then, it applies the traffic behavior to all the incoming packets that match the BGP community attribute. Figure 5-2 Networking diagram of QPPB configuration
Issue 03 (2008-09-22)
5-9
The configuration roadmap is as follows: 1. 2. 3. 4. Configure basic BGP functions. On Router B, create a routing policy to set the community attribute of the sent routes; advertise the routing policy through BGP. On Router A, apply the routing policy and set the traffic behavior. Enable QPPB on the inbound interface.
Data Preparation
l l l
IP addresses of the interfaces Route policy name, matching rules, and route attribute Traffic behavior name and the related traffic actions
1. Configure basic BGP functions on Router A and Router B. # Configure the Loopback interface of Router A and that of Router B.
<RouterA> system-view [RouterA] interface loopback 0 [RouterA-LoopBack0] ip address 1.1.1.1 255.255.255.255 [RouterA-LoopBack0] return <RouterB> system-view [RouterB] interface loopback 0 [RouterB-LoopBack0] ip address 2.2.2.2 255.255.255.255 [RouterB-LoopBack0] quit [RouterB] interface loopback 10 [RouterB-LoopBack10] ip address 66.1.1.1 255.255.255.255 [RouterB-LoopBack10] return
# Configure the directly connected interfaces between Router A and Router B, and that between Router A and Router C.
<RouterA> system-view [RouterA] interface pos 2/0/0 [RouterA-Pos2/0/0] undo shutdown [RouterA-Pos2/0/0] ip address 100.1.1.1 255.255.255.0 [RouterA-Pos2/0/0] quit [RouterA] interface gigabitethernet 1/0/0 [RouterA-GigabitEthernet1/0/0] undo shutdown [RouterA-GigabitEthernet1/0/0] ip address 200.1.1.2 255.255.255.0 [RouterA-GigabitEthernet1/0/0] return <RouterB> system-view [RouterB] interface pos 1/0/0 [RouterB-Pos1/0/0] undo shutdown [RouterB-Pos1/0/0] ip address 100.1.1.2 255.255.255.0 [RouterB-Pos1/0/0] return <RouterC> system-view [RouterC] interface gigabitethernet1/0/0 [RouterC-GigabitEthernet1/0/0] undo shutdown [RouterC-GigabitEthernet1/0/0] ip address 200.1.1.1 255.255.255.0 [RouterC-GigabitEthernet1/0/0] return
# Enable OSPF and advertise the route to the IP address of the interface.
<RouterA> system-view [RouterA] ospf [RouterA-ospf-1] area 0
5-10
Issue 03 (2008-09-22)

[RouterA-ospf-1-area-0.0.0.0] [RouterA-ospf-1-area-0.0.0.0] [RouterA-ospf-1-area-0.0.0.0] [RouterA-ospf-1-area-0.0.0.0] [RouterA-ospf-1] return <RouterB> system-view [RouterB] ospf [RouterB-ospf] area 0 [RouterB-ospf-1-area-0.0.0.0] [RouterB-ospf-1-area-0.0.0.0] [RouterB-ospf-1-area-0.0.0.0] [RouterB-ospf-1] return <RouterC> system-view [RouterC] ospf [RouterC-ospf] area 0 [RouterC-ospf-1-area-0.0.0.0] [RouterC-ospf-1-area-0.0.0.0] <RouterA> system-view [RouterA] bgp 100 [RouterA-bgp] peer 2.2.2.2 [RouterA-bgp] peer 2.2.2.2 [RouterA-bgp] peer 2.2.2.2 [RouterA-bgp] import-route [RouterA-bgp] return <RouterB> system-view [RouterB] bgp 200 [RouterB-bgp] peer 1.1.1.1 [RouterB-bgp] peer 1.1.1.1 [RouterB-bgp] peer 1.1.1.1 [RouterB-bgp] import-route [RouterB-bgp] return network 1.1.1.1 0.0.0.0 network 100.1.1.0 0.0.0.255 network 200.1.1.0 0.0.0.255 quit
network 2.2.2.2 0.0.0.0 network 100.1.1.0 0.0.0.255 quit
network 200.1.1.0 0.0.0.255 return
# Create EBGP connections between Router A and Router B.

as-number 200 ebgp-max-hop 3 connect-interface loopback 0 direct
as-number 100 ebgp-max-hop 3 connect-interface loopback 0 direct
# Create IGP connections between Router A and Router C

<RouterA> system-view [RouterA] bgp 100 [RouterA-bgp] peer 200.1.1.1 as-number 100 [RouterA-bgp] import-route direct [RouterA-bgp] quit <RouterC> system-view [RouterC] bgp 100 [RouterC-bgp] peer 200.1.1.2 as-number 100 [RouterC-bgp] import-route direct [RouterC-bgp] quit
2.
After the said configuration, Router A, Router B, and Router C can communicate. Set the routing policy on the route sender, Router B. # Set the IP prefix.
<RouterB> system-view [RouterB] ip ip-prefix bb permit 66.1.1.1 32 [RouterB] return
# Set the routing policy.

<RouterB> system-view [RouterB] route-policy [RouterB-route-policy] [RouterB-route-policy] [RouterB-route-policy] aa permit node 10 if-match ip-prefix bb apply community 10:10 return
# Advertise the routing policy.

<RouterB> system-view [RouterB] bgp 200 [RouterB-bgp] peer 1.1.1.1 route-policy aa export [RouterB-bgp] peer 1.1.1.1 advertise-community [RouterB-bgp] return
3.
On Router A, set the routing policy for receiving BGP routes and apply traffic behaviors to the traffic that matches the specified community attribute.
Issue 03 (2008-09-22)
# Set the QoS policy, that is, traffic behavior.

<RouterA> system-view [RouterA] traffic behavior dd [RouterA-behavior-dd] remark ip-precedence 1 [RouterA-behavior-dd] return
# Set the routing policy for receiving BGP routes and apply the traffic behavior to the route that matches the community attribute.
<RouterA> system-view [RouterA] ip community-filter 10 permit 10:10 [RouterA] route-policy aa permit node 10 [RouterA-route-policy] if-match community-filter 10 [RouterA-route-policy] apply behavior dd [RouterA-route-policy] return
# On Router A, apply the routing policy to the routes advertised by Router B.

<RouterA> system-view [RouterA] bgp 100 [RouterA-bgp] peer 2.2.2.2 route-policy aa import [RouterA-bgp] return
4.
On Router A, apply QPPB to the inbound interface.

l
If the traffic flows from Router B to Router C, configure QPPB on the inbound interface POS 2/0/0.
<RouterA> system-view [RouterA] interface pos 2/0/0 [RouterA-Pos2/0/0] qppb-policy behavior source [RouterA-Pos2/0/0] return
If the traffic flows from Router C to Router B, configure QPPB on the inbound interface GE 1/0/0. The configuration for this example is as follows:
<RouterA> system-view [RouterA] interface gigabitethernet 1/0/0 [RouterA-GigabitEthernet1/0/0] qppb-policy behavior destination [RouterA-GigabitEthernet1/0/0] return
5.
Check the configuration. # Display the FIB information on Router A.

[RouterA] display fib verbose FIB Table: Total number of Routes : 1 Destination: 66.1.1.1 Mask : 255.255.255.255 Nexthop : 100.1.1.2 OutIf : Pos2/0/0 LocalAddr : 100.1.1.1 LocalMask: 0.0.0.0 Flags : DGU Age : 165sec ATIndex : 0 Slot : 1 LspFwdFlag : 0 LspToken : 0x0 InLabel : NULL OriginAs : 200 BGPNextHop : 2.2.2.2 PeerAs : 200 QosInfo : 0x20000001 OriginQos: 0x0 NexthopBak : 0.0.0.0 OutIfBak : [No Intf] LspTokenBak: 0x0 InLabelBak : NULL LspToken_ForInLabelBak : 0x0 EntryRefCount : 1 rt_ulVlanId : 0x0 rt_ulVlinkBak : NULL
Of the information related to the QosInfo item, 0x2 means that the interface on Router A matches QPPB; 0000001 means that the IP precedence matched based on destination addresses is 1.
Configuration Files
l

#
5-12
Issue 03 (2008-09-22)

sysname RouterA # traffic behavior dd remark ip-precedence 1 # interface GigabitEthernet1/0/0 undo shutdown ip address 200.1.1.2 255.255.255.0 qppb-policy behavior destination # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 100.1.1.1 255.255.255.0 qppb-policy behavior source # interface LoopBack0 ip address 1.1.1.1 255.255.255.255 # bgp 100 peer 2.2.2.2 as-number 200 peer 2.2.2.2 ebgp-max-hop 3 peer 2.2.2.2 connect-interface LoopBack0 peer 200.1.1.1 as-number 100 # ipv4-family unicast undo synchronization import-route direct peer 2.2.2.2 enable peer 2.2.2.2 route-policy aa import peer 200.1.1.1 enable # ospf 1 area 0.0.0.0 network 1.1.1.1 0.0.0.0 network 100.1.1.0 0.0.0.255 network 200.1.1.0 0.0.0.255 # route-policy aa permit node 10 if-match community-filter 10 apply behavior dd # ip community-filter 10 permit 10:10 # return l
Configuration files of Router B

# sysname RouterB # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.1.1.2 255.255.255.0 # interface LoopBack0 ip address 2.2.2.2 255.255.255.255 # interface LoopBack10 ip address 66.1.1.1 255.255.255.255 # bgp 200 peer 1.1.1.1 as-number 100 peer 1.1.1.1 ebgp-max-hop 3 peer 1.1.1.1 connect-interface LoopBack0 # ipv4-family unicast undo synchronization import-route direct peer 1.1.1.1 enable
Issue 03 (2008-09-22)
5-13
peer 1.1.1.1 route-policy aa export peer 1.1.1.1 advertise-community quit
# ospf 1 area 0.0.0.0 network 2.2.2.2 0.0.0.0 network 100.1.1.0 0.0.0.255 # route-policy aa permit node 10 if-match ip-prefix bb apply community 10:10 # ip ip-prefix bb index 10 permit 66.1.1.1 32 # return l
Configuration file on Router C

# sysname RouterC # interface gigabitethernet1/0/0 undo shutdown ip address 200.1.1.1 255.255.255.0 # bgp 100 peer 200.1.1.2 as-number 100 # ipv4-family unicast undo synchronization import-route direct peer 200.1.1.2 enable # ospf 1 area 0.0.0.0 network 200.1.1.0 0.0.0.255 # return
5.4 Maintaining QPPB Configuration

This section describes the methods for fault analysis and troubleshooting QPPB. 5.4.1 Troubleshooting
Fault Description
QoS does not take effect on packets according to the QPPB configuration.
Fault Analysis
The possible causes for the fault are as follows:
l
BGP routes fail to be received or BGP routes are obtained through other protocols that have a higher precedence than BGP. The routing policy is not applied. QoS parameters are not delivered to the FIB table.
l l
5-14

l l
The routing policy is wrong. No QPPB policy is applied on the interface.
1. Use the display ip routing-table command to check whether the route is received. If the route is not received, there is a fault with BGP. As a result, BGP configuration fails. If the route exists but it is received through other routing protocols, modify the configuration of other routing protocols. 2. 3. Use the display fib command to check whether QoS parameters are delivered correctly. If the parameters are not delivered correctly, the routing policy fails. Use the display current-configuration command to check if the QPPB policy is configured correctly on the interface.
Issue 03 (2008-09-22)
5-15
6 VPN QoS Configuration
6
About This Chapter
VPN QoS Configuration
This chapter describes the implementation and configuration of QoS policies in VPN. 6.1 Introduction This section describes the basic concepts of VPN QoS. 6.2 Configuring QPPB in L3VPNs This section describes the procedure of configuring QPPB in an L3VPN. 6.3 Configuring Hierarchical Resource Reserved L3VPNs This section describes the procedure of configuring a hierarchical resource reserved L3VPN. 6.4 Configuring Hierarchical Resource Reserved L2VPNs This section describes the procedure of configuring a hierarchical resource reserved L2VPN. 6.5 Example For Configuring VPN QoS This section provides examples for configuring VPN QoS. 6.6 Maintaining VPN QoS Configuration This section describes the method for the fault analysis and troubleshooting, when QPPB cannot be used.
Issue 03 (2008-09-22)
6-1
6.1 Introduction
This section describes the basic concepts of VPN QoS. 6.1.1 VPN QoS Overview 6.1.2 VPN QoS Features Supported by the NE80E/40E
6.1.1 VPN QoS Overview

With the development and maturity of Virtual Private Network (VPN) services, service providers and users pose pressing demands on VPN QoS similar to that provided by dedicated physical lines. The NE80E/40Ecombines Multi-protocol Label Switch (MPLS), VPN, Integrated Service (IntServ), and Differentiated Service (DiffServ) features, providing customers with VPN QoS deployment solutions to the entire network.
QPPB on VPN
To deploy end-to-end QoS services on a VPN, especially on a large and complex network, you need to configure many attributes related to traffic classification. You are unable to configure traffic classification according to the community attributes, Access Control List (ACL), prefix, or Autonomous Systempath (AS-path). If the network architecture changes frequently, network administrators have to make tremendous configurations, which are impractical for them. You can, however, reduce the workload of configurations by deploying the QoS Policy Propagation through the Border Gateway Protocol (QPPB) on the Layer 3 VPN (L3VPN). With the QPPB technology, the BGP route sender can classify routes by setting BGP attributes in advance; the BGP route receiver can use different local QoS policies on BGP routes according to the attributes set by the BGP route sender. As a result, in a complex networking environment, when the network topology changes, the route receiver only needs to change the routing policies on the BGP route sender, making the configuration simpler.
Resource Reserved VPN

MPLS TE tunnels can provide VPN services with guaranteed QoS. Sometimes multiple VPNs share the same MPLS TE tunnel, but VPNs demand different resources. When a tunnel carries Expedited Forwarding (EF), Assured Forwarding (AF), and Best-Effort (BE) services at the same time, these services interference each other. When VPNs compete for the resources, the service quality decreases. For example, if one VPN is attacked, other VPNs cannot communicate normally. To solve this problem, you can set up a dedicated MPLS TE tunnel with guaranteed QoS for each CE-to-CE connection. In this mode, however, the backbone network needs many Label Switching Paths (LSPs), resulting in resources waste. The resource reserved VPN can solve the preceding problem. The resource reserved VPN can identify both VPN users in an MPLS TE tunnel and services of a VPN user, provides VPNs users with reasonable bandwidth, and thus end-to-end QoS.
6.1.2 VPN QoS Features Supported by the NE80E/40E

QPPB on VPN
As a QoS policy, QPPB on L3VPN can transmit private network routes through BGP. This extends QPPB application in L3VPN. The policy of QPPB on L3VPN can be applied to VPN instances and VPNv4. When QPPB is implemented on the private network route of a specific VPN instance, the inbound and outbound routing policy should be implemented on the VPN instance. If QPPB is implemented on the private network route of all VPN instances, the inbound and outbound routing policy should be applied to VPNv4 neighbors of BGP, as shown in Figure 6-1. Figure 6-1 Networking diagram of QPPB on L3VPN
PE1 is connected with CE1 and CE2, and PE2 is connected with CE3 and CE4. CE1 and CE3 are located in VPN1, and CE2 and CE4 are located in VPN2. The process of implementing QPPB on L3VPN in the VPN instance is as follows:
l
Use the outbound routing policy for VPN1 instance to set the community attribute of VPN routes from CE1. Then PE1 can send the VPN routes to PE2 when PE1 receives the route from CE1. After PE2 receives the VPN routes sent from PE1, it sets traffic behavior for the VPN routes to CE3 by matching the inbound routing policy of VPN1 instance when it imports the routes to its local VPN routing table.
The process for implementing VPN QoS in the VPNv4 is as follows:

l
When PE1 sends VPNv4 routes to PE2, it sets the community attribute for the routes by using the outbound routing policy for its VPNv4 neighbors. After PE2 receives the VPNv4 routes from PE1, it sets traffic behavior for the routes by matching the inbound routing policy for its VPNv4 neighbors.
Hierarchical Resource Reserved VPN

The NE80E/40Esupports hierarchical resource reserved VPNs. The routers can allocate bandwidth resources for different VPNs, or services of different priorities from the same VPN, over one MPLS TE tunnel. This solves the problems of service interference and bandwidth competition over one MPLS TE tunnel and provides VPN users with end-to-end QoS guarantee.
The hierarchical resource reserved VPN adopts the tunnel multiplex technology.
l
To solve the problem of resources competition among multiple VPNs sharing one MPLS TE tunnel between two provider edge routers (PEs), configure traffic policing on the inbound interface of an MPLS TE tunnel for each VPN. To provide services for a VPN user, a service provider signs a QoS service agreement with the user to specify the bandwidth required by the VPN user. To solve the problem of interference among services of VPN users, classify the traffic from VPN users and arrange the different types of traffic into the corresponding queues, which are provided with committed bandwidths. To solve the problem of resources competition between VPN traffic and non-VPN traffic in an MPLS TE tunnel, configure committed bandwidths for MPLS TE tunnels and all VPN traffic. The total bandwidth of an MPLS TE tunnel is the sum of both the bandwidth of all VPN traffic and that of the non-VPN traffic. The traffic from different VPNs is implemented with statistical multiplexing. If the traffic of one VPN does not occupy all the preset bandwidth, traffic of other VPNs can use the remaining bandwidth.
Figure 6-2 Principle diagram for hierarchical resource reserved VPNs
As shown in Figure 6-2, PE1 and PE2 connect the two VPNs (VPN A and VPN B). CE1 and CE3 are in VPN A, and CE2 and CE4 are in VPN B. VPN A and VPN B share the tunnel between PE1 and PE2. Suppose the total configured bandwidth of the tunnel is 10 Mbit/s. VPN A needs a bandwidth of 2 Mbit/s and VPN B needs a bandwidth of 3 Mbit/s. The remaining bandwidth for non-VPN traffic is 5 Mbit/s. The voice services in VPN A demand short latency; these service packets are arranged into the EF queue for privileged scheduling and are provided with 1 Mbit/s committed bandwidth. When no voice services exist, video or other data services are allowed to use the free bandwidth preset for voice services. You can configure hierarchical resource reserved VPNs so that the bandwidths of VPN A and VPN B, and the bandwidth for the voice services in VPN A are all guaranteed. The resource reserved VPN also supports TE Fast Reroute (FRR), hot backup of active/standby Label Switch Paths (LSPs), and Bidirectional Forwarding Detection (BFD) of active/standby LSPs.

NOTE
In the case of Label Distribution Protocol (LDP) over TE, even though the bandwidth of an MPLS TE tunnel is limited, the LDP traffic in the MPLS tunnel is not limited. The resource reserved VPN enables one MPLS TE tunnel to transport L3VPN, VLL, and VPLS services at the same time, with the bandwidth resources being reserved.
Introduction to MPLS DiffServ Models

The DSCP field (6 bits) in the header of the IP packet is used to define the Class of Service (CoS). In the MPLS label, the EXP field (3 bits) is also used to define the CoS. See Figure 6-3. Figure 6-3 The DSCP field in the IP packet and the EXP field in the MPLS packet
In the MPLS DiffServ model, packets are processed in the following steps:
l
When a packet enters the MPLS network, a label is added to the packet. The DSCP field in the packet is copied to the EXP field. In the MPLS network, the PHB is chosen according to the EXP value in the packet. Each EXP value is mapped with a PHB. When the packet leaves the MPLS network, the label is stripped. Then, the PHB is chosen according to the DSCP or EXP field. Each DSCP value is also mapped with a PHB.
The MPLS DiffServ model defines the following factors for the packets that pass through an MPLS network: the manner in which the DSCP field and the EXP field are propagated and PHB such as CoS and color after the packet leaves the MPLS network. Thus, transmission with differentiated QoS is carried out. In the RFC 3270, three MPLS DiffServ models are defined: Uniform, Pipe, and Short Pipe.
l
Uniform Model The ingress PE adds a label to the packet by copying the DSCP value to the EXP field. If the EXP value is changed in the MPLS network, the change affects the PHB adopted when the packet leaves the MPLS network. That is, the egress PE adopts the PHB according to the EXP value. See Figure 6-4.
Issue 03 (2008-09-22)
6-5
Figure 6-4 Uniform model
Pipe Model In the Pipe model, the user-defined CoS and color together determine the EXP value that is added to the MPLS label by the ingress PE. The default mapping between the CoS value and the EXP value is shown in Table 6-1. If the EXP value is changed in the MPLS network, the change is valid only in the MPLS network. The egress PE selects the PHB according to the EXP value. When the packet leaves the MPLS network, the DSPC value becomes effective again. See Figure 6-5.
NOTE
The Pipe model does not support the Penultimate Hop Popping of the MPLS label.
Table 6-1 Default mapping between the CoS value and the EXP value Service BE AF1 AF2 AF3 AF4 EF CS6 CS7 Color Green Green, Yellow, Red Green, Yellow, Red Green, Yellow, Red Green, Yellow, Red Green Green Green MPLS EXP 0 1 2 3 4 5 6 7
6-6
Issue 03 (2008-09-22)
Figure 6-5 Pipe model
Short Pipe Model In the Short Pipe model, the user-defined CoS and color together determine the EXP value that is added to the MPLS label by the ingress PE. If the EXP value is changed in the MPLS network, the change is valid only in the MPLS network. The egress PE selects the PHB according to the DSCP value. When the packet leaves the MPLS network, the DSPC value becomes effective again. See Figure 6-6. Figure 6-6 Short Pipe model
End-to-End VPN QoS Solutions

The NE80E/40E s provide customers with end-to-end VPN QoS solutions.

l
Implement the simple traffic classification, forcible traffic classification, or complex traffic classification of VPN service packets on the user interface side of an ingress PE. The traffic flowing through each inbound interface is configured to go to a subscriber queue (SQ). The traffic of each priority is configured to go to a flow queue (FQ). In this manner, traffic from different VPNs and traffic of different services from the same VPN are identified and scheduled with different priorities. Perform traffic policing on the network side of an ingress PE over the traffic coming from VPN users and flowing through the MPLS TE tunnel and allocate SQs for VPNs in an MPLS TE tunnel. Add MPLS labels on an ingress PE to map the precedence of an IP packet to the EXP field of an MPLS label. Mappings are either in the Uniform model or in the Pipe (or Short Pipe) model.
NOTE
When both the simple traffic classification and the Pipe (or Short Pipe) model are configured, the Pipe (or Short Pipe) model takes effect.
l
Provide committed bandwidths on an ingress PE for traffic from different VPNs that flow into one MPLS TE tunnel and traffic of different services from the same VPN that flow into one MPLS TE tunnel. Implement the mapping of MPLS EXP and DSCP of IP packets according to the configured mapping model on an egress PE. Perform priority scheduling and traffic shaping over the traffic on the interface of the user side. Perform differentiated queue scheduling according to the EXP field of the MPLS label on the P node.
6.2 Configuring QPPB in L3VPNs

This section describes the procedure of configuring QPPB in an L3VPN. 6.2.1 Establishing the Configuration Task 6.2.2 Configuring a Routing Policy on the BGP Route Sender 6.2.3 Advertising a Routing Policy on the Route Sender 6.2.4 Configuring a Traffic Behavior on the Route Receiver 6.2.5 Configuring a Routing Policy on the Route Receiver 6.2.6 Applying a Routing Policy on the Route Receiver 6.2.7 Applying QPPB on the Interface 6.2.8 Checking the Configuration

To deploy end-to-end QoS services in the large-scale VPN network as shown in Figure 6-7, complex traffic classification is necessary. In addition, it is unable to classify packets based on the community attributes. If the network structure is not very stable, it is very difficult to modify the network configuration.
In this case, applying QPPB on L3VPN can decrease the workload for modifying the configuration. QPPB enables the BGP route sender to classify routes in ahead by setting BGP attributes. Thus, the route receiver only needs to configure BGP routing policies when the network topology changes. This simplifies the policy modification at the route receiver. QPPB on L3VPN can carry out both the outbound policy of routes on the public network and that of the VPN routes. It applies to both VPN instance and VPNv4, but it can be configured only on L3VPN. When configuring QPPB on L3VPN, note the following:
l l
To advertise all the routing policy of PE1, advertise the policy in the BGP VPNv4. To advertise the routing policy of PE1 for a specific VPN instance, advertise the policy only in that VPN instance. In addition, advertise the community attribute in the VPNv4 view to the peers.
Figure 6-7 Typical networking for QPPB on L3VPN
Before configuring QPPB on L3VPN, complete the following tasks:
l
Configuring the physical parameters and link attributes to ensure normal operation of the interfaces Configuring the basic BGP functions Configuring the local routes advertised by BGP Configuring the interfaces used for setting up BGP connections Configuring the BGP/MPLS IP VPN to carry out communication on the L3VPN Configuring ACLs, AS path list, IP prefix list, or community attribute list.
l l l l l
Data Preparation
To configure QPPB on L3VPN, you need the following data.
No. 1 2 3
Data Routing policy name ACL number, AS path list number, community attribute list number, route cost, and IP prefix list number Traffic behavior name, committed information rate (CIR), committed burst size (CBS), peak information rate (PIR), and peak bust size (PBS)
6.2.2 Configuring a Routing Policy on the BGP Route Sender

Context
As shown in Figure 6-7, configure PE1 as follows:
Procedure
Step 1 Run:
system-view

The node of the routing policy is created and the policy view is displayed Step 3 Choose one of the following commands to configure the matching rule of the routing policy:
l
To match ACL rules, run:

if-match acl acl-number.


Or
if-match community-filter comm-filter-name [ whole-match ] l

if-match cost cost.
To match the IP address prefix list, run:

if-match ip-prefix ip-prefix.
Step 4 Choose one of the following commands to set the community attribute for BGP routes by matching the routing policy:
l
To set the AS path list number, run:

apply as-path as-number &<1-10> [ additive ].
To set the community attribute, run:

6-10
apply community { [ community-number | aa:nn ] &<1-16> | internet | noadvertise | no-export | no-export-subconfed } * [ additive ]. l
To set the route cost, run:

apply cost [ + | - ] cost.
To set the extended community attribute, run:

apply extcommunity rt { as-number : nn | ipv4-address : nn } [ additive ]
AS path list number, community attribute, and the extended community attribute are used to set the BGP route attribute for the routes that match the routing policy. You need to configure only one of them. ----End
6.2.3 Advertising a Routing Policy on the Route Sender

Context
NOTE
l l
To advertise all the routing policies of PE1, advertise them in the BGP VPNv4. To advertise the routing policy of PE1 for a specific VPN instance, advertise the policy only in that VPN instance. In addition, advertise the community attribute in the VPNv4 view to the peers.
Procedure
l Advertising the routing policy in the BGP VPNv4 view
NOTE
Before the following configuration, set up the peer relationship in the BGP VPNv4 sub-address view.
As shown in Figure 6-7, configure PE1 as follows: 1. Run:

system-view

bgp as-number
BGP is run and the BGP view is displayed. 3. Run:

ipv4-family vpnv4 [ unicast ]
The BGP VPNv4 sub-address family view is displayed. 4. Run:

peer ip-address route-policy policy-name export
The routing policy for advertising VPNv4 routes to the peer PE2 is set. 5. Run:
peer ip-address advertise-community
The community attribute is advertised to the peer. By default, BGP does not advertise the community attribute to the peer. When you set QoS policies to enable the peers to match the routing policy based on the community attribute, you need to enable advertising the community attribute to the
peer. For detailed configuration, refer to the method for advertising routing policies in the BGP VPNv4 view. l Advertising the routing policy in the VPN instance view As shown in Figure 6-7, configure PE1 as follows: 1. Run:
system-view

ip vpn-instance vpn-instance-name
The VPN instance view is displayed. 3. Run:

export route-policy route-policy-name
The specified routing policy is applied to the VPN instance advertised by the peer PE2. When a routing policy is advertised in the VPN instance view, the local BGP community attribute must be advertised in the BGP VPNv4 view to the peer. ----End
6.2.4 Configuring a Traffic Behavior on the Route Receiver

Context
Procedure
Step 1 Run:
system-view

A traffic behavior is defined and the traffic behavior view is displayed. Step 3 Do as follows as required:
l
To set the traffic policing action, run:

car { cir cir-value [ pir pir-value] } [ cbs cbs-value pbs pbs-value ] [ green { discard | pass [ service-class class color color ] } | yellow { discard | pass [ service-class class color color ] } | red { discard | pass [ serviceclass class color color ] } ]*
To allow all the matched packets to pass, run:

permit
To deny all the matched packets, run:

deny. l
To set the precedence of IP packets again, run:

6-12

remark ip-precedence ip-precedence. l
To set the DSCP value of IP packets again, run:

remark dscp dscp-value.
----End
6.2.5 Configuring a Routing Policy on the Route Receiver

Context
Procedure
Step 1 Run:
system-view

The routing policy is created and the policy view is displayed Step 3 Choose one of the following commands to configure the matching rule on the route receiver for receiving routes:
l



if-match cost cost.
NOTE
The route attribute of the BGP routes received by the BGP receiver must be the same as that advertised by the BGP sender.
Step 4 Run:
apply behavior behavior-name
The specified traffic behavior is associated with the matched routing policy.
NOTE
The traffic behavior to be associated with the routing policy must be defined in advance.
A routing policy consists of several nodes and one of the nodes consists of multiple if-match and apply clauses. You can set multiple if-match clauses for one node. The logical relation of the clauses for the same node is AND. That is, a packet can pass the routing policy only when it matches all the clauses. The logical relation of the clauses for different nodes is OR. That is, a packet can pass the routing policy if it matches any one of the clauses.
In step 3, you can choose one or more matching rules as per the requirements of the traffic classification:
l l
To classify traffic based on ACL list, choose acl acl-number. To classify traffic based on AS path list of BGP routes, choose as-path-filter as-pathfilter &<1-16>. You can set up to 16 path filters. To classify traffic on the basis of community attribute list of BGP routes (basic or extended), choose community-filter. You can specify up to 16 community attribute lists. You can also choose whole-match to classify traffic based on all the basic community attribute lists. To classify traffic based on the cost of routes, choose cost cost. To classify traffic based on the IP address prefix list, choose ip-prefix ip-prefix-name.
l l
In step 4, the specified traffic behavior must be defined in advance. ----End
6.2.6 Applying a Routing Policy on the Route Receiver

Context
NOTE
l l
To apply a routing policy to all received routes of all the VPN instances on PE1, you can apply the routing policy in the BGP VPNv4 view. To apply a routing policy to the received routes of a specific VPN instance, you can apply the routing policy only to that VPN instance.
Procedure
l Applying a routing policy in the BGP VPNv4 view As shown in Figure 6-7, configure PE2 as follows: 1. Run:
system-view

bgp as-number
BGP is run and the BGP view is displayed. 3. Run:

ipv4-family vpnv4 [ unicast ]
The BGP VPNv4 sub-address family view is displayed. 4. Run:

peer ip-address route-policy policy-name import
The routing policy is applied to all BGP VPNv4 routes received from peer PE1. l Applying a routing policy in the VPN instance view As shown in Figure 6-7, configure PE2 as follows: 1. Run:
system-view
6-14
Issue 03 (2008-09-22)

The VPN instance view is displayed. 3. Run:

import route-policy route-policy-name
The routing policy is applied to the received routes of that VPN instance. If you apply a routing policy to VPNv4 and another to a VPN instance at the same time, the policy that is actually applied is the combination of the two policies. ----End
6.2.7 Applying QPPB on the Interface

Context
Procedure
Step 1 Run:
system-view


qppb-policy behavior { source | destination }
QPPB is applied. The router looks up FIB based on the source or destination IP address to find traffic behaviors.
NOTE
The key words destination and source indicate the traffic direction in which QPPB is applied. For example, PE1 shown in Figure 6-7 advertises routes that carry route attributes to PE2; PE2 applies traffic behaviors to all matched traffic.
l l
If the traffic flows from PE1 to PE2, run the qppb-policy behavior source command on the inbound interface. If the traffic flows from PE2 to PE1, run the qppb-policy behavior destination command on the outbound interface.
QPPB and QoS actions can be applied only to the inbound interface. The QPPB configured at the outbound interface has an effect on all the packets that match the rules. BGP route in QPPB refers to only public BGP routes. In private networks, QPPB is applied in L3VPN. ----End

In any view, use the following display command to view the operating information about QPPB on L3VPN and check the configuration. For description of the operating information, refer to "IP Service Commands" in the Quidway NetEngine80E/40E Router Command Reference. Action Display QPPB on L3VPN. Check information on routing policies. Command display fib vpn-instance vpn-instance-name ip-address verbose display route-policy [ route-policy-name ]
If the configuration succeeds, the QosInfo item in the display of FIB information is 0x20000001. The following information is displayed when you run the above command:
<Quidway> display fib vpn-instance vpn1 172.11.10.0 verbose Destination: 172.11.10.0/24 Mask : 255.255.255.0 Nexthop : 22.22.22.22 OutIf : NULL0 LocalAddr : 100.1.1.1 LocalMask: 255.255.255.0 Flags : DGU Age : 928sec ATIndex : 0 Slot : 1 LspFwdFlag : 1 LspToken : 0x2E001 InLabel : 1024 OriginAs : 0 BGPNextHop : 22.22.22.22 PeerAs : 300 QosInfo : 0x20000001 OriginQos: 0x0 NexthopBak : 0.0.0.0 OutIfBak : [No Intf] LspTokenBak: 0x0 InLabelBak : 0 LspToken_ForInLabelBak : 0x0 LspTokenBak_ForInLabelBak : 0x0 EntryRefCount
6.3 Configuring Hierarchical Resource Reserved L3VPNs

This section describes the procedure of configuring a hierarchical resource reserved L3VPN. 6.3.1 Establishing the Configuration Task 6.3.2 Configuring a Flow Queue 6.3.3 (Optional) Enabling an L3VPN to Support DiffServ Models 6.3.4 (Optional) Configuring a Class Queue 6.3.5 Configuring a Tunnel Policy and Apply It to a VPN Instance 6.3.6 Configuring a Bandwidth for an MPLS TE Tunnel 6.3.7 Binding an MPLS TE Tunnel to a VPN Instance and Specifying a QoS Policy 6.3.8 Checking the Configuration

In an L3VPN environment, sometimes multiple VPNs share one MPLS TE tunnel. This may result in the following problems: VPNs compete for resources. Services of high priorities from a VPN are not provided with guaranteed bandwidth so that packets are discarded improperly.
l l
In an MPLS TE tunnel, non-VPN traffic preempts the bandwidth for VPN traffic. In an MPLS TE tunnel, VPN traffic demands different supplies of resources. To solve the proceeding problems, you need to configure the hierarchical resource reserved L3VPN.
The hierarchical resource reserved L3VPN enables a device to reserve bandwidth resources for different VPNs or for services of different priorities from the same VPN in one MPLS TE tunnel and separate the bandwidth resources among them. This solves the problems of service interference and bandwidth preemption in one MPLS TE tunnel and provides VPN users with end-to-end QoS guarantee.
NOTE
The hierarchical resource reserved L3VPN is configured on an ingress PE device. After the specified configuration, you can further configure interface-specific HQoS on the interface of the user side on the egress PE. Network traffic is bi-directional; therefore, you can configure hierarchical resource reserved L3VPN for the opposite traffic on the peer PE.
Before configuring the hierarchical resource reserved L3VPN, complete the following tasks:
l
Configuring the physical parameters and link attributes to ensure normal operation of the interfaces. Configuring an MPLS TE tunnel between PEsFor details, refer to "MPLS TE Configuration" in the Quidway NetEngine80E/40E Router Configuration Guide MPLS. Configuring BGP/MPLS IP VPN to enable normal communications between L3VPNs. For details, refer to "BGP MPLS IP VPN Configuration" in the Quidway NetEngine80E/40E Router Configuration Guide VPN. Configuring the simple traffic classification or complex traffic classification on the interface on the user side of the ingress PE. For details, refer to "Class-based QoS Configuration" in the Quidway NetEngine80E/40E Router Configuration Guide QoS.
NOTE
In configuration of the hierarchical resource reserved VPN, the simple traffic classification configuration is an optional pre-configuration task.
l l l
If both the simple traffic classification and the Pipe (or Short Pipe) model are configured on the interface on the user side of an ingress PE, the L3VPN prefers the Pipe (or Short Pipe) model. If you have configured the L3VPN to support the Pipe model, you are unnecessary to configure the simple traffic classification. If you configure the L3VPN to support the Short Pipe model, it is recommended that you configure the simple traffic classification. The reason is that the egress PE performs queue scheduling according to the original DSCP value.
Data Preparation
To configure the hierarchical resource reserved L3VPN, you need the following data.
No. 1 2 3 4 5 6
Data Parameters for flow-wred packet discarding, flow-queue scheduling algorithm, and parameters for flow-queue scheduling (Optional) CoS and color for IP packets when the system is in a DiffServ model (Optional) Port-wred parameters of class queues, scheduling algorithms and parameters of class queues, and shaping values Names and parameters of tunnel policies Bandwidth of the MPLS TE tunnel and the flow-queue template CIR and PIR for the VPN and referenced flow-queue template
6.3.2 Configuring a Flow Queue

Context
Flow queues to be configured are divided into VPN flow queues and non-VPN flow queues on MPLS TE tunnels.
l
In terms of VPN flow queues, VPN traffic is organized into queues according to the service priorities resulting from the simple traffic classification or the complex traffic classification. The VPN service packets of different priorities are then provided with proportional bandwidths. Non-VPN flow queues in MPLS TE tunnels accept non-VPN packets of different priorities in MPLS TE tunnels. As a result, the non-VPN packets of different priorities are then provided with proportional bandwidths. The VPN packets and non-VPN packets in the MPLS TE tunnels can be either configured with the same flow queue or configured separately. If you do not configure flow queues for the VPN packets and non-VPN packets in the MPLS TE tunnel, the system uses the default flow-queue template. It is recommended that you configure flow queues according to the actual conditions.
For detailed information about flow queues, refer to the Quidway NetEngine80E/40E Router Configuration Guide QoS. Do as follows on the ingress PE device where resources are reserved:
Procedure
Step 1 Run:
system-view

flow-wred flow-wred-name
A flow WRED object is created and the flow WRED view is displayed.
Step 3 Run:
color { green | yellow | red } low-limit low-limit-value high-limit high-limitvalue discard-percentage discard-percentage-value
A flow WRED object is configured and the upper limit, the lower limit, and the discarding probability are set for packets of different colors.
NOTE
l l
If you do not configure a flow WRED object, the system uses the default tail-drop policy. You can create multiple flow WRED objects for being referenced by flow queues as required. You can configure up to 127 flow WRED objects in the system.
Step 4 Run:
quit
You return to the system view. Step 5 Run:

flow-queue flow-queue-name
The flow queue view is displayed. Step 6 Run:

queue cos-value { [ pq | wfq weight weight-value | lpq ] | shaping shaping-value | flow-wred wred-name } *
A flow queue is configured and a scheduling policy is set for queues of different priorities.
NOTE
You can configure scheduling parameters in one flow-queue template for the eight flow queues of a subscriber respectively. If you do not configure a flow-queue template, the system uses the default flow-queue template. The default flow-queue template contains the following parameters:
l l l l
By default, the system performs PQ on the flow queues with the priorities of ef, cs6, and cs7. The system defaults the flow queues with the priorities of be, af1, af2, af3, and af4 to WFQ. The scheduling weight is 10:10:10:15:15. The default shaping value is the maximum bandwidth of the interface. The default discarding policy is the tail drop.
----End
6.3.3 (Optional) Enabling an L3VPN to Support DiffServ Models

Context
Do as follows on the ingress PE device where resources are reserved:
Procedure
Step 1 Run:
system-view

Step 2 Run:
A VPN instance is created and the VPN instance view is displayed. Step 3 Run:
diffserv-mode { pipe service-class color | short-pipe service-class color [ domain ds-name ] | uniform }
A DiffServ model for a VPN instance is set.

NOTE
Enabling the L3VPN to support the DiffServ model is an optional setting. You can perform this configuration according to the actual conditions of networks. If you do not enable VPNs to support a specific DiffServ model, the system defaults the Uniform model. If the DiffServ model is set to Uniform, you need to configure simple traffic classification. Otherwise, this configuration does not take effect. When both the simple traffic classification and the Pipe or Short Pipe model are configured, the Pipe or Short Pipe model takes effect.
l l
The three DiffServ models are Pipe, Short Pipe, and Uniform.
l
If the Pipe model is set for a VPN, the EXP value of the MPLS label pushed on the ingress PE device is determined by both the class of service (CoS) and the color specified by users. After an MPLS label is popped out by the egress PE device, the DSCP value of an IP packet is not changed. Then the EXP value of the MPLS label determines the packet forwarding behavior of the egress node. If the Short Pipe model is set for a VPN, the EXP value of the MPLS label pushed on the ingress PE device is determined by both the CoS and the color specified by users. After an MPLS label is popped out by the egress PE device, the DSCP value of an IP packet is not changed. Then the DSCP value of the IP packet determines the packet forwarding behavior of the egress node. If the Uniform model is set for a VPN, the EXP value of the MPLS label pushed on the ingress PE device is determined by the mapped DSCP value of an IP packet. After an MPLS label is popped out by the egress PE device, the EXP value is mapped as the DSCP value of an IP packet. Then the mapped DSCP value of the IP packet determines the packet forwarding behavior of the egress node. The default model is Uniform. If you want the MPLS network to differentiate service priorities, you can choose the Uniform model. If you do not want the MPLS network to differentiate service priorities, you can choose the Pipe or Short Pipe model.
When you configure a DiffServ model,

l
----End
6.3.4 (Optional) Configuring a Class Queue
6-20
Issue 03 (2008-09-22)
Context
NOTE
This step is optional. It is recommended, however, that you configure the scheduling and bandwidth limits for class queues so that packets are not dropped when the public network is congested. The reason is that packets sent from the interface, of an ingress PE device, on the network side can be VPN packets, non-VPN packets, MPLS TE packets, and non-MPLS TE packets. If the packets of one VPN access the ingress from multiple sites, you need to configure the class queue to avoid congestion on the public network. For detailed information about class queues, refer to "HQoS Configuration" in the Quidway NetEngine80E/40E Router Configuration Guide QoS.
l l
Do as follows on the interface on the network side of the ingress PE device where resources are reserved:
Procedure
Step 1 Run:
system-view

A port WRED object is created and the port WRED view is displayed. Step 3 Run:
A WRED object for a class queue is configured and the upper limit, the lower limit, and the discarding probability are set for packets of different colors.
NOTE
l l
If you do not configure a WRED object for a class queue, the system uses the default tail-drop policy. You can create multiple port-wred objects for being referenced by class queues as required. The system provides one port-wred object. You can configure a maximum of seven more port-wred objects.
Step 4 Run:
quit


A class queue is configured and a scheduling policy is set for queues of different priorities. You can configure scheduling parameters for eight class queues respectively on one interface.
If you do not configure a class queue template, the system uses the default class queue template. The default class queue template contains the following parameters:
l l
By default, the system performs PQ on the prioritized class queues ef, cs6, and cs7. The system defaults the scheduling algorithm of the prioritized class queues be, af1, af2, af3, and af4 to WFQ. The scheduling weight is 10:10:10:15:15. The default shaping value is the maximum bandwidth of the interface. The default discarding policy is the tail drop.
l l
----End
6.3.5 Configuring a Tunnel Policy and Apply It to a VPN Instance

Context
Procedure
Step 1 Run:
system-view

tunnel-policy policy-name
A tunnel policy is created and the tunnel policy view is displayed. Step 3 Run:
tunnel binding destination destination-address te tunnel interface-number
The specified L3VPN is bound to the MPLS TE tunnel. Step 4 Run:

quit

The VPN instance view is displayed. Step 6 Run:

tnl-policy policy-name
A tunnel policy is applied to a VPN instance. ----End
6.3.6 Configuring a Bandwidth for an MPLS TE Tunnel

Context
Procedure
Step 1 Run:
system-view

interface tunnel tunnel-number
The TE tunnel interface view is displayed. Step 3 Run:

mpls te bandwidth [ bc0 | bc1 ] bandwidth [ flow-queue flow-queue-name ]
The bandwidth proportion of the total bandwidth of the MPLS TE tunnel to the bandwidth of non-VPN service packets in the tunnel is configured.
NOTE
The mpls te bandwith command configures the bandwidth of an MPLS TE tunnel or the flow-queue template of the non-VPN packets in an MPLS TE tunnel. A flow-queue template specifies the guaranteed bandwidth proportion of non-VPN packets of different priorities in an MPLS TE tunnel. If the configured bandwidth value of an MPLS TE tunnel is greater than 28630 kbit/s, it may result in inaccurate allocation of the bandwidth of the MPLS TE tunnel. The MPLS TE tunnel, however, can still be established. The value of the parameter bandwidth must be less than the maximum bandwidth and maximum reservable bandwidth of the MPLS TE link.
----End
6.3.7 Binding an MPLS TE Tunnel to a VPN Instance and Specifying a QoS Policy
Context
Procedure
Step 1 Run:
system-view

interface tunnel interface-number

mpls te reserved-for-binding
Issue 03 (2008-09-22)
6-23
The MPLS TE tunnel is enabled to bind VPNs. Step 4 Run:

mpls te vpn-binding vpn-instance vpn-instance-name cir cir pir pir [ flow-queue flow-queue-name ]
An L3VPN is bound to the MPLS TE tunnel, and the bandwidth of the VPN and the bandwidths of the packets of different types in the VPN are limited.
NOTE
The CIR is the committed bandwidth of a VPN. The PIR is the peak information rate that controls the burst bandwidth of a VPN. The PIR must be no more than the bandwidth of the MPLS TE tunnel. The flowqueue template contains the configuration of the bandwidth proportion and scheduling parameters of the traffic for different priorities in a VPN.
Step 5 Run:
mpls te commit
The current configuration of the MPLS TE tunnel is committed.

NOTE
When the parameters of an MPLS TE tunnel change, you need to run the mpls te commit command to make the changes take effect.
----End

Run the following commands to check the previous configuration. Action Check the statistics about the L3VPN traffic of an MPLS TE tunnel. Command display traffic statistics interface tunnel interfacenumber vpn-instance vpn-instance-name
Run the display traffic statistics interface tunnel-name vpn-instance vpn-instance-name command. If the output statistics of the L3VPN traffic in an MPLS TE tunnel are the same as the configured values, it means that the configuration succeeds.
<Quidway> The RRVPN Transit Transit Discard Discard Transit Transit display traffic statistics interface tunnel3/0/0 vpn-instance vpna Traffic Statistics: packets :239453968 bytes :24918416800 packets :0 bytes :0 packets rate:33000 packets/sec bytes rate :4070000 packets/sec
6.4 Configuring Hierarchical Resource Reserved L2VPNs

This section describes the procedure of configuring a hierarchical resource reserved L2VPN. 6.4.1 Establishing the Configuration Task 6.4.2 Configuring a Flow Queue 6.4.3 (Optional) Enabling an L2VPN to Support DiffServ Models
6.4.4 (Optional) Configuring a Class Queue 6.4.5 Configuring a Tunnel Policy 6.4.6 Applying an MPLS TE Tunnel Policy to an MPLS L2VPN 6.4.7 Configuring the Bandwidth of an MPLS TE Tunnel 6.4.8 Associating an MPLS TE Tunnel with an L2VPN and Specifying a QoS Policy 6.4.9 Checking the Configuration

In an L2VPN environment, sometimes multiple VPNs share one MPLS TE tunnel. This may result in the following problems: VPNs compete for resources. Services of high priorities from a VPN are not provided with guaranteed bandwidth so that packets are discarded improperly. In an MPLS TE tunnel, non-VPN traffic preempts the bandwidth of VPN traffic. In an MPLS TE tunnel, VPN traffic demands different supplies of resources. To solve the proceeding problems, you need to configure the hierarchical resource reserved L2VPN. The hierarchical resource reserved L2VPN enables a device to reserve bandwidth resources for different VPNs or for services of different priorities from the same VPN in one MPLS TE tunnel and separate the bandwidth resources among them. This solves the problems of service interference and bandwidth preemption in one MPLS TE tunnel and provides VPN users with end-to-end QoS guarantee. Hierarchical resource reserved L2VPNs support the VLL networking mode and the VPLS networking mode.
NOTE
The hierarchical resource reserved L2VPN is configured on an ingress PE device. After the configuration of the hierarchical resource reserved L2VPN, you can further configure interface-specific HQoS on the interface of the user side on the egress PE device. Network traffic is bi-directional; therefore, you can configure hierarchical resource reserved L2VPN for the opposite traffic on the opposite PE.
Before configuring the hierarchical resource reserved L2VPN, complete the following tasks:
l
Configuring the physical parameters and link attributes to ensure normal operation of the interfaces. Configuring an MPLS TE tunnel between PEs. For details, refer to "MPLS TE Configuration" in the Quidway NetEngine80E/40E Router Configuration Guide MPLS. Configuring VLL or VPLS to enable communications between Layer 2 VPNs. For details, refer to "VLL Configuration" and "VPLS Configuration" in the Quidway NetEngine80E/ 40E Router Configuration Guide VPN. If the access type of CEs is VLAN, you need to configure sub-interfaces or VLANIF interfaces; if the access type of CEs is ATM, you need to configure virtual circuits.
Issue 03 (2008-09-22)

l
Configuring the simple traffic classification, forcible traffic classification, or complex traffic classification on the interface on the user side of the ingress PE. For details, refer to "Class-based QoS Configuration" in the Quidway NetEngine80E/40E Router Configuration Guide QoS.
NOTE
In configuration of the hierarchical resource reserved VPN, the simple traffic classification or forcible traffic classification is an optional pre-configuration task.
l l l
If both the simple traffic classification and the Pipe (or Short Pipe) mode are configured on the interface on the user side of an ingress PE, the L2VPN prefers the Pipe (or Short Pipe) DiffServ model. If you have configured the L2VPN to support the Pipe model, you are unnecessary to configure the simple traffic classification. If you configure the L2VPN to support the Short Pipe model, it is recommended that you configure the simple traffic classification. The reason is that the egress PE performs queue scheduling according to the original DSCP value.
Data Preparation
To configure the hierarchical resource reserved L2VPN, you need the following data. No. 1 2 3 4 5 6 Data Parameters for flow-wred packet discarding, flow-queue scheduling algorithm, and parameters for flow-queue scheduling (Optional) CoSs and colors for IP packets when the system is in the DiffServ model (Optional) Port-wred parameters referenced by class queues, scheduling algorithms and parameters of class queues, and shaping values Names and parameters of tunnel policies Bandwidth of the MPLS TE tunnel and the referenced flow-queue template CIR and PIR for the VPN and the referenced flow-queue template
6.4.2 Configuring a Flow Queue

Context
Flow queues to be configured are divided into VPN flow queues and non-VPN flow queues in the MPLS TE tunnel.
l
VPN flow queues organize VPN traffic into queues according to the service priorities resulting from the simple traffic classification or the complex traffic classification. The VPN service packets of different priorities are then provided with proportional bandwidths. Non-VPN flow queues on MPLS TE tunnels accept non-VPN packets of different priorities on MPLS TE tunnels. As a result, the non-VPN packets of different priorities in the MPLS TE tunnel are then provided with proportional bandwidths. The VPN packets and non-VPN packets in the MPLS TE tunnel can be either configured with the same flow queue or configured separately.
6-26

l
If you do not configure flow queues for the VPN packets and non-VPN packets in the MPLS TE tunnel, the system uses the default flow-queue template. It is recommended that you configure flow queues according to the actual conditions.
For detailed information about flow queues, refer to the Quidway NetEngine80E/40E Router Configuration Guide QoS. Do as follows on the ingress PE device where resources are reserved:
Procedure
Step 1 Run:
system-view

A flow WRED object is created and the flow WRED view is displayed. Step 3 Run:
A flow WRED object is configured and the upper limit, the lower limit, and the discard probability are set for packets of different colors.
NOTE
l l
If you do not configure a flow WRED object, the system uses the default tail-drop policy. You can create multiple flow WRED objects for being referenced by flow queues as required. You can configure up to 127 flow WRED objects in the system.
Step 4 Run:
quit

A flow-queue template is created and the flow queue view is displayed. Step 6 Run:
queue cos-value { [ pq | wfq weight weight-value | lpq ] | shaping shaping-value | flow-wred wred-name } *
A flow queue is configured and a scheduling policy is set for queues of different priorities.
Issue 03 (2008-09-22)
6-27

NOTE
You can configure scheduling parameters in one flow-queue template for the eight flow queues of a subscriber respectively. If you do not configure a flow-queue template, the system uses the default flow-queue template. The default flow-queue template contains the following parameters:
l l l l
By default, the system performs PQ on the flow queues with the priorities of ef, cs6, and cs7. The system defaults the flow queues with the priorities of be, af1, af2, af3, and af4 to WFQ. The scheduling weight is 10:10:10:15:15. The default shaping value is the maximum bandwidth of the interface. The default discarding policy is the tail drop.
----End
6.4.3 (Optional) Enabling an L2VPN to Support DiffServ Models

Procedure
l In the VLL Networking Mode Do as follows on the interface on the user side of the ingress PE device where resources are reserved: 1. Run:
system-view

The view of the interface on the user side is displayed.

NOTE
This interface is a user-side interface configured with L2VPN services.
3.
Run:
diffserv-mode { pipe service-class color | uniform }
A DiffServ model in the VLL networking mode is set.

NOTE
If the DiffServ model is set to Uniform, you need to configure simple traffic classification. Otherwise, this configuration does not take effect.
In the VPLS Networking Mode Do as follows on the ingress PE device where resources are reserved: 1. Run:
system-view

vsi vsi-name [ auto | static ]
A virtual switching instance (VSI) is created and the VSI view is displayed.
3.
Run:
diffserv-mode { pipe service-class color | short-pipe service-class color [ domain ds-name ] | uniform }
The DiffServ model for a VSI is set.

NOTE
Enabling the L2VPN to support the DiffServ model is an optional setting. You can perform this configuration according to the actual conditions of networks. If you do not enable VPNs to support a specific DiffServ model, the system defaults the Uniform model. If the DiffServ model is set to Uniform, you need to configure simple traffic classification. Otherwise, this configuration does not take effect. When the simple traffic classification, forcible traffic classification, and the Pipe or Short Pipe model are configured, the Pipe or Short Pipe model takes effect. If the Pipe model is set for a VPN, the EXP value of the MPLS label pushed on the ingress PE device is determined by both the CoS and the color specified by users. After an MPLS label is popped out by the egress PE device, the DSCP value of an IP packet is not changed. Then the EXP value of the MPLS label determines the packet forwarding behavior performed by the egress node. If the Short Pipe model is set for a VPN, the EXP value of the MPLS label pushed on the ingress PE device is determined by both the CoS and the color specified by users. After an MPLS label is popped out by the egress PE device, the DSCP value of an IP packet is not changed. Then the DSCP value of the IP packet determines the packet forwarding behavior of the egress node. If the Uniform model is set for a VPN, the EXP value of the MPLS label pushed on the ingress PE device is determined by the mapped DSCP value of an IP packet. After an MPLS label is popped out by the egress PE device, the EXP value is mapped as the DSCP value of an IP packet. Then the mapped DSCP value of the IP packet determines the packet forwarding behavior of the egress node. The default model is Uniform. If you want to the MPLS network to differentiate service priorities, you can choose the Uniform model. If you do not want the MPLS network to differentiate service priorities, you can choose the Pipe or Short Pipe model.
l l
The three DiffServ models are Pipe, Short Pipe, and Uniform.
l
When you configure a DiffServ model,

l l
----End
6.4.4 (Optional) Configuring a Class Queue

Context
NOTE
This step is optional. It is recommended, however, that you configure the scheduling and bandwidth limits for class queues so that packets are not dropped when the public network is congested. The reason is that packets sent from the interface, of an ingress PE device, on the network side can be VPN packets, non-VPN packets, MPLS TE packets, and non-MPLS TE packets. If the packets of one VPN access the ingress from multiple sites, you need to configure the class queue to avoid congestion on the public network. For detailed information about class queues, refer to "HQoS Configuration" in the Quidway NetEngine80E/40E Router Configuration Guide QoS.
l l
Do as follows on the interface on the network side of the ingress PE device where resources are reserved:
Procedure
Step 1 Run:
system-view

A port WRED object is created and the port WRED view is displayed. Step 3 Run:
A WRED object for a class queue is configured and the upper limit, the lower limit, and the discarding probability are set for packets of different colors.
NOTE
l l
If you do not configure a WRED object for a class queue, the system uses the default tail-drop policy. You can create multiple port-wred objects for being referenced by class queues as required. The system provides one port-wred object. You can configure a maximum of seven more port-wred objects.
Step 4 Run:
quit


A class queue is configured and a scheduling policy is set for queues of different priorities. You can configure scheduling parameters for eight class queues respectively on one interface. If you do not configure a class queue template, the system uses the default class queue template. The default class queue template contains the following parameters:
l l
By default, the system performs PQ on the prioritized class queues ef, cs6, and cs7. The system defaults scheduling algorithm of the prioritized class queues be, af1, af2, af3, and af4 to WFQ. The scheduling weight is 10:10:10:15:15. The default shaping value is the maximum bandwidth of the interface. The default discarding policy is the tail drop.
l l
----End
6.4.5 Configuring a Tunnel Policy

Context
Procedure
Step 1 Run:
system-view

tunnel-policy policy-name
A tunnel policy is created and the tunnel policy view is displayed. Step 3 Run:
tunnel binding destination destination-address te tunnel interface-number
The specified L3VPN is bound to the MPLS TE tunnel. ----End
6.4.6 Applying an MPLS TE Tunnel Policy to an MPLS L2VPN

Context
NOTE
Here only the configuration of applying tunnel policies in Martini mode is provided. For information about the configurations of applying tunnel policies in other modes such as SVC, Kompella, and PWE3 modes, refer to "VPN Tunnel Management Configuration" in the Quidway NetEngine80E/40E Router Configuration Guide VPN.
Procedure
l In the VLL Networking Mode Do as follows on the ingress PE device where resources are reserved: 1. Run:
system-view

The view of the interface on the user side is displayed. 3. Run:

mpls l2vc dest-ip-address vc-id tunnel-policy policy-name
A tunnel policy is applied to the virtual circuit (VC) in Martini L2VPN. l In the VPLS Networking Mode Do as follows on the ingress PE device where resources are reserved: 1. Run:
system-view
Issue 03 (2008-09-22)
6-31

vsi vsi-name
A VSI is created and the VSI view is displayed. 3. Run:

tnl-policy policy-name
A tunnel policy is applied to the VSI. ----End
6.4.7 Configuring the Bandwidth of an MPLS TE Tunnel

Context
Procedure
Step 1 Run:
system-view

interface tunnel tunnel-number

mpls te bandwidth [ bc0 | bc1 ] bandwidth [ flow-queue flow-queue-name ]
The bandwidth proportion of the total bandwidth of the MPLS TE tunnel to the bandwidth of non-VPN service packets in the tunnel is configured.
NOTE
The mpls te bandwith command configures the bandwidth of an MPLS TE tunnel or the flow-queue template of the non-VPN packets in an MPLS TE tunnel. A flow-queue template specifies the guaranteed bandwidth proportion of non-VPN packets of different priorities in an MPLS TE tunnel. If the configured bandwidth value of an MPLS TE tunnel is greater than 28630 kbit/s, it may result in inaccurate allocation of the bandwidth of the MPLS TE tunnel. The MPLS TE tunnel, however, can still be established. The value of the parameter bandwidth must be less than the maximum bandwidth and maximum reservable bandwidth of the MPLS TE link.
----End
6.4.8 Associating an MPLS TE Tunnel with an L2VPN and Specifying a QoS Policy
Procedure
l In the VLL Networking Mode Do as follows on the ingress PE device where resources are reserved: 1. Run:
system-view

The MPLS TE tunnel interface view is displayed. 3. Run:

mpls te reserved-for-binding
The MPLS TE tunnel is enabled to bind VPNs. 4. Run:

mpls te vpn-binding l2vpn interface interface-type interface-number cir cir pir pir [ flow-queue flow-queue-name ]
A VLL L2VPN is bound to an MPLS TE tunnel, limiting the bandwidth for VPN packets that are forwarded through the MPLS TE tunnel and the bandwidths for different types of VPN packets that are forwarded through the MPLS TE tunnel.
NOTE
This command statically binds a VLL interface on the user side to an MPLS TE tunnel so that the traffic of VLL L2VPN is forwarded through the MPLS TE tunnel.
5.
Run:
mpls te commit

NOTE
When the parameters of an MPLS TE tunnel change (for example, when interface at the VLL user side that are statically bound to MPLS TE tunnels are delete), you need to run the mpls te commit command to make the changes take effect.
In the VSI Networking Mode Do as follows on the ingress PE device where resources are reserved: 1. Run:
system-view

The tunnel interface view is displayed. 3. Run:

mpls te vpn-binding l2vpn vsi vsi-name cir cir pir pir [ flow-queue flowqueue-name ]
A VPLS L2VPN is bound to an MPLS TE tunnel, limiting the bandwidth for VPN packets that are forwarded through the MPLS TE tunnel and the bandwidths for different types of VPN packets that are forwarded through the MPLS TE tunnel.
4.
Run:
mpls te commit

NOTE
When the parameters of an MPLS TE tunnel change, you need to run the mpls te commit command to make the changes take effect.
In both the VLL and the VPLS networking modes, you can use the command to statically bind an L2VPN to an MPLS TE tunnel. CIR is the committed bandwidth of a VPN. PIR is the permitted burst rate of a VPN. The value should be no more than the set bandwidth of the MPLS TE tunnel. The flow-queue template contains the configuration of the bandwidth proportion and scheduling parameters of the traffic for different priorities. Resource Reserved VPN can provide guaranteed bandwidths forTraffic in the MPLS TE tunnel

All VPN traffic Non-VPN traffic in the MPLS TE tunnel
----End

Run the following commands to check the previous configuration. Action Check the statistics about the VLL L2VPN traffic of an MPLS TE tunnel. Check the statistics about the VPLS L2VPN traffic of an MPLS TE tunnel. Command display traffic statistics interface tunnel interface-number vll interface-type interfacenumber display traffic statistics interface tunnel interface-number vsi vsi-name
Run the display traffic statistics interface tunnel interface-number [ vsi vsi-name | vll interface-type interface-number ] command. If the output statistics of the VPLS or VLL L2VPN traffic in an MPLS TE tunnel are the same as the configured values, it means that the configuration succeeds.
<Quidway> The RRVPN Transit Transit Discard Discard Transit Transit <Quidway> The RRVPN Transit Transit Discard Discard Transit Transit display traffic statistics interface tunnel3/0/0 vsi vpna Traffic Statistics: packets :239453968 bytes :24918416800 packets :0 bytes :0 packets rate:33000 packets/sec bytes rate :4070000 bytes/sec display traffic statistics interface tunnel3/0/0 vll gigabitethernet3/0/3 Traffic Statistics: packets :239453968 bytes :24918416800 packets :0 bytes :0 packets rate:33000 packets/sec bytes rate :4070000 bytes/sec
6-34
Issue 03 (2008-09-22)
6.5 Example For Configuring VPN QoS

This section provides examples for configuring VPN QoS. 6.5.1 Example for Applying a Routing Policy with QoS Parameters in VPNv4 6.5.2 Example for Applying Routing Policies with QoS Parameters to a VPN Instance 6.5.3 Example for Configuring a Hierarchical Resource Reserved L3VPN 6.5.4 Example for Configuring a Hierarchical Resource Reserved L2VPN (VLL) 6.5.5 Example for Configuring a Hierarchical Resource Reserved L2VPN (VPLS) 6.5.6 Example for Configuring Hierarchical Resource Reserved VPNs (with Both L3VPNs and L2VPNs Deployed) 6.5.7 Example for Configuring an MPLS DiffServ Model on the VPLS over TE
6.5.1 Example for Applying a Routing Policy with QoS Parameters in VPNv4
As shown in Figure 6-8, CE1, CE2, CE3, CE4, PE1, PE2, and P are used to establish the BGP MPLS IP VPN. CE1 and CE4 are in VPN1; CE2 and CE3 are in VPN2. QoS is required to restrict the bandwidth of VPN packets sent by CE3 and CE4 to be 30 Mbit/s. To carry out that, you need to configure QPPB in an L3VPN. Set the community attribute for BGP VPNv4 routes sent from PE1 to PE2. When PE2 receives BGP VPNv4 routes sent from PE1, it matches the community attribute based on the routing policy and sets QoS parameters for the matched routes. When it imports VPN routes, it imports the QoS parameters to the VPN FIB table. To restrict the bandwidth for packets of all VPN instances on PE2, configure QPPB to apply the routing policy with QoS parameters to all VPN instances on PE2.
Issue 03 (2008-09-22)
6-35
Figure 6-8 Networking diagram for configuring QPPB in an L3VPN (VPNv4)
The configuration roadmap is as follows: 1. 2. 3. 4. 5. Configure the basic BGP/MPLS IP VPN functions to enable interworking among the routers. Create a routing policy on PE1 to enable the matched route to carry the community attribute. Configure traffic behaviors on PE2 to restrict the bandwidth of packets of VPN1 and VPN2 to be 30 Mbit/s. On PE2, configure a routing policy for imported routes to apply the traffic behavior to the routes that are sent from PE1 and match the community attribute. Apply QPPB to the inbound interface Ethernet 1/0/0 and Ethernet 2/0/0 of PE2.
Data Preparation
l l l l
Names of VPN instances and those of routing policies Numbers of community attribute lists and IP prefixes Names of traffic behaviors and traffic actions Interfaces where QPPB is applied
1.
6-36
Configure BGP MPLS IP VPN.

# Assign IP addresses to the interface of CE1, CE2, CE3, and CE4.

<CE1> system-view [CE1] interface ethernet 1/0/0 [CE1-Ethernet1/0/0] undo shutdown [CE1-Ethernet1/0/0] ip address 10.1.1.1 [CE1-Ethernet1/0/0] return <CE2> system-view [CE2] interface ethernet 2/0/0 [CE2-Ethernet2/0/0] undo shutdown [CE2-Ethernet2/0/0] ip address 40.1.1.1 [CE2-Ethernet2/0/0] return <CE3> system-view [CE3] interface ethernet 2/0/0 [CE3-Ethernet2/0/0] undo shutdown [CE3-Ethernet2/0/0] ip address 30.1.1.1 [CE3-Ethernet2/0/0] return <CE4> system-view [CE4] interface ethernet 1/0/0 [CE4-Ethernet1/0/0] undo shutdown [CE4-Ethernet1/0/0] ip address 20.1.1.1 [CE4-Ethernet1/0/0] return
255.255.255.0
255.255.255.0
255.255.255.0
255.255.255.0
# Configure the loopback interfaces of PE1, P, and PE2.

<PE1> system-view [PE1] interface loopback0 [PE1-LoopBack0] ip address 11.11.11.11 255.255.255.255 [PE1-LoopBack0] return system-view [P] interface loopback0 [P-LoopBack0] ip address 33.33.33.33 255.255.255.255 [P-LoopBack0] return <PE2> system-view [PE2] interface loopback0 [PE2-LoopBack0] ip address 22.22.22.22 255.255.255.255 [PE2-LoopBack0] return
# Enable OSPF on PE1, P, and PE2. Advertise the route of the loopback interface.
<PE1> system-view [PE1] ospf 10 [PE1-ospf-10] area 0.0.0.0 [PE1-ospf-10-area-0.0.0.0] network 100.1.1.0 0.0.0.255 [PE1-ospf-10-area-0.0.0.0] network 11.11.11.11 0.0.0.0 [PE1-ospf-10-area-0.0.0.0] return system-view [P] ospf 10 [P-ospf-10] area 0.0.0.0 [P-ospf-10-area-0.0.0.0] network 100.1.1.0 0.0.0.255 [P-ospf-10-area-0.0.0.0] network 110.1.1.0 0.0.0.255 [P-ospf-10-area-0.0.0.0] network 33.33.33.33 0.0.0.0 [P-ospf-10-area-0.0.0.0] return <PE2> system-view [PE2] ospf 10 [PE2-ospf-10] area 0.0.0.0 [PE2-ospf-10-area-0.0.0.0] network 100.1.1.0 0.0.0.255 [PE2-ospf-10-area-0.0.0.0] network 22.22.22.22 0.0.0.0 [PE2-ospf-10-area-0.0.0.0] return
# Set up MPLS LDP sessions between PE1, P, and PE2.

<PE1> system-view [PE1] mpls lsr-id 11.11.11.11 [PE1] mpls [PE1-mpls] quit [PE1] mpls ldp [PE1-mpls-ldp] quit [PE1] interface pos 3/0/0 [PE1-Pos3/0/0] undo shutdown [PE1-Pos3/0/0] ip address 100.1.1.1 255.255.255.0 [PE1-Pos3/0/0] mpls [PE1-Pos3/0/0] mpls ldp
Issue 03 (2008-09-22)
6-37
[PE1-Pos3/0/0] return system-view [P] mpls lsr-id 33.33.33.33 [P] mpls [P-mpls] quit [P] mpls ldp [P-mpls-ldp] quit [P] interface pos 1/0/0 [P-Pos1/0/0] undo shutdown [P-Pos1/0/0] mpls [P-Pos1/0/0] mpls ldp [P-Pos1/0/0] quit [P] interface pos 2/0/0 [P-Pos2/0/0] undo shutdown [P-Pos2/0/0] mpls [P-Pos2/0/0] mpls ldp [P-Pos2/0/0] return <PE2> system-view [PE2] mpls lsr-id 22.22.22.22 [PE2] mpls [PE2-mpls] mpls ldp [PE2-mpls-ldp] quit [PE2] interface pos 3/0/0 [PE2-Pos3/0/0] undo shutdown [PE2-Pos3/0/0] ip address 100.1.1.2 255.255.255.0 [PE2-Pos3/0/0] mpls [PE2-Pos3/0/0] mpls ldp [PE2-Pos3/0/0] return
# Set up the IBGP peer relationship between PE1 and PE2.

<PE1> system-view [PE1] bgp 500 [PE1-bgp] peer 22.22.22.22 as-number 500 [PE1-bgp] peer 22.22.22.22 connect-interface loopback0 [PE1-bgp] ipv4-family vpnv4 [PE1-bgp-af-vpnv4] peer 22.22.22.22 enable [PE1-bgp-af-vpnv4] return <PE2> system-view [PE2] bgp 500 [PE2-bgp] peer 11.11.11.11 as-number 500 [PE2-bgp] peer 11.11.11.11 connect-interface LoopBack0 [PE2-bgp] ipv4-family vpnv4 [PE2-bgp-af-vpnv4] peer 11.11.11.11 enable [PE2-bgp-af-vpnv4] return
# On PE1 and PE2, create VPN instances and bind the VPN instances to the interfaces that are connected to CE.
<PE1> system-view [PE1] ip vpn-instance vpn1 [PE1-vpn-instance-vpn1] route-distinguisher 1:1 [PE1-vpn-instance-vpn1] vpn-target 1:1 export-extcommunity [PE1-vpn-instance-vpn1] vpn-target 1:1 import-extcommunity [PE1-vpn-instance-vpn1] quit [PE1] interface ethernet1/0/0 [PE1-Ethernet1/0/0] undo shutdown [PE1-Ethernet1/0/0] ip binding vpn-instance vpn1 [PE1-Ethernet1/0/0] ip address 10.1.1.2 255.255.255.0 [PE1-Ethernet1/0/0] quit [PE1] ip vpn-instance vpn2 [PE1-vpn-instance-vpn2] route-distinguisher 2:2 [PE1-vpn-instance-vpn2] vpn-target 2:2 export-extcommunity [PE1-vpn-instance-vpn2] vpn-target 2:2 import-extcommunity [PE1-vpn-instance-vpn2] quit [PE1] interface ethernet2/0/0 [PE1-Ethernet2/0/0] undo shutdown [PE1-Ethernet2/0/0] ip binding vpn-instance vpn2 [PE1-Ethernet2/0/0] ip address 40.1.1.2 255.255.255.0 [PE1-Ethernet2/0/0] return <PE2> system-view
6-38
Issue 03 (2008-09-22)
[PE2] ip vpn-instance vpn1 [PE2-vpn-instance-vpn1] route-distinguisher 1:1 [PE2-vpn-instance-vpn1] vpn-target 1:1 export-extcommunity [PE2-vpn-instance-vpn1] vpn-target 1:1 import-extcommunity [PE2-vpn-instance-vpn1] quit [PE2] interface ethernet1/0/0 [PE2-Ethernet1/0/0] undo shutdown [PE2-Ethernet1/0/0] ip binding vpn-instance vpn1 [PE2-Ethernet1/0/0] ip address 20.1.1.2 255.255.255.0 [PE2-Ethernet1/0/0] quit [PE2] ip vpn-instance vpn2 [PE2-vpn-instance-vpn2] route-distinguisher 2:2 [PE2-vpn-instance-vpn2] vpn-target 2:2 export-extcommunity [PE2-vpn-instance-vpn2] vpn-target 2:2 import-extcommunity [PE2-vpn-instance-vpn2] quit [PE2] interface ethernet2/0/0 [PE2-Ethernet2/0/0] undo shutdown [PE2-Ethernet2/0/0] ip binding vpn-instance vpn2 [PE2-Ethernet2/0/0] ip address 30.1.1.2 255.255.255.0 [PE2-Ethernet2/0/0] return
# Set up the EBGP peer relationship among PE1, CE1, and CE2, and that among PE2, CE3, and CE4.
<CE1> system-view [CE1] bgp 100 [CE1-bgp] peer 10.1.1.2 as-number 500 [CE1-bgp] import-route direct [CE1-bgp] quit <CE2> system-view [CE2] bgp 200 [CE2-bgp] peer 40.1.1.2 as-number 500 [CE2-bgp] import-route direct [CE2-bgp] quit <PE1> system-view [PE1] bgp 500 [PE1-bgp] ipv4-family vpn-instance vpn1 [PE1-bgp-vpn1] peer 10.1.1.1 as-number 100 [PE1-bgp-vpn1] import-route direct [PE1-bgp-vpn1] quit [PE1-bgp] ipv4-family vpn-instance vpn2 [PE1-bgp-vpn2] peer 40.1.1.1 as-number 200 [PE1-bgp-vpn2] import-route direct [PE1-bgp-vpn2] return <CE3> system-view [CE3] bgp 300 [CE3-bgp] peer 30.1.1.2 as-number 500 [CE3-bgp] import-route direct [CE3-bgp] quit <CE4> system-view [CE4] bgp 400 [CE4-bgp] peer 20.1.1.2 as-number 500 [CE4-bgp] import-route direct [CE4-bgp] quit <PE2> system-view [PE2] bgp 500 [PE2-bgp] ipv4-family vpn-instance vpn1 [PE2-bgp-vpn1] peer 20.1.1.1 as-number 400 [PE2-bgp-vpn1] import-route direct [PE2-bgp-vpn1] quit [PE2-bgp] ipv4-family vpn-instance vpn2 [PE2-bgp-vpn1] peer 30.1.1.1 as-number 300 [PE2-bgp-vpn1] import-route direct [PE2-bgp-vpn1] return
After the configuration, CE1 and CE4 can ping through each other; CE2 and CE3 can ping through each other; two CEs in different VPNs cannot ping through each other. 2. Configure routing policies between PE1 and PE2; advertise the routing policy through BGP.
Issue 03 (2008-09-22)
6-39
# On PE1, configure the routing policy so that the routes sent from 10.1.1.0 and 40.1.1.0 carry the community attribute 10:10.
<PE1> system-view [PE1] ip ip-prefix [PE1] ip ip-prefix [PE1] route-policy [PE1-route-policy] [PE1-route-policy] [PE1-route-policy] aa index 10 permit 10.1.1.0 24 aa index 20 permit 40.1.1.0 24 aa permit node 10 if-match ip-prefix aa apply community 10:10 return
# On PE1, apply the routing policy to the route sent to PE2 and advertise the community attribute to its peer.
<PE1> system-view [PE1] bgp 500 [PE1-bgp] ipv4-family vpnv4 [PE1-bgp-af-vpnv4] peer 22.22.22.22 route-policy aa export [PE1-bgp-af-vpnv4] peer 22.22.22.22 advertise-community [PE1-bgp-af-vpnv4] return
3.
On PE2, configure the routing policy for the received route. Create the traffic behavior for the routes that match the community attribute. # Create the traffic behavior for the routes that match the community attribute.
<PE2> system-view [PE2] traffic behavior dd [PE2-behavior-dd] car cir 30000 green [PE2-behavior-dd] return
NOTE
pass
yellow
pass red discard
# On PE2, create a routing policy to apply the traffic behavior to the received routes that match the community attribute 10:10.
<PE2> system-view [PE2] ip community-filter 10 permit 10:10 [PE2] route-policy bb permit node 10 [PE2-route-policy] if-match community-filter 10 [PE2-route-policy] apply behavior dd [PE2-route-policy] return
# On PE2, apply the routing policy to the route received from PE1.
<PE2> system-view [PE2] bgp 500 [PE2-bgp] ipv4-family vpnv4 [PE2-bgp-af-vpnv4] peer 11.11.11.11 route-policy bb import [PE2-bgp-af-vpnv4] return
# Run display bgp vpnv4 all routing-table on PE2. The community attribute of routes sent from 10.1.1.0/24 and 0.1.1.0/24 is 10:10.
[PE2] display bgp vpnv4 all routing-table 10.1.1.0 BGP local router ID : 22.22.22.22 Local AS number : 500 Total routes of Route Distinguisher(1:1): 1 BGP routing table entry information of 10.1.1.0/24: Label information (Received/Applied): 15361/NULL From: 11.11.11.11 (11.11.11.11) Original nexthop: 11.11.11.11 Community:<10:10> Ext-Community: <1 : 1> Convergence Priority: 0 AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, intern al, best, pre 255 Not advertised to any peer yet Total routes of vpn-instance vpn1: 1 BGP routing table entry information of 10.1.1.0/24: Label information (Received/Applied): 15361/NULL From: 11.11.11.11 (11.11.11.11)
6-40
Issue 03 (2008-09-22)
Relay Nexthop: 0.0.0.0 Original nexthop: 11.11.11.11 Community:<10:10> Ext-Community: <1 : 1> Convergence Priority: 0 AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, intern al, best, pre 255 Advertised to such 1 peers: 20.1.1.1
4.
On PE2, apply QPPB to inbound interfaces Ethernet 1/0/0 and Ethernet 2/0/0.
<PE2> system-view [PE2]interface ethernet1/0/0 [PE2-Ethernet1/0/0] qppb-policy behavior destination [PE2-Ethernet1/0/0] quit [PE2]interface ethernet2/0/0 [PE2-Ethernet2/0/0] qppb-policy behavior destination [PE2-Ethernet2/0/0] return
5.
Verify the configuration. # On PE2, display the FIB information of the VPN. If the configuration succeeds, you can see that the value of the QosInfo field in the output information is 0x20000001.
[PE2] display fib vpn-instance vpn1 10.1.1.0 verbose Route Entry Count: 1 Destination: 10.1.1.0 Mask : 255.255.255.0 Nexthop : 11.11.11.11 OutIf : POS3/0/0 LocalAddr : 100.1.1.2 LocalMask: 0.0.0.0 Flags : DGU Age : 2227sec ATIndex : 0 Slot : 3 LspFwdFlag : 1 LspToken : 0x76002001 InLabel : 15360 OriginAs : 100 BGPNextHop : 11.11.11.11 PeerAs : 100 QosInfo : 0x20000001 OriginQos: 0x0 NexthopBak : 0.0.0.0 OutIfBak : [No Intf] LspTokenBak: 0x0 InLabelBak : NULL LspToken_ForInLabelBak : 0x0 EntryRefCount : 1 rt_ulVlanId : 0x0 rt_ulVlinkBak : NULL
Configuration Files
l

# sysname CE1 # interface Ethernet1/0/0 undo shutdown ip address 10.1.1.1 255.255.255.0 # bgp 100 peer 10.1.1.2 as-number 500 # undo synchronization import-route direct peer 10.1.1.2 enable # return

# sysname CE2 # interface Ethernet2/0/0 undo shutdown ip address 40.1.1.1 255.255.255.0 #
Issue 03 (2008-09-22)
6-41

bgp 200 peer 40.1.1.2 as-number 500 # undo synchronization import-route direct peer 40.1.1.2 enable # return l



# sysname PE1 # ip vpn-instance vpn1 route-distinguisher 1:1 vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity # ip vpn-instance vpn2 route-distinguisher 2:2 vpn-target 2:2 export-extcommunity vpn-target 2:2 import-extcommunity # mpls lsr-id 11.11.11.11 mpls # mpls ldp # interface Ethernet1/0/0 undo shutdown ip binding vpn-instance vpn1 ip address 10.1.1.2 255.255.255.0 # interface Ethernet2/0/0 undo shutdown ip binding vpn-instance vpn2
6-42
Issue 03 (2008-09-22)

ip address 40.1.1.2 255.255.255.0 # interface Pos3/0/0 undo shutdown link-protocol ppp ip address 100.1.1.1 255.255.255.0 mpls mpls ldp # interface LoopBack0 ip address 11.11.11.11 255.255.255.255 # bgp 500 peer 22.22.22.22 as-number 500 peer 22.22.22.22 connect-interface LoopBack0 # ipv4-family unicast undo synchronization peer 22.22.22.22 enable # ipv4-family vpnv4 policy vpn-target peer 22.22.22.22 enable peer 22.22.22.22 route-policy aa export peer 22.22.22.22 advertise-community # ipv4-family vpn-instance vpn1 peer 10.1.1.1 as-number 100 import-route direct # ipv4-family vpn-instance vpn2 peer 40.1.1.1 as-number 200 import-route direct # ospf 10 area 0.0.0.0 network 100.1.1.0 0.0.0.255 network 11.11.11.11 0.0.0.0 # route-policy aa permit node 10 if-match ip-prefix aa apply community 10:10 # ip ip-prefix aa index 10 permit 10.1.1.0 24 ip ip-prefix aa index 20 permit 40.1.1.0 24 # return l

# sysname PE2 # ip vpn-instance vpn1 route-distinguisher 1:1 vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity # ip vpn-instance vpn2 route-distinguisher 2:2 vpn-target 2:2 export-extcommunity vpn-target 2:2 import-extcommunity # mpls lsr-id 22.22.22.22 mpls # mpls ldp # traffic behavior dd car cir 30000 green pass yellow pass red discard #
Issue 03 (2008-09-22)
6-43
interface Ethernet1/0/0 undo shutdown ip binding vpn-instance vpn1 ip address 20.1.1.2 255.255.255.0 qppb-policy behavior destination # interface Ethernet2/0/0 undo shutdown ip binding vpn-instance vpn2 ip address 30.1.1.2 255.255.255.0 qppb-policy behavior destination # interface Pos3/0/0 undo shutdown link-protocol ppp ip address 110.1.1.1 255.255.255.0 mpls mpls ldp # interface LoopBack0 ip address 22.22.22.22 255.255.255.255 # bgp 500 peer 11.11.11.11 as-number 500 peer 11.11.11.11 connect-interface LoopBack0 # ipv4-family unicast undo synchronization peer 11.11.11.11 enable # ipv4-family vpnv4 policy vpn-target peer 11.11.11.11 enable peer 11.11.11.11 route-policy bb import # ipv4-family vpn-instance vpn1 peer 20.1.1.1 as-number 400 import-route direct # ipv4-family vpn-instance vpn2 peer 30.1.1.1 as-number 300 import-route direct # ospf 10 area 0.0.0.0 network 110.1.1.0 0.0.0.255 network 22.22.22.22 0.0.0.0 # route-policy bb permit node 10 if-match community-filter 10 apply behavior dd # ip community-filter 10 permit 10:10 # return l
Configuration file of the P

# sysname P # mpls lsr-id 33.33.33.33 mpls # mpls ldp # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.1.1.2 255.255.255.0 mpls
6-44
Issue 03 (2008-09-22)

mpls ldp # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 110.1.1.1 255.255.255.0 mpls mpls ldp # interface LoopBack0 ip address 33.33.33.33 255.255.255.255 # ospf 1 area 0.0.0.0 network 100.1.1.0 0.0.0.255 network 110.1.1.0 0.0.0.255 network 33.33.33.33 0.0.0.0 # return
6.5.2 Example for Applying Routing Policies with QoS Parameters to a VPN Instance
As shown in Figure 6-9, CE1, CE2, CE3, CE4, PE1, PE2, and P are used to establish the BGP MPLS IP VPN. CE1 and CE4 are in VPN1; CE2 and CE3 are in VPN2. QoS is required to restrict the bandwidth for the packets sent by CE4 to 30 Mbit/s. The bandwidth for VPN2 packets sent by CE3 is not restricted. The community attribute is set for the BGP route sent from PE1 to PE2. When receiving the BGP route sent from PE1, PE2 sets QoS parameters for the BGP VPN route based on the routing policy. After it imports the VPN route, it imports the QoS parameters to the VPN FIB table. To restrict the bandwidth only for packets of VPN1, you need to apply the routing policy only to the VPN instance of VPN1.
Issue 03 (2008-09-22)
6-45
Figure 6-9 Networking diagram for configuring QPPB in an L3VPN (VPN instance)
The configuration roadmap is as follows: 1. 2. 3. 4. 5. Configure the basic BGP/MPLS IP VPN functions to enable interworking among the routers. Create routing policy on PE1 to enable the matched route to carry community attribute. Configure traffic behaviors on PE2 to restrict the bandwidth for packets of VPN1 to 30Mbit/ s. On PE2, configure a routing policy for imported routes to apply the traffic behavior to the routes that are sent from PE1 and match the community attribute. Apply QPPB to inbound Ethernet 1/0/0 on PE2.
Data Preparation
l l l l
Names of VPN instances and those of routing policies Numbers of community attribute lists and IP prefixes Names of traffic behaviors and traffic actions Interfaces where QPPB is applied
1.
6-46
Configure BGP MPLS IP VPN.

# Assign IP addresses to the interfaces of CE1, CE2, CE3, and CE4.

<CE1> system-view [CE1] interface ethernet 1/0/0 [CE1-Ethernet1/0/0 undo shutdown [CE1-Ethernet1/0/0] ip address 10.1.1.1 [CE1-Ethernet1/0/0] return <CE2> system-view [CE2] interface ethernet 2/0/0 [CE2-Ethernet2/0/0] undo shutdown [CE2-Ethernet2/0/0] ip address 40.1.1.1 [CE2-Ethernet2/0/0] return <CE3> system-view [CE3] interface ethernet 2/0/0 [CE3-Ethernet2/0/0] undo shutdown [CE3-Ethernet2/0/0] ip address 30.1.1.1 [CE3-Ethernet2/0/0] return <CE4> system-view [CE4] interface ethernet 1/0/0 [CE4-Ethernet1/0/0] undo shutdown [CE4-Ethernet1/0/0] ip address 20.1.1.1 [CE4-Ethernet1/0/0] return
255.255.255.0
255.255.255.0
255.255.255.0
255.255.255.0
# Configure the loopback interfaces of PE1, P, and PE2.

<PE1> system-view [PE1] interface loopback0 [PE1-LoopBack0] ip address 11.11.11.11 255.255.255.255 [PE1-LoopBack0] return system-view [P] interface loopback0 [P-LoopBack0] ip address 33.33.33.33 255.255.255.255 [P-LoopBack0] return <PE2> system-view [PE2] interface loopback0 [PE2-LoopBack0] ip address 22.22.22.22 255.255.255.255 [PE2-LoopBack0] return
# Enable OSPF on PE1, P, and PE2. Advertise the route of the loopback interface.
<PE1> system-view [PE1] ospf 10 [PE1-ospf-10] area 0.0.0.0 [PE1-ospf-10-area-0.0.0.0] network 100.1.1.0 0.0.0.255 [PE1-ospf-10-area-0.0.0.0] network 11.11.11.11 0.0.0.0 [PE1-ospf-10-area-0.0.0.0] return system-view [P] ospf 10 [P-ospf-10] area 0.0.0.0 [P-ospf-10-area-0.0.0.0] network 100.1.1.0 0.0.0.255 [P-ospf-10-area-0.0.0.0] network 110.1.1.0 0.0.0.255 [P-ospf-10-area-0.0.0.0] network 33.33.33.33 0.0.0.0 [P-ospf-10-area-0.0.0.0] return <PE2> system-view [PE2] ospf 10 [PE2-ospf-10] area 0.0.0.0 [PE2-ospf-10-area-0.0.0.0] network 110.1.1.0 0.0.0.255 [PE2-ospf-10-area-0.0.0.0] network 22.22.22.22 0.0.0.0 [PE2-ospf-10-area-0.0.0.0] return
# Set up MPLS LDP sessions among PE1, P, and PE2.

<PE1> system-view [PE1] mpls lsr-id 11.11.11.11 [PE1] mpls [PE1-mpls] quit [PE1] mpls ldp [PE1-mpls-ldp] quit [PE1] interface pos 3/0/0 [PE1-Pos3/0/0] undo shutdown [PE1-Pos3/0/0] ip address 100.1.1.1 255.255.255.0 [PE1-Pos3/0/0] mpls [PE1-Pos3/0/0] mpls ldp
Issue 03 (2008-09-22)
6-47
[PE1-Pos3/0/0] return system-view [P] mpls lsr-id 33.33.33.33 [P] mpls [P-mpls] quit [P] mpls ldp [P-mpls-ldp] quit [P] interface pos 1/0/0 [P-Pos1/0/0] mpls [P-Pos1/0/0] undo shutdown [P-Pos1/0/0] mpls ldp [P-Pos1/0/0] quit [P] interface pos 2/0/0 [P-Pos2/0/0] undo shutdown [P-Pos2/0/0] mpls [P-Pos2/0/0] mpls ldp [P-Pos2/0/0] return <PE2> system-view [PE2] mpls lsr-id 22.22.22.22 [PE2] mpls [PE2-mpls] quit [PE2] mpls ldp [PE2-mpls-ldp] quit [PE2] interface pos 3/0/0 [PE2-Pos3/0/0] undo shutdown [PE2-Pos3/0/0] ip address 110.1.1.2 255.255.255.0 [PE2-Pos3/0/0] mpls [PE2-Pos3/0/0] mpls ldp [PE2-Pos3/0/0] return
# Set up the IBGP peer relationship between PE1 and PE2.

<PE1> system-view [PE1] bgp 500 [PE1-bgp] peer 22.22.22.22 as-number 500 [PE1-bgp] peer 22.22.22.22 connect-interface loopback0 [PE1-bgp] ipv4-family vpnv4 [PE1-bgp-af-vpnv4] peer 22.22.22.22 enable [PE1-bgp-af-vpnv4] return <PE2> system-view [PE2] bgp 500 [PE2-bgp] peer 11.11.11.11 as-number 500 [PE2-bgp] peer 11.11.11.11 connect-interface LoopBack0 [PE2-bgp] ipv4-family vpnv4 [PE2-bgp-af-vpnv4] peer 11.11.11.11 enable [PE2-bgp-af-vpnv4] return
# On PE1 and PE2, create VPN instances and bind the VPN instances to the interfaces that are connected to CE.
<PE1> system-view [PE1] ip vpn-instance vpn1 [PE1-vpn-instance-vpn1] route-distinguisher 1:1 [PE1-vpn-instance-vpn1] vpn-target 1:1 export-extcommunity [PE1-vpn-instance-vpn1] vpn-target 1:1 import-extcommunity [PE1-vpn-instance-vpn1] quit [PE1] interface ethernet1/0/0 [PE1-Ethernet1/0/0] undo shutdown [PE1-Ethernet1/0/0] ip binding vpn-instance vpn1 [PE1-Ethernet1/0/0] ip address 10.1.1.2 255.255.255.0 [PE1-Ethernet1/0/0] quit [PE1] ip vpn-instance vpn2 [PE1-vpn-instance-vpn2] route-distinguisher 2:2 [PE1-vpn-instance-vpn2] vpn-target 2:2 export-extcommunity [PE1-vpn-instance-vpn2] vpn-target 2:2 import-extcommunity [PE1-vpn-instance-vpn2] quit [PE1] interface ethernet2/0/0 [PE1-Ethernet2/0/0] undo shutdown [PE1-Ethernet2/0/0] ip binding vpn-instance vpn2 [PE1-Ethernet2/0/0] ip address 40.1.1.2 255.255.255.0 [PE1-Ethernet2/0/0] return
6-48
Issue 03 (2008-09-22)
<PE2> system-view [PE2] ip vpn-instance vpn1 [PE2-vpn-instance-vpn1] route-distinguisher 1:1 [PE2-vpn-instance-vpn1] vpn-target 1:1 export-extcommunity [PE2-vpn-instance-vpn1] vpn-target 1:1 import-extcommunity [PE2-vpn-instance-vpn1] quit [PE2] interface ethernet1/0/0 [PE2-Ethernet1/0/0] undo shutdown [PE2-Ethernet1/0/0] ip binding vpn-instance vpn1 [PE2-Ethernet1/0/0] ip address 20.1.1.2 255.255.255.0 [PE2-Ethernet1/0/0] quit [PE2] ip vpn-instance vpn2 [PE2-vpn-instance-vpn2] route-distinguisher 2:2 [PE2-vpn-instance-vpn2] vpn-target 2:2 export-extcommunity [PE2-vpn-instance-vpn2] vpn-target 2:2 import-extcommunity [PE2-vpn-instance-vpn2] quit [PE2] interface ethernet2/0/0 [PE2-Ethernet2/0/0] undo shutdown [PE2-Ethernet2/0/0] ip binding vpn-instance vpn2 [PE2-Ethernet2/0/0] ip address 30.1.1.2 255.255.255.0 [PE2-Ethernet2/0/0] return
# Set up EBGP peer relationship between PE1, CE1, and CE2, and that between PE2, CE3, and CE4.
<CE1> system-view [CE1] bgp 100 [CE1-bgp] peer 10.1.1.2 as-number 500 [CE1-bgp] import-route direct [CE1-bgp] quit <CE2> system-view [CE2] bgp 200 [CE2-bgp] peer 40.1.1.2 as-number 500 [CE2-bgp] import-route direct [CE2-bgp] quit <PE1> system-view [PE1] bgp 500 [PE1-bgp] ipv4-family vpn-instance vpn1 [PE1-bgp-vpn1] peer 10.1.1.1 as-number 100 [PE1-bgp-vpn1] import-route direct [PE1-bgp-vpn1] quit [PE1-bgp] ipv4-family vpn-instance vpn2 [PE1-bgp-vpn2] peer 40.1.1.1 as-number 200 [PE1-bgp-vpn2] import-route direct [PE1-bgp-vpn2] return <CE3> system-view [CE3] bgp 300 [CE3-bgp] peer 30.1.1.2 as-number 500 [CE3-bgp] import-route direct [CE3-bgp] quit <CE4> system-view [CE4] bgp 400 [CE4-bgp] peer 20.1.1.2 as-number 500 [CE4-bgp] import-route direct [CE4-bgp] quit <PE2> system-view [PE2] bgp 500 [PE2-bgp] ipv4-family vpn-instance vpn1 [PE2-bgp-vpn1] peer 20.1.1.1 as-number 400 [PE2-bgp-vpn1] import-route direct [PE2-bgp-vpn1] quit [PE2-bgp] ipv4-family vpn-instance vpn2 [PE2-bgp-vpn1] peer 30.1.1.1 as-number 300 [PE2-bgp-vpn1] import-route direct [PE2-bgp-vpn1] return
After the configuration, CE1 and CE4 can ping through each other; CE2 and CE3 can ping through each other; two CEs in different VPNs cannot ping through each other.
Issue 03 (2008-09-22)
6-49
2.
Configure a routing policy on PE1 for sending routes and advertise the routing policy through BGP. # On PE1, configure the routing policy so that the routes sent from 10.1.1.0 carry the community attribute 10:10.
<PE1> system-view [PE1] ip ip-prefix [PE1] route-policy [PE1-route-policy] [PE1-route-policy] [PE1-route-policy] aa index 10 permit 10.1.1.0 24 aa permit node 10 if-match ip-prefix aa apply community 10:10 return
# On PE1, apply the routing policy to the routes sent out by VPN1 instance and advertise the routing policy to its peer.
<PE1> system-view [PE1] ip vpn-instance vpn1 [PE1-vpn-instance-vpn1] export route-policy aa [PE1-vpn-instance-vpn1] return
# Configure PE1 to advertise the community attribute to its peer. By default, PE1 does not advertise the community attribute to the peer.
<PE1> system-view [PE1] bgp 500 [PE1-bgp] ipv4-family vpnv4 [PE1-bgp-af-vpnv4] peer 22.22.22.22 advertise-community [PE1-bgp-af-vpnv4] return
3.
On PE2, configure the routing policy for the received route. Create the traffic behavior for the routes that match the community attribute. # Create the traffic behavior for the routes that match the community attribute.
<PE2> system-view [PE2] traffic behavior dd [PE2-behavior-dd] car cir 30000 yellow pass red discard [PE2-behavior-dd] return
NOTE
# On PE2, create a routing policy to apply the traffic behavior to the received routes that match the community attribute 10:10.
<PE2> system-view [PE2] ip community-filter 10 permit 10:10 [PE2] route-policy bb permit node 10 [PE2-route-policy] if-match community-filter 10 [PE2-route-policy] apply behavior dd [PE2-route-policy] return
# On PE2, apply the routing policy to the received route of the VPN instance.
<PE2> system-view [PE2] ip vpn-instance vpn1 [PE2-vpn-instance-vpn1] import route-policy bb [PE2-vpn-instance-vpn1] return
# Run the display bgp vpnv4 all routing-table command on PE2. The community attribute of routes sent from 10.1.1.0/24 is 10:10.
[PE2] display bgp vpnv4 all routing-table 10.1.1.0 BGP local router ID : 22.22.22.22 Local AS number : 500 Total routes of Route Distinguisher(1:1): 1 BGP routing table entry information of 10.1.1.0/24: Label information (Received/Applied): 15361/NULL From: 11.11.11.11 (11.11.11.11) Original nexthop: 11.11.11.11 Community:<10:10> Ext-Community: <1 : 1>
6-50
Issue 03 (2008-09-22)
Convergence Priority: 0 AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, intern al, best, pre 255 Not advertised to any peer yet Total routes of vpn-instance vpn1: 1 BGP routing table entry information of 10.1.1.0/24: Label information (Received/Applied): 15361/NULL From: 11.11.11.11 (11.11.11.11) Relay Nexthop: 0.0.0.0 Original nexthop: 11.11.11.11 Community:<10:10> Ext-Community: <1 : 1> Convergence Priority: 0 AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, intern al, best, pre 255 Advertised to such 1 peers: 20.1.1.1
4.
On the inbound interface Ethernet 1/0/0 of PE2, apply QPPB to the traffic from CE4.
<PE2> system-view [PE2]interface ethernet1/0/0 [PE2-Ethernet1/0/0] qppb-policy behavior destination [PE2-Ethernet1/0/0] return
5.
Verify the configuration. # On PE2, display the FIB information of the VPN. If the configuration succeeds, you can see that the value of the QosInfo in the output information is 0x20000001.
[PE2] display fib vpn-instance vpn1 10.1.1.0 verbose Route Entry Count: 1 Destination: 10.1.1.0 Mask : 255.255.255.0 Nexthop : 11.11.11.11 OutIf : POS3/0/0 LocalAddr : 100.1.1.2 LocalMask: 0.0.0.0 Flags : DGU Age : 2227sec ATIndex : 0 Slot : 3 LspFwdFlag : 1 LspToken : 0x76002001 InLabel : 15360 OriginAs : 100 BGPNextHop : 11.11.11.11 PeerAs : 100 QosInfo : 0x20000001 OriginQos: 0x0 NexthopBak : 0.0.0.0 OutIfBak : [No Intf] LspTokenBak: 0x0 InLabelBak : NULL LspToken_ForInLabelBak : 0x0 EntryRefCount : 1 rt_ulVlanId : 0x0 rt_ulVlinkBak : NULL
Configuration Files
l


# sysname CE2
Issue 03 (2008-09-22)
6-51

# interface Ethernet2/0/0 undo shutdown ip address 40.1.1.1 255.255.255.0 # bgp 200 peer 40.1.1.2 as-number 500 # undo synchronization import-route direct peer 40.1.1.2 enable # return l



# sysname PE1 # ip vpn-instance vpn1 route-distinguisher 1:1 export route-policy aa vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity # ip vpn-instance vpn2 route-distinguisher 2:2 vpn-target 2:2 export-extcommunity vpn-target 2:2 import-extcommunity # mpls lsr-id 11.11.11.11 mpls # mpls ldp # interface Ethernet1/0/0 undo shutdown
6-52
Issue 03 (2008-09-22)

ip binding vpn-instance vpn1 ip address 10.1.1.2 255.255.255.0 # interface Ethernet2/0/0 undo shutdown ip binding vpn-instance vpn2 ip address 40.1.1.2 255.255.255.0 # interface Pos3/0/0 undo shutdown link-protocol ppp ip address 100.1.1.1 255.255.255.0 mpls mpls ldp # interface LoopBack0 ip address 11.11.11.11 255.255.255.255 # bgp 500 peer 22.22.22.22 as-number 500 peer 22.22.22.22 connect-interface LoopBack0 # ipv4-family unicast undo synchronization peer 22.22.22.22 enable # ipv4-family vpnv4 policy vpn-target peer 22.22.22.22 enable peer 22.22.22.22 advertise-community # ipv4-family vpn-instance vpn1 peer 10.1.1.1 as-number 100 import-route direct # ospf 10 area 0.0.0.0 network 100.1.1.0 0.0.0.255 network 11.11.11.11 0.0.0.0 # route-policy aa permit node 10 if-match ip-prefix aa apply community 10:10 # ip ip-prefix aa index 10 permit 10.1.1.0 24 # return l

# sysname PE2 # ip vpn-instance vpn1 route-distinguisher 1:1 import route-policy bb vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity # ip vpn-instance vpn2 route-distinguisher 2:2 vpn-target 2:2 export-extcommunity vpn-target 2:2 import-extcommunity # mpls lsr-id 22.22.22.22 mpls # mpls ldp # traffic behavior dd car cir 30000 green pass yellow pass red discard
Issue 03 (2008-09-22)
6-53
# interface Ethernet1/0/0 undo shutdown ip binding vpn-instance vpn1 ip address 20.1.1.1 255.255.255.0 qppb-policy behavior destination # interface Ethernet2/0/0 undo shutdown ip binding vpn-instance vpn2 ip address 30.1.1.2 255.255.255.0 # interface Pos3/0/0 undo shutdown link-portocol ppp ip address 110.1.1.2 255.255.255.0 mpls mpls ldp # interface LoopBack0 ip address 22.22.22.22 255.255.255.255 # bgp 500 peer 11.11.11.11 as-number 500 peer 11.11.11.11 connect-interface LoopBack0 # ipv4-family unicast undo synchronization peer 11.11.11.11 enable # ipv4-family vpnv4 policy vpn-target peer 11.11.11.11 enable # ipv4-family vpn-instance vpn1 peer 20.1.1.1 as-number 400 import-route direct # ospf 10 area 0.0.0.0 network 110.1.1.0 0.0.0.255 network 22.22.22.22 0.0.0.0 # route-policy bb permit node 10 if-match community-filter 10 apply behavior dd # ip community-filter 10 permit 10:10 # return l

# sysname P # mpls lsr-id 33.33.33.33 mpls # mpls ldp # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.1.1.2 255.255.255.0 mpls mpls ldp # interface Pos2/0/0 undo shutdown link-protocol ppp
6-54
Issue 03 (2008-09-22)

ip address 110.1.1.1 255.255.255.0 mpls mpls ldp # interface LoopBack0 ip address 33.33.33.33 255.255.255.255 # ospf 1 area 0.0.0.0 network 100.1.1.0 0.0.0.255 network 110.1.1.0 0.0.0.255 network 33.33.33.33 0.0.0.0 # Return
6.5.3 Example for Configuring a Hierarchical Resource Reserved L3VPN

As shown in Figure 6-10, CE1 and CE2 are in VPN A, and CE3 and CE4 are in VPN B. VPN A and VPN B share the same MPLS TE tunnel that connects the public edge routers PE1 and PE2. You are required to reserve bandwidths for packets from VPN A and VPN B that go through the MPLS TE tunnel, and for packets of different services within a VPN. In addition, the bandwidth resources are reserved. OSPF is used as the IGP on the MPLS backbone network. VPN A and VPN B are configured with L3VPN services. The specific requirements are as follows:
l
Use RSVP-TE to establish an MPLS TE tunnel that connects PE1 and PE2. The tunnel carries L3VPN services. The bandwidth of the tunnel is 100 Mbit/s. The maximum bandwidth of the links along the tunnel is 200 Mbit/s and the maximum reservable bandwidth is 120 Mbit/s. VPN A is guaranteed with a bandwidth of 50 Mbit/s in the MPLS TE tunnel. The VoIP packets of VPN A are forwarded in the traffic type of EF and are guaranteed with a bandwidth of 12 Mbit/s. The video packets of VPN A are forwarded in the traffic type of AF4 and guaranteed with a bandwidth of 8 Mbit/s. The important data packets of VPN A are forwarded in the traffic type of AF3 and are guaranteed with a bandwidth of 5 Mbit/s. VPN B is guaranteed with a bandwidth of 30 Mbit/s in the MPLS TE tunnel. The voice packets in VPN B are forwarded in the traffic type of EF and are guaranteed with a bandwidth of 10 Mbit/s. Other service packets share the remaining bandwidth for packets of VPN B according to the default settings of the system. The packets from VPN A and VPN B are forwarded in the Uniform model in the MPLS TE tunnel. On the outbound interface of the MPLS domain, the packets are scheduled according to the DSCP priorities that are mapped from the EXP priorities.
Issue 03 (2008-09-22)
6-55
Figure 6-10 Networking diagram for configuring a hierarchical resource reserved L3VPN
The configuration roadmap is as follows: 1. 2. 3. 4. 5. 6. Configure the IP addresses and routes for the interfaces to ensure they can interwork at the network layer. Configure an MPLS TE tunnel between the PEs. Create a tunnel interface on the PE1 side only (because the MPLS TE tunnel is unidirectional). Configure L3VPN services. Configure the simple traffic classification: trusting DSCP values carried by the upstream packets. Configure that the traffic in the MPLS TE tunnel from VPN A and VPN B is applied with the Uniform model . Configure reserved resources and guaranteed bandwidths for the traffic from VPN A and VPN B.
NOTE
The hierarchical resource reserved L3VPN is configured on an ingress PE device. After the specified configuration, you can further configure interface-specific HQoS on the interface of the network side or the user side on the egress PE device so that HQoS is applied to the traffic going out of an MPLS network. In this example, resource separation is applied only to the VPN data coming from PE1 to PE2. Network traffic is bi-directional; therefore, you can configure hierarchical resource reserved L3VPN for the opposite traffic on the peer PE.
Data Preparation
l l
IP addresses of the interfaces MPLS LSR IDs on the PE and P devices, maximum usable bandwidth of the physical link along the MPLS TE tunnel, and the maximum reservable bandwidth
6-56

l
Tunnel interfaces, MPLS TE tunnel encapsulation protocol, tunnel ID, and RSVP tunnel signaling Name and VPN-target of the VPN instance Service types and colors of the packets from VPN A and VPN B for label mapping at the ingress of the MPLS TE tunnel Guaranteed bandwidths and scheduling parameters for flow queues that accept non-VPN packets from VPN A, VPN B, and the MPLS TE tunnel Bandwidth limits for VPN A, VPN B, and MPLS TE
l l
1. Configure the IP addresses of the interfaces on the MPLS backbone network and the IGP (OSPF) to ensure that PE1, P, and PE2 can interwork. # Configure PE1.
<PE1> system-view [PE1] interface loopback 1 [PE1-LoopBack1] ip address 1.1.1.9 32 [PE1-LoopBack1] quit [PE1] interface pos 1/0/0 [PE1-Pos1/0/0] undo shutdown [PE1-Pos1/0/0] ip address 100.1.1.1 24 [PE1-Pos1/0/0] quit [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 100.1.1.0 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] return
# Configure the P device.

 system-view [P] interface loopback 1 [P-LoopBack1] ip address 3.3.3.9 32 [P-LoopBack1] quit [P] interface pos 1/0/0 [P-Pos1/0/0] undo shutdown [P-Pos1/0/0] ip address 100.1.1.2 24 [P-Pos1/0/0] quit [P] interface pos 2/0/0 [P-Pos2/0/0] undo shutdown [P-Pos2/0/0] ip address 200.1.1.1 24 [P-Pos2/0/0] quit [P] ospf [P-ospf-1] area 0 [P-ospf-1-area-0.0.0.0] network 100.1.1.0 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 200.1.1.0 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0 [P-ospf-1-area-0.0.0.0] return
# Configure PE2.
<PE2> system-view [PE2] interface loopback 1 [PE2-LoopBack1] ip address 2.2.2.9 32 [PE2-LoopBack1] quit [PE2] interface pos 1/0/0 [PE2-Pos1/0/0] undo shutdown [PE2-Pos1/0/0] ip address 200.1.1.2 24 [PE2-Pos1/0/0] quit [PE2] ospf [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 200.1.1.0 0.0.0.255 [PE2-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] return
Issue 03 (2008-09-22)
6-57
After the configuration, the OSPF adjacency is established among PE1, P, and PE2. Using the display ospf peer command, you should find that the adjacency state is Full. Running the display ip routing-table command, you should find that the PEs have learnt the loopback1 routes from each other. The following is the display on PE1:
[PE1] display ip routing-table Route Flags: R - relied, D - download to fib -----------------------------------------------------------------------------Routing Tables: Public Destinations : 9 Routes : 9 Destination/Mask Proto Pre Cost Flags NextHop Interface 1.1.1.9/32 Direct 0 0 D 127.0.0.1 InLoopBack1 2.2.2.9/32 OSPF 10 2 D 100.1.1.2 POS1/0/0 3.3.3.9/32 OSPF 10 3 D 100.1.1.2 POS1/0/0 100.1.1.0/24 Direct 0 0 D 100.1.1.1 POS1/0/0 100.1.1.1/32 Direct 0 0 D 127.0.0.1 InLoopBack1 100.1.1.2/32 Direct 0 0 D 100.1.1.2 POS1/0/0 200.1.1.0/24 OSPF 10 2 D 100.1.1.2 POS1/0/0 [PE1] display ospf peer OSPF Process 1 with Router ID 1.1.1.9 Neighbors Area 0.0.0.0 interface 100.1.1.1(POS1/0/0)'s neighbors Router ID: 3.3.3.9 Address: 100.1.1.2 GR State: Normal State: Full Mode:Nbr is Master Priority: 1 DR: None BDR: None MTU: 1500 Dead timer due in 38 sec Neighbor is up for 00:02:44 Authentication Sequence: [ 0 ]
2.
Configure MPLS TE. Configure the basic MPLS functions on the MPLS backbone network.
l
Configure PE1.
<PE1> system-view [PE1] mpls lsr-id 1.1.1.9 [PE1] mpls [PE1-mpls] quit
Configure the P.
 system-view [P] mpls lsr-id 3.3.3.9 [P] mpls [P-mpls] quit
Configure PE2.
<PE2> system-view [PE2] mpls lsr-id 2.2.2.9 [PE2] mpls [PE2-mpls] quit
# Enable MPLS TE, RSVP-TE, CSPF, and OSPF TE.

l
Configure PE1.
<PE1> system-view [PE1] mpls [PE1-mpls] mpls te [PE1-mpls] mpls rsvp-te [PE1-mpls] mpls te cspf [PE1-mpls] quit [PE1] interface pos 1/0/0 [PE1-Pos1/0/0] mpls te [PE1-Pos1/0/0] mpls rsvp-te [PE1-Pos1/0/0] quit [PE1] ospf [PE1-ospf-1] opaque-capability enable [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] mpls-te enable
6-58
Issue 03 (2008-09-22)

[PE1-ospf-1-area-0.0.0.0] return l
Configure the P.
 system-view [P] mpls [P-mpls] mpls te [P-mpls] mpls rsvp-te [P-mpls] mpls te cspf [P-mpls] quit [P] interface pos 1/0/0 [P-Pos1/0/0] mpls te [P-Pos1/0/0] mpls rsvp-te [P-Pos1/0/0] quit [P] interface pos 2/0/0 [P-Pos2/0/0] mpls te [P-Pos2/0/0] mpls rsvp-te [P-Pos2/0/0] quit [P] ospf [P-ospf-1] opaque-capability enable [P-ospf-1] area 0 [P-ospf-1-area-0.0.0.0] mpls-te enable [P-ospf-1-area-0.0.0.0] return
Configure PE2.
<PE2> system-view [PE2] mpls [PE2-mpls] mpls te [PE2-mpls] mpls rsvp-te [PE2-mpls] mpls te cspf [PE2-mpls] quit [PE2] interface pos 1/0/0 [PE2-Pos1/0/0] mpls te [PE2-Pos1/0/0] mpls rsvp-te [PE2-Pos1/0/0] quit [PE2] ospf [PE2-ospf-1] opaque-capability enable [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] mpls-te enable [PE2-ospf-1-area-0.0.0.0] return
# Configure the maximum usable bandwidth for the physical link along the MPLS TE tunnel and the maximum reservable bandwidth.
NOTE
When you configure an MPLS TE tunnel, you need to specify the maximum usable bandwidth for the physical link and the maximum reservable bandwidth; then you also need to specify the bandwidth of the tunnel. The maximum reservable bandwidth of the physical link should not exceed the maximum usable bandwidth. The bandwidth of a tunnel should not exceed the maximum reservable bandwidth for the physical link.
l
Configure PE1.
<PE1> system-view [PE1] interface pos 1/0/0 [PE1-Pos1/0/0] mpls te max-link-bandwidth 200000 [PE1-Pos1/0/0] mpls te max-reservable-bandwidth 120000 [PE1-Pos1/0/0] return
Configure the P.
 system-view [P] interface pos [P-Pos1/0/0] mpls [P-Pos1/0/0] mpls [P-Pos1/0/0] quit [P] interface pos [P-Pos2/0/0] mpls [P-Pos2/0/0] mpls 1/0/0 te max-link-bandwidth 200000 te max-reservable-bandwidth 120000 2/0/0 te max-link-bandwidth 200000 te max-reservable-bandwidth 120000
Issue 03 (2008-09-22)
6-59

[P-Pos2/0/0] return l
Configure PE2.
Configure the MPLS TE tunnel on PE1.

<PE1> system-view [PE1] interface tunnel 1/0/0 [PE1-Tunnel1/0/0] ip address unnumbered interface loopback 1 [PE1-Tunnel1/0/0] tunnel-protocol mpls te [PE1-Tunnel1/0/0] destination 2.2.2.9 [PE1-Tunnel1/0/0] mpls te tunnel-id 100 [PE1-Tunnel1/0/0] mpls te signal-protocol rsvp-te [PE1-Tunnel1/0/0] mpls te commit [PE1-Tunnel1/0/0] return
NOTE
In this example, the MPLS TE tunnel is configured only in the direction from PE1 to PE2. If an MPLS TE tunnel is bi-directional, you also need to configure the MPLS TE tunnel on PE2.
After the preceding configuration, run the display interface tunnel command and you can find that the state of the interface is Up.
[PE1] display interface tunnel Tunnel6/0/0 current state : UP Line protocol current state : UP Last up time: 2007-10-31, 15:19:53 Description:HUAWEI, Quidway Series, Tunnel1/0/0 Interface Route Port,The Maximum Transmit Unit is 1500 Internet Address is unnumbered, using address of LoopBack1(1.1.1.9/32) Encapsulation is TUNNEL, loopback not set Tunnel destination 2.2.2.9 Tunnel up/down statistics 1 Tunnel protocol/transport MPLS/MPLS, ILM is available, primary tunnel id is 0x40c18000, secondary tunnel id is 0x0 300 minutes output rate 0 bytes/sec, 0 packets/sec 0 packets output, 0 bytes 0 output error
Run the display mpls te tunnel-interface command on PE1 and you can view detailed information about the tunnel.
<PE1> display mpls te tunnel-interface Tunnel Name : Tunnel1/0/0 Tunnel Desc : HUAWEI, Quidway Series, Tunnel State Desc : CR-LSP is Up Tunnel Attributes : LSP ID : 1.1.1.9:1 Session ID : 100 Admin State : UP Ingress LSR ID : 1.1.1.9 Signaling Protocol : RSVP Class Type : CLASS 0 Reserved BW : 1200 kbps Setup Priority : 7 Hop Limit : Secondary Hop Limit : BestEffort Hop Limit: Affinity Prop/Mask : 0x0/0x0 Explicit Path Name : Secondary Affinity Prop/Mask: 0x0/0x0 Secondary Explicit Path Name: BestEffort Affinity Prop/Mask: 0x0/0x0 Tie-Breaking Policy : None Metric Type : None Record Route : Disabled Tunnel1/0/0 Interface
Oper State : Egress LSR ID: Resv Style : Tunnel BW : Hold Priority:
UP 2.2.2.9 SE 0 kbps 7
Record Label :
Disabled
6-60
Issue 03 (2008-09-22)

FRR Flag : Disabled BackUpBW Type : Route Pinning : Disabled Retry Limit : 5 Reopt : Disabled Back Up Type : None Back Up LSPID : Auto BW : Disabled Min BW : Current Collected BW: Interfaces Protected: ACL Bind Value : VRF Bind Value : L2VPN Bind Value : Car Policy : Disabled Tunnel Group : Primary Primary Tunnel Sum : Primary Tunnel : Backup Tunnel : IPTN InLabel : Group Status : Up Oam Status : Up Bfd Capability : None BestEffort : Disabled IsBestEffortPath: Non-existent

BackUpBW Flag: BackUpBW : Not Supported -
Retry Interval: 10 sec Reopt Freq : Auto BW Freq : Max BW : -
Running the display mpls te cspf tedb all command on PE1, you can view the link information about TEDB.
[PE1] display mpls te cspf tedb all Maximum Node Supported: 2048 Maximum Link Supported: 8192 Current Total Node Number: 3 Current Total Link Number: 4 ID Router-ID IGP Process-ID Area Link-Count 1 3.3.3.9 OSPF 1 0 2 2 1.1.1.9 OSPF 1 0 1 3 2.2.2.9 OSPF 1 0 1
3.
Configure L3VPN. # Configure VPN instances on PEs and bind them to the interfaces that connect CEs.
l
Configure CE1.
<CE1> system-view [CE1] interface gigabitethernet 1/0/0 [CE1-GigabitEthernet1/0/0] undo shutdown [CE1-GigabitEthernet1/0/0] ip address 10.1.1.1 255.255.255.0 [CE1-GigabitEthernet1/0/0] return
Configure CE3.
Configure VPN instances on PE1.

<PE1> system-view [PE1] ip vpn-instance vpna [PE1-vpn-instance-vpna] route-distinguisher 1:1 [PE1-vpn-instance-vpna] vpn-target 1:1 export-extcommunity [PE1-vpn-instance-vpna] vpn-target 1:1 import-extcommunity [PE1-vpn-instance-vpna] quit [PE1] interface gigabitethernet2/0/0 [PE1-GigabitEthernet2/0/0] undo shutdown [PE1-GigabitEthernet2/0/0] ip binding vpn-instance vpna [PE1-GigabitEthernet2/0/0] ip address 10.1.1.2 255.255.255.0 [PE1-GigabitEthernet2/0/0] quit [PE1] ip vpn-instance vpnb [PE1-vpn-instance-vpnb] route-distinguisher 2:2 [PE1-vpn-instance-vpnb] vpn-target 2:2 export-extcommunity [PE1-vpn-instance-vpnb] vpn-target 2:2 import-extcommunity
Issue 03 (2008-09-22)
6-61

[PE1-vpn-instance-vpnb] quit [PE1] interface gigabitethernet3/0/0 [PE1-GigabitEthernet3/0/0] undo shutdown [PE1-GigabitEthernet3/0/0] ip binding vpn-instance vpnb [PE1-GigabitEthernet3/0/0] ip address 10.3.1.2 255.255.255.0 [PE1-GigabitEthernet3/0/0] return
Configure CE2.
Configure CE4.

<PE2> system-view [PE2] ip vpn-instance vpna [PE2-vpn-instance-vpna] route-distinguisher 1:1 [PE2-vpn-instance-vpna] vpn-target 1:1 export-extcommunity [PE2-vpn-instance-vpna] vpn-target 1:1 import-extcommunity [PE2-vpn-instance-vpna] quit [PE2] interface gigabitethernet2/0/0 [PE2-GigabitEthernet2/0/0] undo shutdown [PE2-GigabitEthernet2/0/0] ip binding vpn-instance vpna [PE2-GigabitEthernet2/0/0] ip address 10.2.1.2 255.255.255.0 [PE2-GigabitEthernet2/0/0] quit [PE2] ip vpn-instance vpnb [PE2-vpn-instance-vpnb] route-distinguisher 2:2 [PE2-vpn-instance-vpnb] vpn-target 2:2 export-extcommunity [PE2-vpn-instance-vpnb] vpn-target 2:2 import-extcommunity [PE2-vpn-instance-vpnb] quit [PE2] interface gigabitethernet3/0/0 [PE2-GigabitEthernet3/0/0] undo shutdown [PE2-GigabitEthernet3/0/0] ip binding vpn-instance vpnb [PE2-GigabitEthernet3/0/0] ip address 10.4.1.2 255.255.255.0 [PE2-GigabitEthernet3/0/0] return
After the preceding configuration, run the display ip vpn-instance verbose command on a PE and you can view the configurations of the VPN instances. The following is the display on PE1:
[PE1] display ip vpn-instance verbose Total VPN-Instances configured : 2 VPN-Instance Name and ID : vpna, 1 Create date : 2007/07/21 11:30:35 Up time : 0 days, 00 hours, 05 minutes and 19 seconds Route Distinguisher : 1:1 Export VPN Targets : 1:1 Import VPN Targets : 1:1 Label policy: label per route The diffserv-mode Information is : uniform The ttl-mode Information is : pipe Interfaces : GigabitEthernet2/0/0 VPN-Instance Name and ID : vpnb, 2 Create date : 2007/07/21 11:31:18 Up time : 0 days, 00 hours, 04 minutes and 36 seconds Route Distinguisher : 2:2 Export VPN Targets : 2:2 Import VPN Targets : 2:2 The diffserv-mode Information is : uniform The ttl-mode Information is : pipe Interfaces : GigabitEthernet3/0/0
6-62
Issue 03 (2008-09-22)
On a PE, you can ping through the connected CEs. # Establish an IBGP adjacency between PE1 and PE2.
l
Configure PE1
<PE1> system-view [PE1] bgp 500 [PE1-bgp] peer 2.2.2.9 as-number 500 [PE1-bgp] peer 2.2.2.9 connect-interface loopback1 [PE1-bgp] ipv4-family vpnv4 [PE1-bgp-af-vpnv4] peer 2.2.2.9 enable [PE1-bgp-af-vpnv4] return
Configure PE2
<PE2> system-view [PE2] bgp 500 [PE2-bgp] peer 1.1.1.9 as-number 500 [PE2-bgp] peer 1.1.1.9 connect-interface LoopBack1 [PE2-bgp] ipv4-family vpnv4 [PE2-bgp-af-vpnv4] peer 1.1.1.9 enable [PE2-bgp-af-vpnv4] return
# Establish an EBGP adjacency between PE1 and CE1, PE1 and CE3, PE2 and CE2, and PE2 and CE4.
l
Configure CE1.
<CE1> system-view [CE1] bgp 100 [CE1-bgp] peer 10.1.1.2 as-number 500 [CE1-bgp] import-route direct [CE1-bgp] quit
Configure CE3.
Configure PE1.
<PE1> system-view [PE1] bgp 500 [PE1-bgp] ipv4-family vpn-instance vpna [PE1-bgp-vpna] peer 10.1.1.1 as-number 100 [PE1-bgp-vpna] import-route direct [PE1-bgp-vpna] quit [PE1-bgp] ipv4-family vpn-instance vpnb [PE1-bgp-vpnb] peer 10.3.1.1 as-number 300 [PE1-bgp-vpnb] import-route direct [PE1-bgp-vpnb] return
Configure CE2.
Configure CE4.
Configure PE2.
<PE2> system-view [PE2] bgp 500 [PE2-bgp] ipv4-family vpn-instance vpna
Issue 03 (2008-09-22)
6-63

[PE2-bgp-vpna] peer 10.2.1.1 as-number 200 [PE2-bgp-vpna] import-route direct [PE2-bgp-vpna] quit [PE2-bgp] ipv4-family vpn-instance vpnb [PE2-bgp-vpnb] peer 10.4.1.1 as-number 400 [PE2-bgp-vpnb] import-route direct [PE2-bgp-vpnb] return
After the proceeding configuration, run the display bgp peer and display bgp vpnv4 peer command on a PE, you can find that BGP peer relations between PEs, and between PEs and CEs have been established: The state should be Established. The following is the display on PE1:
[PE1] display bgp peer BGP local router ID : 1.1.1.9 Local AS number : 500 Total number of peers : 1 Peers in established state : 1 Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv 2.2.2.9 4 500 3 3 0 00:00:11 Established 0 [PE1] display bgp vpnv4 all peer BGP local router ID : 1.1.1.9 Local AS number : 500 Total number of peers : 3 Peers in established state : 3 Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv 2.2.2.9 4 500 12 18 0 00:09:38 Established 0 Peer of vpn instance: vpn instance vpna : 10.1.1.1 4 100 25 25 0 00:17:57 Established 1 vpn instance vpnb : 10.3.1.1 4 300 21 22 0 00:17:10 Established 1
CE1 can ping through CE2; CE3 can ping through CE4. CEs in different VPNs cannot ping through each other. 4. Configure a tunnel policy: specifying that VPNs communicate through the MPLS TE tunnel and applying the tunnel policy to the VPN instances.
<PE1> system-view [PE1] tunnel-policy policy1 [PE1-tunnel-policy-policy1] tunnel binding destination 2.2.2.9 te tunnel 1/0/0 [PE1-tunnel-policy-policy1] quit [PE1] ip vpn-instance vpna [PE1-vpn-instance-vpna] tnl-policy policy1 [PE1-vpn-instance-vpna] quit [PE1] ip vpn-instance vpnb [PE1-vpn-instance-vpnb] tnl-policy policy1 [PE1-vpn-instance-vpnb] return
NOTE
In this example, the TE tunnel is configured only in the direction from PE1 to PE2. If an MPLS TE tunnel is bi-directional, you also need to configure the tunnel policy on PE2 and apply it to the VPN instances.
Run the display mpls forwarding-table command on PE1, you can find an LSP destined for 2.2.2.9/32 in the MPLS forwarding table.
[PE1] display mpls forwarding-table Fec Outlabel Out-IF 3.3.3.9/32 3 POS1/0/0 2.2.2.9/32 1025 POS1/0/0 Nexthop 100.1.1.2 100.1.1.2 LspIndex 30735 30743
Running the display tunnel-info all command on PE1, you can find an MPLS TE tunnel destined for 2.2.2.9 has been established on PE1.
[PE1] display tunnel-info all * -> Allocated VC Token Tunnel ID Type Destination Token ---------------------------------------------------------------------0x1808027 lsp 3.3.3.9 39
6-64
Issue 03 (2008-09-22)

0x1808028 0x1808029 0x180802a 0x180802b 0x180802c 0x180802d 0x61818003 0x41818005 0x41818006 lsp lsp lsp lsp lsp lsp cr lsp lsp lsp 20.20.20.9 30.30.30.9 ----2.2.2.9 ---

40 41 42 43 44 45 32771 32773 32774
5.
Configure the simple traffic classification on the inbound interface of PE1: trusting the DSCP values of upstream IP packets.
<PE1> system-view [PE1] interface gigabitethernet 2/0/0 [PE1-GigabitEthernet2/0/0] trust upstream default [PE1-GigabitEthernet2/0/0] quit [PE1] interface gigabitethernet 3/0/0 [PE1-GigabitEthernet3/0/0] trust upstream default [PE1-GigabitEthernet3/0/0] return
NOTE
Although the L3VPN is configured to support the Short Pipe model, it is recommended that you enable the simple traffic classification. The reason is that the egress PE performs queue scheduling according to the original DSCP values.
6.
Configure flow queues on PE1 for non-VPN packets from VPN A, VPN B, and the MPLS TE tunnel. # Configure a WRED object referenced by a flow queue.
<PE1> system-view [PE1] flow-wred test [PE1-flow-wred-test] 100 [PE1-flow-wred-test] percentage 100 [PE1-flow-wred-test] 100 [PE1-flow-wred-test] color green low-limit 30 high-limit 50 discard-percentage color yellow low-limit 20 high-limit 40 discardcolor red low-limit 10 high-limit 30 discard-percentage return
# Configure the scheduling algorithms, WRED parameters, and shaping values for flow queues.
<PE1> system-view [PE1] flow-queue vpna [PE1-flow-queue-template-vpna] queue ef pq flow-wred test shaping 12000 [PE1-flow-queue-template-vpna] queue af4 wfq weight 15 flow-wred test shaping 8000 [PE1-flow-queue-template-vpna] queue af3 wfq weight 10 flow-wred test shaping 5000 [PE1-flow-queue-template-vpna] quit [PE1] flow-queue vpnb [PE1-flow-queue-template-vpnb] queue ef pq flow-wred test shaping 10000 [PE1-flow-queue-template-vpnb] quit [PE1] flow-queue te [PE1-flow-queue-template-te] queue ef pq flow-wred test shaping 25000 [PE1-flow-queue-template-te] queue af4 wfq weight 15 flow-wred test shaping 15000 [PE1-flow-queue-template-te] queue af3 wfq weight 10 flow-wred test shaping 10000 [PE1-flow-queue-template-te] return
7.
Configure DiffServ models supported by L3VPNs.

<PE1> system-view [PE1] ip vpn-instance vpna [PE1-vpn-instance-vpna] diffserv-mode uniform [PE1-vpn-instance-vpna] quit [PE1] ip vpn-instance vpnb [PE1-vpn-instance-vpnb] diffserv-mode uniform [PE1-vpn-instance-vpnb] quit
Issue 03 (2008-09-22)
6-65

NOTE
l l
If the configuration of VPN supporting the Uniform model is done for the first time, you can use the default Uniform model rather than configure the model with the command. If the VPN instances on VPN have been configured to support the Pipe or Short Pipe model and now you want to configure them to support the Uniform model, you need to perform the preceding configuration.
8.
Configure class queues on the interfaces on the network side of PE1.

<PE1> system-view [PE1] interface pos 1/0/0 [PE1-Pos1/0/0] port-queue ef pq shaping 25 outbound [PE1-Pos1/0/0] port-queue af4 wfq weight 15 shaping 15 outbound [PE1-Pos1/0/0] port-queue af3 wfq weight 10 shaping 10 outbound [PE1-Pos1/0/0] return
9.
Configure a bandwidth for the MPLS TE tunnel and bind statically the VPN instances to the MPLS TE tunnel.
<PE1> system-view [PE1] interface tunnel [PE1-Tunnel1/0/0] mpls [PE1-Tunnel1/0/0] mpls [PE1-Tunnel1/0/0] mpls flow-queue vpna [PE1-Tunnel1/0/0] mpls flow-queue vpnb [PE1-Tunnel1/0/0] mpls 1/0/0 te bandwidth 100000 flow-queue te te reserved-for-binding te vpn-binding vpn-instance vpna cir 50000 pir 100000 te vpn-binding vpn-instance vpnb cir 30000 pir 100000 te commit
10. Verify the configuration. After the preceding configuration of resource reserved VPNs, run the display traffic statistics interface tunnel interface-number vpn-instance vpn-instance-namecommand and you can view the traffic information about the L3VPN. For example:
[PE1] display traffic statistics interface tunnel 1/0/0 vpn-instance vpna The RRVPN Traffic Statistics: Transit packets :239453968 Transit bytes :24918416800 Discard packets :0 Discard bytes :0 Transit packets rate:33000 packets/sec Transit bytes rate :4070000 bytes/sec
Configuration Files
l

# sysname PE1 # flow-wred test color green low-limit 30 high-limit 50 discard-percentage 100 color yellow low-limit 20 high-limit 40 discard-percentage 100 color red low-limit 10 high-limit 30 discard-percentage 100 # flow-queue vpna queue ef pq shaping 12000 flow-wred test queue af4 wfq weight 15 shaping 8000 flow-wred test queue af3 wfq weight 10 shaping 5000 flow-wred test # flow-queue vpnb queue ef pq shaping 10000 flow-wred test # flow-queue te queue ef pq shaping 25000 flow-wred test queue af4 wfq weight 15 shaping 15000 flow-wred test queue af3 wfq weight 10 shaping 10000 flow-wred test #
6-66
Issue 03 (2008-09-22)
ip vpn-instance vpna route-distinguisher 1:1 tnl-policy policy1 vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity # ip vpn-instance vpnb route-distinguisher 2:2 tnl-policy policy1 vpn-target 2:2 export-extcommunity vpn-target 2:2 import-extcommunity # mpls lsr-id 1.1.1.9 mpls mpls te mpls rsvp-te mpls te cspf # diffserv domain default # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.1.1.1 255.255.255.0 mpls mpls te mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te port-queue ef pq shaping 25 outbound port-queue af4 wfq weight 15 shaping 15 outbound port-queue af3 wfq weight 10 shaping 10 outbound # interface GigabitEthernet2/0/0 undo shutdown ip binding vpn-instance vpna ip address 10.1.1.2 255.255.255.0 trust upstream default # interface GigabitEthernet3/0/0 undo shutdown ip binding vpn-instance vpnb ip address 10.3.1.2 255.255.255.0 trust upstream default # interface LoopBack1 ip address 1.1.1.9 255.255.255.252 # interface Tunnel1/0/0 ip address unnumbered interface LoopBack1 tunnel-protocol mpls te destination 2.2.2.9 mpls te tunnel-id 100 mpls te bandwidth bc0 100000 flow-queue te mpls te reserved-for-binding mpls te vpn-binding vpn-instance vpna cir 50000 pir 100000 flow-queue vpna mpls te vpn-binding vpn-instance vpnb cir 30000 pir 100000 flow-queue vpnb mpls te commit # bgp 500 peer 2.2.2.9 as-number 500 peer 2.2.2.9 connect-interface LoopBack1 # ipv4-family unicast undo synchronization peer 2.2.2.9 enable # ipv4-family vpnv4 policy vpn-target
Issue 03 (2008-09-22)
6-67
peer 2.2.2.9 enable # ipv4-family vpn-instance vpna peer 10.1.1.1 as-number 100 import-route direct # ipv4-family vpn-instance vpnb peer 10.3.1.1 as-number 300 import-route direct # ospf 1 opaque-capability enable area 0.0.0.0 network 100.1.1.0 0.0.0.255 network 1.1.1.9 0.0.0.0 mpls-te enable # tunnel-policy policy1 tunnel binding destination 2.2.2.9 te Tunnel 1/0/0 # return l

# sysname P # mpls lsr-id 3.3.3.9 mpls mpls te mpls rsvp-te mpls te cspf # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.1.1.2 255.255.255.0 mpls mpls te mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 200.1.1.1 255.255.255.0 mpls mpls te mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te # interface LoopBack1 ip address 2.2.2.9 255.255.255.252 # domain default # ospf 1 opaque-capability enable area 0.0.0.0 network 100.1.1.0 0.0.0.255 network 200.1.1.0 0.0.0.255 network 3.3.3.9 0.0.0.0 mpls-te enable # return

# sysname PE2
6-68
Issue 03 (2008-09-22)

# ip vpn-instance vpna route-distinguisher 1:1 vpn-target 1:1 export-extcommunity vpn-target 1:1 import-extcommunity # ip vpn-instance vpnb route-distinguisher 2:2 vpn-target 2:2 export-extcommunity vpn-target 2:2 import-extcommunity # mpls lsr-id 2.2.2.9 mpls mpls te mpls rsvp-te mpls te cspf # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 200.1.1.2 255.255.255.0 mpls mpls te mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te # interface GigabitEthernet2/0/0 undo shutdown ip binding vpn-instance vpna ip address 10.2.1.2 255.255.255.0 # interface GigabitEthernet3/0/0 undo shutdown ip binding vpn-instance vpnb ip address 10.4.1.2 255.255.255.0 # interface LoopBack1 ip address 2.2.2.9 255.255.255.252 # bgp 500 peer 1.1.1.9 as-number 500 peer 1.1.1.9 connect-interface LoopBack1 # ipv4-family unicast undo synchronization peer 1.1.1.9 enable # ipv4-family vpnv4 policy vpn-target peer 1.1.1.9 enable # ipv4-family vpn-instance vpna peer 10.2.1.1 as-number 200 import-route direct # ipv4-family vpn-instance vpnb peer 10.4.1.1 as-number 300 import-route direct # domain default # ospf 1 opaque-capability enable area 0.0.0.0 network 200.1.1.0 0.0.0.255 network 2.2.2.9 0.0.0.0 mpls-te enable #
Issue 03 (2008-09-22)
6-69

return l

# sysname CE1 # interface GigabitEthernet1/0/0 undo shutdown ip address 10.1.1.1 255.255.255.0 # bgp 100 peer 10.1.1.2 as-number 500 # ipv4-family unicast undo synchronization import-route direct peer 10.1.1.2 enable # return



# sysname CE4 # interface GigabitEthernet1/0/0 undo shutdown ip address 10.4.1.1 255.255.255.0 # bgp 400 peer 10.4.1.2 as-number 500 # ipv4-family unicast undo synchronization
6-70
Issue 03 (2008-09-22)

import-route direct peer 10.4.1.2 enable # return
6.5.4 Example for Configuring a Hierarchical Resource Reserved L2VPN (VLL)

As shown in Figure 6-11, CE1 and CE2 are in VPN A, and CE3 and CE4 are in VPN B. VPN A and VPN B share the same MPLS TE tunnel that connects the public edge routers PE1 and PE2. You are required to reserve bandwidths for packets from VPN A and VPN B that go through the MPLS TE tunnel, and for packets of different services within a VPN. In addition, the bandwidth resources are reserved. You are required to separate bandwidth resources between VPN A and VPN B and provide guaranteed bandwidth resources for different types of packets within a VPN. OSPF is used as the IGP on the MPLS backbone network. CE1 and CE2 belong to the same VPLS VLL; CE3 and CE4 belong to the same VPLS VLL. The specific requirements are as follows:
l
Use the RSVP-TE to establish an MPLS TE tunnel that connects PE1 and PE2. The tunnel forwards VPLS VLL service packets. The bandwidth of the tunnel is 100 Mbit/s. The maximum bandwidth of the link along the tunnel is 200 Mbit/s and the maximum reservable bandwidth is 120 Mbit/s. CE1 connects PE1 and CE2 connects PE2. ATM cells are transparently transmitted through the network in N-to-1 VCC mode. CE3 connects PE1 and CE4 connects PE2. The connection is in VLAN mode. The data from VPN A is ATM cells. Configure forcible traffic classification for ATM on the inbound interface of PE1. The packets of VPN A in the MPLS TE tunnel are applied with the Uniform model. Packets from VPN B are IP packets. The packets of VPN A and VPN B in the MPLS TE tunnel are applied with the Uniform model. VPN A is guaranteed with a bandwidth of 50 Mbit/s in the MPLS TE tunnel. The VoIP packets of VPN A are forwarded in the traffic type of EF and are guaranteed with a bandwidth of 12 Mbit/s. The video packets of VPN A are forwarded in the traffic type of AF4 and guaranteed with a bandwidth of 8 Mbit/s. The important data packets of VPN A are forwarded in the traffic type of AF3 and are guaranteed with a bandwidth of 5 Mbit/s. VPN B is guaranteed with a bandwidth of 30 Mbit/s in the MPLS TE tunnel. The voice packets in VPN B are forwarded in the traffic type of EF and are guaranteed with a bandwidth of 10 Mbit/s. Other service packets share the remaining bandwidth for packets of VPN B according to the default settings of the system.
Issue 03 (2008-09-22)
6-71
Figure 6-11 Networking diagram for configuring a hierarchical resource reserved L2VPN (VLL)
The configuration roadmap is as follows: 1. 2. 3. 4. Configure the IP addresses and routes for the interfaces to ensure they interwork at the network layer. Configure an MPLS TE tunnel between the PEs. Create a tunnel interface on the PE1 side only (because the MPLS TE is unidirectional). Configure Martini VLL. Configure the ATM forcible traffic classification for packets going from VPN A to PE1 and the simple traffic classification for packets going from VPN B to PE1 so that the service priorities of packets are re-set on MPLS networks. Configure that the traffic in the MPLS TE tunnel from VPN A and VPN B is applied with the Uniform model. Configure resource separation and guaranteed bandwidths for the traffic from VPN A and VPN B.
NOTE
5. 6.
Data Preparation
l
Name of the remote PE peer and the VC ID

6-72

l l
VPI or VCI values of CE1 and CE2; VLAN IDs of CE3 and CE4 Service types of ATM forcible traffic classification in VPN A and the interior priorities of routers; mapped service priorities of the packets from VPN B through the simple traffic classification. Service types and colors of the packets from VPN B for label mapping at the ingress of the MPLS TE tunnel Guaranteed bandwidths and scheduling parameters for flow queues that accept non-VPN packets from VPN A, VPN B, and the MPLS TE tunnel Bandwidth limits for VPN A, VPN B, and MPLS TE
1. Configure the IP addresses of the interfaces on the MPLS backbone network and the IGP (OSPF) and ensure that PE1, P, and PE2 can interwork. For detailed description of the configuration, see "6.5.3 Example for Configuring a Hierarchical Resource Reserved L3VPN." 2. Configure MPLS TE. Configure the basic MPLS functions and MPLS LDP on the MPLS backbone network and establish LDP.
l
Configure PE1.
<PE1> system-view [PE1] mpls lsr-id 1.1.1.9 [PE1] mpls [PE1-mpls] lsp-trigger all [PE1-mpls] quit [PE1] mpls ldp [PE1-mpls-ldp] quit
Configure PE2.
<PE2> system-view [PE2] mpls lsr-id 2.2.2.9 [PE2] mpls [PE2-mpls] quit [PE2] mpls ldp [PE2-mpls-ldp] quit
# Establish a remote peer session between PE1 and PE2.

l
Configure PE1.
<PE1> system-view [PE1] mpls ldp remote-peer 2.2.2.9 [PE1-mpls-ldp-remote-2.2.2.9] remote-ip 2.2.2.9 [PE1-mpls-ldp-remote-2.2.2.9] return
Configure PE2.
After the preceding configuration, LDP sessions can be established between PE1 and P, between P and PE2. Running the display mpls ldp session command, you can find in the output information that the status is Operational. Using the display mpls ldp lsp command, you can check the establishment of the LDP LSP. The following is the display on PE1:
[PE1] display mpls ldp session LDP Session(s) in Public Network
Issue 03 (2008-09-22)
6-73
-----------------------------------------------------------------------------Peer-ID Status LAM SsnRole SsnAge KA-Sent/Rcv -----------------------------------------------------------------------------2.2.2.9:0 Operational DU Passive 000:00:22 89/89 3.3.3.9:0 Operational DU Passive 000:00:24 98/98 -----------------------------------------------------------------------------TOTAL: 2 session(s) Found. LAM : Label Advertisement Mode SsnAge Unit : DDD:HH:MM

l
Configure PE1.
Configure the P.
 system-view [P] mpls [P-mpls] mpls te [P-mpls] mpls rsvp-te [P-mpls] mpls te cspf [P-mpls] quit [P] interface pos 1/0/0 [P-Pos1/0/0] mpls te [P-Pos1/0/0] mpls rsvp-te [P-Pos1/0/0] quit [P] interface pos 2/0/0 [P-Pos2/0/0] mpls te [P-Pos2/0/0] mpls rsvp-te [P-Pos2/0/0] quit [P] ospf [P-ospf-1] opaque-capability enable [P-ospf-1] area 0 [P-ospf-1-area-0.0.0.0] mpls-te enable [P-ospf-1-area-0.0.0.0] return
Configure PE2.
6-74
Issue 03 (2008-09-22)
NOTE
When you configure an MPLS TE tunnel, you need to specify the maximum usable bandwidth for the physical link and the maximum reservable bandwidth; then you also need to specify the bandwidth of the tunnel. The maximum reservable bandwidth of the physical link should not exceed the maximum usable bandwidth. The bandwidth of a tunnel should not exceed the maximum reservable bandwidth for the physical link.
l
Configure PE1.
Configure the P.
 system-view [P] interface pos 1/0/0 [P-Pos1/0/0] mpls te max-link-bandwidth 200000 [P-Pos1/0/0] mpls te max-reservable-bandwidth 120000 [P-Pos1/0/0] quit [P] interface pos 2/0/0 [P-Pos2/0/0] mpls te max-link-bandwidth 200000 [P-Pos2/0/0] mpls te max-reservable-bandwidth 120000 [P-Pos2/0/0] return
Configure PE2.
Configure the MPLS TE tunnel on PE1.

<PE1> system-view [PE1] interface tunnel 1/0/0 [PE1-Tunnel1/0/0] ip address unnumbered interface loopback 1 [PE1-Tunnel1/0/0] tunnel-protocol mpls te [PE1-Tunnel1/0/0] destination 2.2.2.9 [PE1-Tunnel1/0/0] mpls te tunnel-id 100 [PE1-Tunnel1/0/0] mpls te signal-protocol rsvp-te [PE1-Tunnel1/0/0] mpls te commit [PE1-Tunnel1/0/0] return
NOTE
In this example, the MPLS TE tunnel is configured only in the direction from PE1 to PE2. If an MPLS TE tunnel is bi-directional, you also need to configure the MPLS TE tunnel on PE2.
After the preceding configuration, run the display interface tunnel command and you can find that the state of the interface is Up.
[PE1] display interface tunnel Tunnel6/0/0 current state : UP Line protocol current state : UP Last up time: 2007-10-31, 15:19:53 Description:HUAWEI, Quidway Series, Tunnel1/0/0 Interface Route Port,The Maximum Transmit Unit is 1500 Internet Address is unnumbered, using address of LoopBack1(1.1.1.9/32) Encapsulation is TUNNEL, loopback not set Tunnel destination 2.2.2.9 Tunnel up/down statistics 1 Tunnel protocol/transport MPLS/MPLS, ILM is available, primary tunnel id is 0x40c18000, secondary tunnel id is 0x0 300 minutes output rate 0 bytes/sec, 0 packets/sec
Issue 03 (2008-09-22)
6-75

0 packets output, 0 output error 0 bytes
<PE1> display mpls te tunnel-interface Tunnel Name : Tunnel1/0/0 Tunnel Desc : HUAWEI, Quidway Series, Tunnel State Desc : CR-LSP is Up Tunnel Attributes : LSP ID : 1.1.1.9:1 Session ID : 100 Admin State : UP Ingress LSR ID : 1.1.1.9 Signaling Protocol : RSVP Class Type : CLASS 0 Reserved BW : 1200 kbps Setup Priority : 7 Hop Limit : Secondary Hop Limit : BestEffort Hop Limit: Affinity Prop/Mask : 0x0/0x0 Explicit Path Name : Secondary Affinity Prop/Mask: 0x0/0x0 Secondary Explicit Path Name: BestEffort Affinity Prop/Mask: 0x0/0x0 Tie-Breaking Policy : None Metric Type : None Record Route : Disabled FRR Flag : Disabled BackUpBW Type : Route Pinning : Disabled Retry Limit : 5 Reopt : Disabled Back Up Type : None Back Up LSPID : Auto BW : Disabled Min BW : Current Collected BW: Interfaces Protected: ACL Bind Value : VRF Bind Value : L2VPN Bind Value : Car Policy : Disabled Tunnel Group : Primary Primary Tunnel Sum : Primary Tunnel : Backup Tunnel : IPTN InLabel : Group Status : Up Oam Status : Up Bfd Capability : None BestEffort : Disabled IsBestEffortPath: Non-existent Tunnel1/0/0 Interface
UP 2.2.2.9 SE 0 kbps 7
Record Label : BackUpBW Flag: BackUpBW :
Disabled Not Supported -
Retry Interval: 10 sec Reopt Freq : Auto BW Freq : Max BW : -
Running the display mpls te cspf tedb all command on PE1, you can view the link information about TEDB.
[PE1] display mpls te cspf tedb all Maximum Node Supported: 2048 Maximum Link Supported: 8192 Current Total Node Number: 3 Current Total Link Number: 4 ID Router-ID IGP Process-ID Area Link-Count 1 3.3.3.9 OSPF 1 0 2 2 1.1.1.9 OSPF 1 0 1 3 2.2.2.9 OSPF 1 0 1
3.
Configure Martini VLL. # Configure CEs. CE1 connects PE1 and CE2 connects PE2, both over an ATM link. CE3 connects PE1 and CE4 connects PE2. The connection is in VLAN mode.
6-76
Issue 03 (2008-09-22)

l
Configure CE1.
<CE1> system-view [CE1] interface Virtual-Ethernet 1/0/0 [CE1-Virtual-Ethernet1/0/0] ip address 10.1.1.1 24 [CE1-Virtual-Ethernet1/0/0] quit [CE1] interface atm 1/0/0 [CE1-Atm1/0/0] undo shutdown [CE1] interface atm 1/0/0.1 [CE1-Atm1/0/0.1] ip address 10.1.1.1 24 [CE1-Atm1/0/0.1] pvc 1/100 [CE1-atm-pvc-Atm1/0/0.1-1/100] map bridge Virtual-Ethernet 1/0/0 [CE1-atm-pvc-Atm1/0/0.1-1/100] quit [CE1-Atm1/0/0.1] pvc 1/101 [CE1-atm-pvc-Atm1/0/0.1-1/101] map bridge Virtual-Ethernet 1/0/0 [CE1-atm-pvc-Atm1/0/0.1-1/101] quit [CE1-Atm1/0/0.1] pvc 1/102 [CE1-atm-pvc-Atm1/0/0.1-1/102] map bridge Virtual-Ethernet 1/0/0 [CE1-atm-pvc-Atm1/0/0.1-1/102] return
Configure CE2.
<CE2> system-view [CE2] interface Virtual-Ethernet 1/0/0 [CE2-Virtual-Ethernet1/0/0] ip address 10.1.1.2 24 [CE2-Virtual-Ethernet1/0/0] quit [CE2] interface atm 1/0/0 [CE2-Atm1/0/0] undo shutdown [CE2] interface atm 1/0/0.1 [CE2-Atm1/0/0.1] pvc 1/100 [CE2-atm-pvc-Atm1/0/0.1-1/100] map bridge Virtual-Ethernet 1/0/0 [CE2-atm-pvc-Atm1/0/0.1-1/100] quit [CE2-Atm1/0/0.1] pvc 1/101 [CE2-atm-pvc-Atm1/0/0.1-1/101] map bridge Virtual-Ethernet 1/0/0 [CE2-atm-pvc-Atm1/0/0.1-1/101] quit [CE2-Atm1/0/0.1] pvc 1/102 [CE2-atm-pvc-Atm1/0/0.1-1/102] map bridge Virtual-Ethernet 1/0/0 [CE2-atm-pvc-Atm1/0/0.1-1/102] return
Configure CE3.
<CE3> system-view [CE3] interface gigabitethernet 1/0/0.1 [CE3-GigabitEthernet1/0/0.1] vlan-type dot1q 10 [CE3-GigabitEthernet1/0/0.1] ip address 10.3.1.1 24 [CE3-GigabitEthernet1/0/0.1] return
Configure CE4.
# Enable MPLS L2VPN on PEs and then create VC connections.

l
Configure PE1. Configure transparent transmission of ATM cells in N-to-1 VCC mode on the interface that connects CE1. Create a VC on the interface that connects CE3.
<PE1> system-view [PE1] mpls l2vpn [PE1-l2vpn] quit [PE1] interface atm2/0/0.1 [PE1-Atm2/0/0.1] atm cell transfer [PE1-Atm2/0/0.1] pvc 1/100 [PE1-atm-pvc-Atm2/0/0.1-1/100] quit [PE1-Atm2/0/0.1] pvc 1/101 [PE1-atm-pvc-Atm2/0/0.1-1/101] quit [PE1-Atm2/0/0.1] pvc 1/102 [PE1-atm-pvc-Atm2/0/0.1-1/102] quit [PE1-Atm2/0/0.1] mpls l2vc 3.3.3.9 102 [PE1-Atm2/0/0.1] undo shutdown [PE1-Atm2/0/0.1] quit
Issue 03 (2008-09-22)
6-77

[PE1] interface gigabitethernet 3/0/0.1 [PE1-GigabitEthernet3/0/0.1] vlan-type dot1q 10 [PE1-GigabitEthernet3/0/0.1] mpls l2vc 2.2.2.9 101 [PE1-GigabitEthernet3/0/0.1] quit
Configure PE2. Configure transparent transmission of ATM cells in N-to-1 VCC mode on the interface that connects CE2. Create a VC on the interface that connects CE4.
<PE2> system-view [PE2] mpls l2vpn [PE2-l2vpn] quit [PE2] interface gigabitethernet 3/0/0.1 [PE2-GigabitEthernet3/0/0.1] vlan-type dot1q 20 [PE2-GigabitEthernet3/0/0.1] mpls l2vc 1.1.1.9 101 [PE2-GigabitEthernet3/0/0.1] quit [PE2] interface atm2/0/0.1 [PE2-Atm2/0/0.1] atm cell transfer [PE2-Atm2/0/0.1] pvc 1/100 [PE2-atm-pvc-Atm2/0/0.1-1/100] quit [PE2-Atm2/0/0.1] pvc 1/101 [PE2-atm-pvc-Atm2/0/0.1-1/101] quit [PE2-Atm2/0/0.1] pvc 1/102 [PE2-atm-pvc-Atm2/0/0.1-1/102] quit [PE2-Atm2/0/0.1] mpls l2vc 1.1.1.9 102 [PE2-Atm2/0/0.1] undo shutdown [PE2-Atm2/0/0.1] return
# Configure service types of ATM PVC on PE1.

<PE1> system-view [PE1] atm service voice cbr 12000 20 [PE1] atm service video nrt-vbr 9000 8000 20 50 [PE1] atm service data rt-vbr 6000 5000 20 50 [PE1] interface atm 2/0/0.1 [PE1-Atm2/0/0.1] pvc 1/100 [PE1-atm-pvc-Atm2/0/0.1-1/100] shutdown [PE1-atm-pvc-Atm2/0/0.1-1/100] service output voice [PE1-atm-pvc-Atm2/0/0.1-1/100] undo shutdown [PE1-atm-pvc-Atm2/0/0.1-1/100] quit [PE1-Atm2/0/0.1] pvc 1/101 [PE1-atm-pvc-Atm2/0/0.1-1/101] shutdown [PE1-atm-pvc-Atm2/0/0.1-1/101] service output video [PE1-atm-pvc-Atm2/0/0.1-1/101] undo shutdown [PE1-atm-pvc-Atm2/0/0.1-1/101] quit [PE1-Atm2/0/0.1] pvc 1/102 [PE1-atm-pvc-Atm2/0/0.1-1/102] shutdown [PE1-atm-pvc-Atm2/0/0.1-1/102] service output data [PE1-atm-pvc-Atm2/0/0.1-1/102] undo shutdown [PE1-atm-pvc-Atm2/0/0.1-1/102] return
After the preceding configuration, running the display mpls l2vc command, you can view information about the L2VPN connections: Two L2 VCs are established; their states are Up. The following is the display on PE1:
[PE1] display mpls l2vc Total ldp vc : 2 2 up 0 down *Client Interface : GigabitEthernet3/0/0.1 Session State : up AC Status : up VC State : up VC ID : 101 VC Type : vlan Destination : 2.2.2.9 Local VC Label : 1025 Remote VC Label : 1024 Control Word : Disable forwarding entry : existent local group ID : 0 manual fault : not set active state : active link state : up Local VC MTU : 1500
6-78
Issue 03 (2008-09-22)

Remote VC MTU : 1500 Tunnel Policy Name : policy1 Traffic Behavior Name: -PW Template Name : -primary or secondary : primary Create time : 0 days, 0 hours, UP time : 0 days, 0 hours, Last change time : 0 days, 0 hours, *Client Interface : Atm2/0/0.1 Session State : up AC Status : up VC State : up VC ID : 102 VC Type : atm nto1 vcc Destination : 2.2.2.9 Local VC Label : 17408 Remote VC Label : 17408 Control Word : Disable forwarding entry : existent local group ID : 0 manual fault : not set active state : active link state : up Local ATM Cells : 1 Remote ATM Cells : 1 Tunnel Policy Name : policy1 Traffic Behavior Name: -PW Template Name : -primary or secondary : primary Create time : 0 days, 0 hours, UP time : 0 days, 0 hours, Last change time : 0 days, 0 hours,
3 minutes, 14 seconds 1 minutes, 48 seconds 1 minutes, 48 seconds
3 minutes, 14 seconds 1 minutes, 48 seconds 1 minutes, 48 seconds
CE1 and CE2 can ping through each other; CE3 and CE4 can ping through each other. 4. Configure a tunnel policy: specifying that VPNs communicate through the MPLS TE tunnel; then apply the tunnel policy to the VLLs.
<PE1> system-view [PE1] tunnel-policy policy1 [PE1-tunnel-policy-policy1] tunnel binding destination 2.2.2.9 te tunnel 1/0/0 [PE1-tunnel-policy-policy1] quit [PE1] interface atm2/0/0.1 [PE1-Atm2/0/0.1] undo mpls l2vc [PE1-Atm2/0/0.1] mpls l2vc 2.2.2.9 102 tunnel-policy policy1 [PE1-Atm2/0/0.1] quit [PE1] interface gigabitethernet 3/0/0.1 [PE1-GigabitEthernet3/0/0.1] undo mpls l2vc [PE1-GigabitEthernet3/0/0.1] mpls l2vc 2.2.2.9 101 tunnel-policy policy1 [PE1-GigabitEthernet3/0/0.1] return
NOTE
In this example, the TE tunnel is configured only in the direction from PE1 to PE2. If an MPLS TE tunnel is bi-directional, you also need to configure the tunnel policy on PE2 and apply it to the VLLs.
5.
On the inbound interface of PE1, configure the ATM simple traffic classification and the forcible traffic classification for VPN A and configure the simple traffic classification for VPN B. Map the service types of voice, video, and data services to EF, AF4, and AF3 respectively. Map the DSCP value of 34 carried in the packets from VPN B to the EXP priority of 3 in the MPLS domain.
<PE1> system-view [PE1] interface atm 2/0/0.1 [PE1-Atm2/0/0.1] trust upstream default [PE1-Atm2/0/0.1] pvc 1/100 [PE1-atm-pvc-Atm2/0/0.1-1/100] traffic queue ef green [PE1-atm-pvc-Atm2/0/0.1-1/100] quit [PE1-GigabitEthernet2/0/0.1] pvc 1/101
Issue 03 (2008-09-22)
6-79
[PE1-atm-pvc-Atm2/0/0.1-1/101] traffic queue af4 green [PE1-atm-pvc-Atm2/0/0.1-1/101] quit [PE1-GigabitEthernet2/0/0.1] pvc 1/102 [PE1-atm-pvc-Atm2/0/0.1-1/102] traffic queue af3 green [PE1-atm-pvc-Atm2/0/0.1-1/102] return
6.
<PE1> system-view [PE1] flow-queue vpna [PE1-flow-queue-template-vpna] queue ef pq flow-wred test shaping 12000 [PE1-flow-queue-template-vpna] queue af4 wfq weight 15 flow-wred test shaping 8000 [PE1-flow-queue-template-vpna] queue af3 wfq weight 10 flow-wred test shaping 5000 [PE1-flow-queue-template-vpna] quit [PE1] flow-queue vpnb [PE1-flow-queue-template-vpnb] queue af3 pq flow-wred test shaping 10000 [PE1-flow-queue-template-vpnb] quit [PE1] flow-queue te [PE1-flow-queue-template-te] queue ef pq flow-wred test shaping 25000 [PE1-flow-queue-template-te] queue af4 wfq weight 15 flow-wred test shaping 15000 [PE1-flow-queue-template-te] queue af3 wfq weight 10 flow-wred test shaping 10000 [PE1-flow-queue-template-te] return
7.
Configure DiffServ models supported by the VLL.

NOTE
l l
If the configuration of VPN A supporting the Uniform model is done for the first time, you can use the default Uniform model rather than configure the model with the command. If VPN A has been configured to support the Pipe or Short Pipe model and now you want to configure them to support the Uniform model, you need to perform the following configuration.
<PE1> system-view [PE1] interface atm 2/0/0.1 [PE1-Atm2/0/0.1] diffserv-mode uniform [PE1-Atm2/0/0.1] quit [PE1] interface gigabitethernet 3/0/0.1 [PE1-GigabitEthernet3/0/0.1] diffserv-mode uniform [PE1-GigabitEthernet3/0/0.1] return
NOTE
You do not need to configure the simple traffic classification for traffic from VPN B on the ingress PE because VPN B has been configured to support the Pipe model in the MPLS TE tunnel.
8.

<PE1> system-view [PE1] interface pos 1/0/0 [PE1-Pos1/0/0] port-queue ef pq shaping 25 outbound [PE1-Pos1/0/0] port-queue af4 wfq weight 15 shaping 15 outbound [PE1-Pos1/0/0] port-queue af3 wfq weight 10 shaping 10 outbound
6-80
Issue 03 (2008-09-22)

[PE1-Pos1/0/0] return
9.
Configure a bandwidth for the MPLS TE tunnel and bind statically the VLLs to the MPLS TE tunnel.
<PE1> system-view [PE1] interface tunnel 1/0/0 [PE1-Tunnel1/0/0] mpls te bandwidth 100000 flow-queue te [PE1-Tunnel1/0/0] mpls te reserved-for-binding [PE1-Tunnel1/0/0] mpls te vpn-binding l2vpn interface atm 2/0/0.1 cir 50000 pir 100000 flow-queue vpna [PE1-Tunnel1/0/0] mpls te vpn-binding l2vpn interface gigabitethernet 3/0/0.1 cir 30000 pir 100000 flow-queue vpnb [PE1-Tunnel1/0/0] mpls te commit
10. Verify the configuration. Running the display traffic statistics interface tunnel interface-numbertunnel-name vll interface-type interface-number command, you can view the traffic information about the VLL in the MPLS TE tunnel. For example:
[PE1] display traffic statistics interface tunnel 1/0/0 vll atm 2/0/0.1 The RRVPN Traffic Statistics: Transit packets :239453968 Transit bytes :24918416800 Discard packets :0 Discard bytes :0 Transit packets rate:33000 packets/sec Transit bytes rate :4070000 bytes/sec
Configuration Files
l

# sysname PE1 # flow-wred test color green low-limit 30 high-limit 50 discard-percentage 100 color yellow low-limit 20 high-limit 40 discard-percentage 100 color red low-limit 10 high-limit 30 discard-percentage 100 # flow-queue vpna queue ef pq shaping 12000 flow-wred test queue af4 wfq weight 15 shaping 8000 flow-wred test queue af3 wfq weight 10 shaping 5000 flow-wred test # flow-queue vpnb queue ef pq shaping 10000 flow-wred test # flow-queue te queue ef pq shaping 25000 flow-wred test queue af4 wfq weight 15 shaping 15000 flow-wred test queue af3 wfq weight 10 shaping 10000 flow-wred test # atm service voice cbr 12000 20 atm service video nrt-vbr 9000 8000 20 50 atm service data rt-vbr 6000 5000 20 50 # mpls lsr-id 1.1.1.9 mpls mpls te mpls rsvp-te mpls te cspf mpls l2vpn # mpls ldp # mpls ldp remote-peer 2.2.2.9 remote-ip 2.2.2.9 #
Issue 03 (2008-09-22)
6-81
interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.1.1.1 255.255.255.0 mpls mpls te mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te port-queue ef pq shaping 25 outbound port-queue af4 wfq weight 15 shaping 15 outbound port-queue af3 wfq weight 10 shaping 10 outbound # interface Atm2/0/0 undo shutdown # interface Atm2/0/0.1 atm cell transfer trust upstream default pvc 1/100 service output voice traffic queue ef green pvc 1/101 service output video traffic queue af4 green pvc 1/102 service output data traffic queue af3 green mpls l2vc 2.2.2.9 102 tunnel-policy policy1 # interface GigabitEthernet3/0/0 undo shutdown # interface GigabitEthernet3/0/0.1 vlan-type dot1q 10 mpls l2vc 2.2.2.9 101 tunnel-policy policy1 # interface LoopBack1 ip address 1.1.1.9 255.255.255.252 # interface Tunnel1/0/0 ip address unnumbered interface LoopBack1 tunnel-protocol mpls te destination 2.2.2.9 mpls te tunnel-id 100 mpls te bandwidth bc0 100000 flow-queue te mpls te reserved-for-binding mpls te vpn-binding vpn-instance vpna cir 50000 pir 100000 flow-queue vpna mpls te vpn-binding vpn-instance vpnb cir 30000 pir 100000 flow-queue vpnb mpls te commit # ipv4-family vpnv4 peer 2.2.2.9 enable # ospf 1 opaque-capability enable area 0.0.0.0 network 100.1.1.0 0.0.0.255 network 1.1.1.9 0.0.0.0 mpls-te enable # tunnel-policy policy1 tunnel binding destination 2.2.2.9 te Tunnel 1/0/0 # return l

# sysname P #
6-82
Issue 03 (2008-09-22)

mpls mpls te mpls rsvp-te mpls te cspf # diffserv domain default # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.1.1.2 255.255.255.0 mpls mpls te mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 200.1.1.1 255.255.255.0 mpls mpls te mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te # interface LoopBack1 ip address 2.2.2.9 255.255.255.252 # ospf 1 opaque-capability enable area 0.0.0.0 network 100.1.1.0 0.0.0.255 network 200.1.1.0 0.0.0.255 network 3.3.3.9 0.0.0.0 mpls-te enable # return l

# sysname PE2 # mpls lsr-id 2.2.2.9 mpls mpls te mpls rsvp-te mpls te cspf mpls l2vpn # mpls ldp # mpls ldp remote-peer 1.1.1.9 remote-ip 1.1.1.9 # interface Pos1/0/0 undo shutdown ip address 200.1.1.2 255.255.255.0 mpls mpls te mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te # interface Atm2/0/0 undo shutdown # interface Atm2/0/0.1 atm cell transfer
Issue 03 (2008-09-22)
6-83

mpls l2vc 1.1.1.9 102 pvc 1/100 pvc 1/101 pvc 1/102 # interface GigabitEthernet3/0/0 undo shutdown # interface GigabitEthernet3/0/0.1 vlan-type dot1q 20 mpls l2vc 1.1.1.9 101 # interface LoopBack1 ip address 2.2.2.9 255.255.255.252 # ospf 1 opaque-capability enable area 0.0.0.0 network 200.1.1.0 0.0.0.255 network 2.2.2.9 0.0.0.0 mpls-te enable # return l

# sysname CE1 # interface Virtual-Ethernet 1/0/0 ip address 10.1.1.1 255.255.255.0 # interface Atm1/0/0 undo shutdown # interface Atm1/0/0.1 ip address 10.1.1.1 255.255.255.0 pvc 1/100 map bridge Virtual-Ethernet 1/0/0 pvc 1/101 map bridge Virtual-Ethernet 1/0/0 pvc 1/102 map bridge Virtual-Ethernet 1/0/0 # return

# sysname CE2 # interface Virtual-Ethernet 1/0/0 ip address 10.1.1.2 255.255.255.0 # interface Atm1/0/0 undo shutdown # interface Atm1/0/0.1 ip address 10.1.1.2 255.255.255.0 pvc 1/100 map bridge Virtual-Ethernet 1/0/0 pvc 1/101 map bridge Virtual-Ethernet 1/0/0 pvc 1/102 map bridge Virtual-Ethernet 1/0/0 # return

# sysname CE3 #
6-84
Issue 03 (2008-09-22)

interface Ethernet1/0/0 undo shutdown # interface Ethernet1/0/0.1 ip address 10.3.1.1 255.255.255.0 vlan-type dot1q 10 # return l

# sysname CE4 # interface Ethernet1/0/0 undo shutdown # interface Ethernet1/0/0.1 ip address 10.3.1.2 255.255.255.0 vlan-type dot1q 20 # return
6.5.5 Example for Configuring a Hierarchical Resource Reserved L2VPN (VPLS)

As shown in Figure 6-12, CE1 and CE2 are in VPN A, and CE3 and CE4 are in VPN B. VPN A and VPN B share the same MPLS TE tunnel that connects the public edge devices PE1 and PE2. You are required to reserve bandwidths for packets from VPN A and VPN B that go through the MPLS TE tunnel, and for packets of different services within a VPN. In addition, the bandwidth resources are reserved. You are required to separate bandwidth resources between VPN A and VPN B and provide guaranteed bandwidth resources for different types of packets within a VPN. OSPF is used as the IGP on the MPLS backbone network. CE1 and CE2 belong to the same VPLS; CE3 and CE4 belong to the same VPLS. The specific requirements are as follows:
l
Use the RSVP-TE to establish an MPLS TE tunnel that connects PE1 and PE2. The tunnel forwards VPLS service packets. The bandwidth of the tunnel is 100 Mbit/s. The maximum bandwidth of the link along the tunnel is 200 Mbit/s and the maximum reservable bandwidth is 120 Mbit/s. CE1 and CE3 connect PE1; CE2 and CE4 connect PE2. The connections are in VLAN mode. Packets from VPN A carry VLAN tags. The simple traffic classification mappings from 802.1p priorities to EXP priorities are configured on the inbound interface of PE1. Packets from VPN B are IP packets. Configure the simple traffic classification on the inbound interface of PE1: The DSCP priorities of IP packets are mapped to EXP priorities. The packets from VPN A and VPN B are forwarded in the Uniform model, which is the default DiffServ model of the system, in the MPLS TE tunnel. On the outbound interface of the MPLS domain, the packets are scheduled according to DSCP priorities that are mapped from the EXP priorities. VPN A is guaranteed with a bandwidth of 50 Mbit/s in the MPLS TE tunnel. The VoIP packets of VPN A are forwarded in the traffic type of EF and are guaranteed with a
Issue 03 (2008-09-22)
bandwidth of 12 Mbit/s. The video packets of VPN A are forwarded in the traffic type of AF4 and guaranteed with a bandwidth of 8 Mbit/s. The important data packets of VPN A are forwarded in the traffic type of AF3 and are guaranteed with a bandwidth of 5 Mbit/s.
l
VPN B is guaranteed with a bandwidth of 30 Mbit/s in the MPLS TE tunnel. The voice packets in VPN B are forwarded in the traffic type of EF and are guaranteed with a bandwidth of 10 Mbit/s. Other service packets share the remaining bandwidth for packets of VPN B according to the default settings of the system.
NOTE
Packets from VPN A are VLAN packets. After you configure the trunk interface on CE1, packets carrying VLAN tags head for the inbound sub-interface of PE1. One sub-interface on PE1 admits all traffic within a VLAN. If actual traffic of VPN users is from multiple VLANs, the traffic can access PE1 through multiple sub-interfaces. The simple traffic classification mappings and complex traffic classification re-marking actions configured manually are incompatible with the Pipe or Short Pipe model. That is, if you have configured simple traffic classification mappings or complex traffic classification re-marking actions, the traffic in an MPLS TE tunnel from VPNs is only in the default Uniform model.
Figure 6-12 Networking diagram for configuring a hierarchical resource reserved L2VPN (VPLS)
The configuration roadmap is as follows: 1. 2. 3. 4. 5. Configure the IP addresses and routes for the interfaces to ensure that they interwork at the network layer. Configure an MPLS TE tunnel between the PEs. Create a tunnel interface on the PE1 side only (because the MPLS TE is unidirectional). Configure Martini VPLS. Configure simple traffic classification mappings for packets going from VPN A and VPN B to PE1 so that the service priorities of packets are re-set on MPLS networks. Configure that the traffic in the MPLS TE tunnel from VPN A and VPN B is applied with the Uniform model.
6-86

NOTE
l l
If the configuration of VPLS supporting the Uniform model is done for the first time, you can use the default Uniform model rather than configure the model with the command. If VPLSs have been configured to support the Pipe or Short Pipe model and now you want to configure them to support the Uniform model, you need to perform the following configuration.
6.
Configure resource separation and guaranteed bandwidths for the traffic from VPN A and VPN B.
NOTE
Data Preparation
l
VSI name and VSI ID; VLAN ID of AC sub-interface; VLAN ID for packets from VPN A. Service priorities of packets from VPN A and VPN B used for the simple traffic classification Guaranteed bandwidths and scheduling parameters for flow queues that accept non-VPN packets from VPN A, VPN B, and the MPLS TE tunnel Bandwidth limits for VPN A, VPN B, and MPLS TE
1. Configure the IP addresses of the interfaces on the MPLS backbone network and the IGP (OSPF) to ensure that PE1, P, and PE2 interwork. For detailed description of the configuration, see "6.5.3 Example for Configuring a Hierarchical Resource Reserved L3VPN." 2. Configure MPLS TE. For detailed description of the configuration, see "6.5.4 Example for Configuring a Hierarchical Resource Reserved L2VPN (VLL)." 3. Configure Martini VPLS. # Enable MPLS L2VPN on PEs and configure VSIs.
l
Configure PE1.
<PE1> system-view [PE1] mpls l2vpn [PE1-l2vpn] quit [PE1] vsi vpna static [PE1-vsi-vpna] pwsignal ldp [PE1-vsi-vpna-ldp] vsi-id 1 [PE1-vsi-vpna-ldp] peer 2.2.2.9 [PE1-vsi-vpna-ldp] quit [PE1-vsi-vpna] quit [PE1] vsi vpnb static [PE1-vsi-vpnb] pwsignal ldp [PE1-vsi-vpnb-ldp] vsi-id 2 [PE1-vsi-vpnb-ldp] peer 2.2.2.9
Issue 03 (2008-09-22)
6-87

[PE1-vsi-vpna-ldp] return l
Configure PE2.
<PE2> system-view [PE2] mpls l2vpn [PE2-l2vpn] quit [PE2] vsi vpna static [PE2-vsi-vpna] pwsignal ldp [PE2-vsi-vpna-ldp] vsi-id 1 [PE2-vsi-vpna-ldp] peer 1.1.1.9 [PE2-vsi-vpna-ldp] quit [PE2-vsi-vpna] quit [PE2] vsi vpnb static [PE2-vsi-vpnb] pwsignal ldp [PE2-vsi-vpnb-ldp] vsi-id 2 [PE2-vsi-vpnb-ldp] peer 1.1.1.9 [PE2-vsi-vpna-ldp] return
# Bind VSIs to interfaces on PE.

l
Configure PE1.
<PE1> system-view [PE1] interface gigabitethernet2/0/0.1 [PE1-GigabitEthernet2/0/0.1] vlan-type dot1q 10 [PE1-GigabitEthernet2/0/0.1] l2 binding vsi vpna [PE1-GigabitEthernet2/0/0.1] quit [PE1] interface gigabitethernet3/0/0.1 [PE1-GigabitEthernet3/0/0.1] vlan-type dot1q 20 [PE1-GigabitEthernet3/0/0.1] l2 binding vsi vpnb [PE1-GigabitEthernet3/0/0.1] return
Configure PE2.
<PE2> system-view [PE2] interface gigabitethernet2/0/0.1 [PE2-GigabitEthernet2/0/0.1] vlan-type dot1q 10 [PE2-GigabitEthernet2/0/0.1] l2 binding vsi vpna [PE2-GigabitEthernet2/0/0.1] quit [PE2] interface gigabitethernet3/0/0.1 [PE2-GigabitEthernet3/0/0.1] vlan-type dot1q 20 [PE2-GigabitEthernet3/0/0.1] l2 binding vsi vpnb [PE2-GigabitEthernet3/0/0.1] return
Configure CE1.
<CE1> system-view [CE1] interface gigabitethernet1/0/0 [CE1-GigabitEthernet1/0/0] undo shutdown [CE1-GigabitEthernet1/0/0] portswitch [CE1-GigabitEthernet1/0/0] port link-type trunk [CE1-GigabitEthernet1/0/0] port trunk allow-pass vlan 10 [CE1-GigabitEthernet1/0/0] return
Configure CE2.
<CE2> system-view [CE2] interface gigabitethernet1/0/0 [CE2-GigabitEthernet1/0/0] undo shutdown [CE2-GigabitEthernet1/0/0] portswitch [CE2-GigabitEthernet1/0/0] port link-type trunk [CE2-GigabitEthernet1/0/0] port trunk allow-pass vlan 10 [CE2-GigabitEthernet1/0/0] return
Configure CE3.
<CE3> system-view [CE3] interface gigabitethernet1/0/0.1 [CE3-GigabitEthernet1/0/0.1] vlan-type dot1q 20 [CE3-GigabitEthernet1/0/0.1] ip address 10.3.1.1 255.255.255.0 [CE3-GigabitEthernet1/0/0.1] return
Configure CE4.
<CE4> system-view
6-88
Issue 03 (2008-09-22)
[CE4] interface gigabitethernet1/0/0.1 [CE4-GigabitEthernet1/0/0.1] vlan-type dot1q 20 [CE4-GigabitEthernet1/0/0.1] ip address 10.3.1.2 255.255.255.0 [CE4-GigabitEthernet1/0/0.1] return
After the preceding configuration, run the display vsi name vsi-name verbose command on PE1 and you can find that a PW has been established from the VSI named "vpna" to PE2 and that the VSI state is Up.
[PE1] display vsi name vpna verbose ***VSI Name : vpna Administrator VSI : no Isolate Spoken : disable VSI Index : 0 PW Signaling : ldp Member Discovery Style : static PW MAC Learn Style : unqualify Encapsulation Type : vlan MTU : 1500 Mode : uniform Service Class : -Color : -DomainId : 0 Domain Name : VSI State : up VSI ID : 1 *Peer Router ID : 2.2.2.9 VC Label : 142336 Peer Type : dynamic Session : up Tunnel ID : 0xc08002, Interface Name : GigabitEthernet2/0/0.1 State : up **PW Information: *Peer Ip Address : 2.2.2.9 PW State : up Local VC Label : 142336 Remote VC Label : 142336 PW Type : label Tunnel ID : 0xc08002
CE1 and CE2 can ping through each other; CE3 and CE4 can ping through each other. 4. Configure a tunnel policy: specifying that VPNs communicate through the MPLS TE tunnel; then apply the tunnel policy to the VSI instances.
<PE1> system-view [PE1] tunnel-policy policy1 [PE1-tunnel-policy-policy1] tunnel binding destination 2.2.2.9 te tunnel 1/0/0 [PE1-tunnel-policy-policy1] quit [PE1] vsi vpna [PE1-vsi-vpna] tnl-policy policy1 [PE1-vsi-vpna] quit [PE1] vsi vpnb [PE1-vsi-vpnb] tnl-policy policy1 [PE1-vsi-vpnb] return
NOTE
In this example, the TE tunnel is configured only in the direction from PE1 to PE2. If an MPLS TE tunnel is bi-directional, you also need to configure the tunnel policy on PE2 and apply it to the VSI instances.
Running the display mpls forwarding-table command on PE1, you can find an LSP destined for 2.2.2.9/32 in the MPLS forwarding table.
[PE1] display mpls forwarding-table Fec Outlabel Out-IF 3.3.3.9/32 3 POS1/0/0 2.2.2.9/32 1025 POS1/0/0 Nexthop 100.1.1.2 100.1.1.2 LspIndex 30735 30743
Issue 03 (2008-09-22)
6-89
Run the display tunnel-info all command on PE1 and you can find that an MPLS TE tunnel destined for 2.2.2.9 has been established on PE1.
[PE1] display tunnel-info all * -> Allocated VC Token Tunnel ID Type Destination Token ---------------------------------------------------------------------0x1808027 lsp 3.3.3.9 39 0x180802a lsp -42 0x180802b lsp -43 0x180802c lsp -44 0x180802d lsp -45 0x61818003 cr lsp 2.2.2.9 32771 0x41818005 lsp -32773 0x41818006 lsp -32774
5.
Configure the simple traffic classification on the inbound interface of PE1. Map the 802.1p priorities of 3 and 2 of VLAN packets respectively to the EXP priorities of 4 and 3 in the MPLS domain. Map the DSCP value of 34 carried in the packets from VPN B to the EXP priority of 3 in the MPLS domain.
<PE1> system-view [PE1] diffserv domain vpna [PE1-dsdomain-vpna] 8021p-inbound 3 phb af4 green [PE1-dsdomain-vpna] 8021p-inbound 2 phb af3 green [PE1-dsdomain-vpna] quit [PE1] interface gigabitethernet 2/0/0.1 [PE1-GigabitEthernet2/0/0.1] trust upstream vpna [PE1-GigabitEthernet2/0/0.1] trust 8021p [PE1-GigabitEthernet2/0/0.1] quit [PE1] diffserv domain vpnb [PE1-dsdomain-vpnb] ip-dscp-inbound 34 phb af3 green [PE1-dsdomain-vpnb] quit [PE1] interface gigabitethernet 3/0/0.1 [PE1-GigabitEthernet3/0/0.1] trust upstream vpnb [PE1-GigabitEthernet3/0/0.1] return
6.
<PE1> system-view [PE1] flow-queue vpna [PE1-flow-queue-template-vpna] queue ef pq flow-wred test shaping 12000 [PE1-flow-queue-template-vpna] queue af4 wfq weight 15 flow-wred test shaping 8000 [PE1-flow-queue-template-vpna] queue af3 wfq weight 10 flow-wred test shaping 5000 [PE1-flow-queue-template-vpna] quit [PE1] flow-queue vpnb [PE1-flow-queue-template-vpnb] queue af3 pq flow-wred test shaping 10000 [PE1-flow-queue-template-vpnb] quit [PE1] flow-queue te [PE1-flow-queue-template-te] queue ef pq flow-wred test shaping 25000 [PE1-flow-queue-template-te] queue af4 wfq weight 15 flow-wred test shaping 15000
6-90
Issue 03 (2008-09-22)
[PE1-flow-queue-template-te] queue af3 wfq weight 10 flow-wred test shaping 10000 [PE1-flow-queue-template-te] return
7.
(Optional) Configure Uniform models supported by the VPLS.

NOTE
l l
If the configuration of VPLS supporting the Uniform model is done for the first time, you can use the default Uniform model rather than configure the model with the command. If VPLSs have been configured to support the Pipe or Short Pipe model and now you want to configure them to support the Uniform model, you need to perform the following configuration.
<PE1> system-view [PE1] vsi vpna [PE1-vsi-vpna] diffserv-mode uniform [PE1-vsi-vpna] quit [PE1] vsi vpnb [PE1-vsi-vpnb] diffserv-mode uniform [PE1-vsi-vpnb] return
8.

9.
Configure a bandwidth for the MPLS TE tunnel and statically bind the VSI instances to the MPLS TE tunnel.
<PE1> system-view [PE1] interface tunnel [PE1-Tunnel1/0/0] mpls [PE1-Tunnel1/0/0] mpls [PE1-Tunnel1/0/0] mpls queue vpna [PE1-Tunnel1/0/0] mpls queue vpnb [PE1-Tunnel1/0/0] mpls 1/0/0 te bandwidth 100000 flow-queue te te reserved-for-binding te vpn-binding l2vpn vsi vpna cir 50000 pir 100000 flowte vpn-binding l2vpn vsi vpnb cir 30000 pir 100000 flowte commit
10. Verify the configuration. Running the display traffic statistics interface tunnel interface-numbertunnel-name [ vsi vsi-name ] command, you can view the traffic information about the VPLS in the MPLS TE tunnel. For example:
[PE1] display traffic statistics interface tunnel 1/0/0 vsi vpna The RRVPN Traffic Statistics: Transit packets :239453968 Transit bytes :24918416800 Discard packets :0 Discard bytes :0 Transit packets rate :33000 packets/sec Transit bytes rate :4070000 bytes/sec
Configuration Files
l

# sysname PE1 # flow-wred test color green low-limit 30 high-limit 50 discard-percentage 100 color yellow low-limit 20 high-limit 40 discard-percentage 100 color red low-limit 10 high-limit 30 discard-percentage 100 # flow-queue vpna queue ef pq shaping 12000 flow-wred test
Issue 03 (2008-09-22)
6-91
queue af4 wfq weight 15 shaping 8000 flow-wred test queue af3 wfq weight 10 shaping 5000 flow-wred test # flow-queue vpnb queue ef pq shaping 10000 flow-wred test # flow-queue te queue ef pq shaping 25000 flow-wred test queue af4 wfq weight 15 shaping 15000 flow-wred test queue af3 wfq weight 10 shaping 10000 flow-wred test # mpls lsr-id 1.1.1.9 mpls mpls te mpls rsvp-te mpls te cspf mpls l2vpn # vsi vpna static pwsignal ldp vsi-id 1 peer 2.2.2.9 tnl-policy policy1 diffserv-mode uniform # vsi vpnb static pwsignal ldp vsi-id 2 peer 2.2.2.9 tnl-policy policy1 diffserv-mode uniform # mpls ldp # mpls ldp remote-peer 2.2.2.9 remote-ip 2.2.2.9 # diffserv domain vpna 8021p-inbound 3 phb af4 green 8021p-inbound 2 phb af3 green # diffserv domain vpnb ip-dscp-inbound 34 phb af3 green # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.1.1.1 255.255.255.0 mpls mpls te mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te port-queue ef pq shaping 25 outbound port-queue af4 wfq weight 15 shaping 15 outbound port-queue af3 wfq weight 10 shaping 10 outbound # interface GigabitEthernet2/0/0 undo shutdown # interface GigabitEthernet2/0/0.1 vlan-type dot1q 10 l2 binding vsi vpna trust upstream vpna trust 8021p # interface GigabitEthernet3/0/0 undo shutdown #
6-92
Issue 03 (2008-09-22)
interface GigabitEthernet3/0/0.1 vlan-type dot1q 20 l2 binding vsi vpnb trust upstream vpnb # interface LoopBack1 ip address 1.1.1.9 255.255.255.252 # interface Tunnel1/0/0 ip address unnumbered interface LoopBack1 tunnel-protocol mpls te destination 2.2.2.9 mpls te tunnel-id 100 mpls te bandwidth bc0 100000 flow-queue te mpls te reserved-for-binding mpls te vpn-binding l2vpn vsi vpna cir 50000 pir 100000 flow-queue vpna mpls te vpn-binding l2vpn vsi vpnb cir 30000 pir 100000 flow-queue vpnb mpls te commit # ospf 1 opaque-capability enable area 0.0.0.0 network 100.1.1.0 0.0.0.255 network 1.1.1.9 0.0.0.0 mpls-te enable # tunnel-policy policy1 tunnel binding destination 2.2.2.9 te Tunnel 1/0/0 # return l

# sysname P # mpls lsr-id 3.3.3.9 mpls mpls te mpls rsvp-te mpls te cspf # diffserv domain default # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.1.1.2 255.255.255.0 mpls mpls te mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 200.1.1.1 255.255.255.0 mpls mpls te mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te # interface LoopBack1 ip address 2.2.2.9 255.255.255.252 # ospf 1 opaque-capability enable area 0.0.0.0 network 100.1.1.0 0.0.0.255
Issue 03 (2008-09-22)
6-93

network 200.1.1.0 0.0.0.255 network 3.3.3.9 0.0.0.0 mpls-te enable # return l

# sysname PE2 # mpls lsr-id 2.2.2.9 mpls mpls te mpls rsvp-te mpls te cspf mpls l2vpn # vsi vpna static pwsignal ldp vsi-id 1 peer 1.1.1.9 # vsi vpnb static pwsignal ldp vsi-id 2 peer 1.1.1.9 # mpls ldp # mpls ldp remote-peer 1.1.1.9 remote-ip 1.1.1.9 # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 200.1.1.2 255.255.255.0 mpls mpls te mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te # interface GigabitEthernet2/0/0 undo shutdown # interface GigabitEthernet2/0/0.1 vlan-type dot1q 10 l2 binding vsi vpna # interface GigabitEthernet3/0/0 undo shutdown # interface GigabitEthernet3/0/0.1 vlan-type dot1q 20 l2 binding vsi vpnb # interface LoopBack1 ip address 2.2.2.9 255.255.255.252 # ospf 1 opaque-capability enable area 0.0.0.0 network 200.1.1.0 0.0.0.255 network 2.2.2.9 0.0.0.0 mpls-te enable # return

#
6-94
Issue 03 (2008-09-22)

sysname CE1 # interface GigabitEthernet1/0/0 undo shutdown portswitch port link-type trunk port trunk allow-pass vlan 10 # return l

# sysname CE2 # interface GigabitEthernet1/0/0 undo shutdown portswitch port link-type trunk port trunk allow-pass vlan 10 # return

# sysname CE3 # interface GigabitEthernet1/0/0 undo shutdown # interface GigabitEthernet1/0/0.1 ip address 10.3.1.1 255.255.255.0 vlan-type dot1q 20 # return

# sysname CE4 # interface GigabitEthernet1/0/0 undo shutdown # interface GigabitEthernet1/0/0.1 undo shutdown ip address 10.3.1.2 255.255.255.0 vlan-type dot1q 20 # return
6.5.6 Example for Configuring Hierarchical Resource Reserved VPNs (with Both L3VPNs and L2VPNs Deployed)
As shown in Figure 6-13, CE1 and CE2 belong to VPN A; CE3 and CE4 belong to VPN B; CE5 and CE6 belong to VPN C. VPN A, VPN B, and VPN C share the two MPLS TE tunnels that connect the public edge devices PE1 and PE2. In the MPLS TE tunnels:
l l l
On VPN A, CE1 and CE2 can access each other through the BGP/MPLS IP VPN. On VPN B, a Martini VLL is established between CE3 and CE4. On VPN C, a Martini VPLS is established between CE5 and CE6.
Issue 03 (2008-09-22)
You are required to reserve bandwidths for packets from VPN A, VPN B, and VPN C that go through the MPLS TE tunnels, and for packets of different services within a VPN. The bandwidth resources also need to be separated from each other. To be specific:
l
Use RSVP-TE to establish one MPLS TE tunnel connecting the devices from PE1 to PE2, and the other from PE2 to PE1. These MPLS TE tunnels carry VPN services. The bandwidth of each tunnel is 100 Mbit/s. The maximum bandwidth of the link along the tunnel is 200 Mbit/s and the maximum reservable bandwidth is 120 Mbit/s. VPN A is guaranteed with a bandwidth of 30 Mbit/s in the MPLS TE tunnel. The VoIP packets of VPN A are forwarded as EF packets and are guaranteed with a bandwidth of 10 Mbit/s. The video packets of VPN A are forwarded as AF4 packets and guaranteed with a bandwidth of 5 Mbit/s. The important data packets of VPN A are forwarded as AF3 packets and are guaranteed with a bandwidth of 5 Mbit/s. VPN B is guaranteed with a bandwidth of 20 Mbit/s in the MPLS TE tunnel. The voice packets in VPN B are forwarded as EF packets and are guaranteed with a bandwidth of 8 Mbit/s. Other data packets share the remaining bandwidth for the packets of VPN B according to the default settings of the system. VPN C is guaranteed with a bandwidth of 20 Mbit/s in the MPLS TE tunnel. VPN C is guaranteed with a bandwidth of 10 Mbit/s for voice packets of the EF type, a bandwidth of 5 Mbit/s for important data packets of the AF4 type. Other data packets share the remaining bandwidth for the packets of VPN C according to the default settings of the system. The packets from VPN A, VPN B and VPN C are forwarded in the Uniform model along the MPLS TE tunnel. On the outbound interface of the MPLS domain, the packets are scheduled according to the DSCP priorities that are mapped from the EXP priorities.
Figure 6-13 Networking diagram for configuring hierarchical resource reserved VPNs
Device CE1 CE2 CE3 CE4
Interface GE1/0/0 GE1/0/0 GE1/0/0.1 GE1/0/0.1
IP address 10.1.1.1/24 10.2.1.1/24 10.3.1.1/24 10.3.1.2/24
6-96
Issue 03 (2008-09-22)

CE5 CE6 PE1 GE1/0/0.1 GE1/0/0.1 Loopback1 POS1/0/0 GE2/0/0 P Loopback1 POS1/0/0 POS2/0/0 PE2 Loopback1 POS1/0/0 GE2/0/0 10.4.1.1/24 10.4.1.2/24 1.1.1.9/32 100.1.1.1/24 10.1.1.2/24 3.3.3.9/32 100.1.1.2/24 200.1.1.1/24 2.2.2.9/32 200.1.1.2/24 10.2.1.2/24
The configuration roadmap is as follows: 1. 2. 3. Configure the IP addresses and routes for the interfaces to ensure that they interwork at the network layer. Configure MPLS TE tunnels between the PEs. Configure VPN services. Configure CE1 and CE2 to access each other through the BGP MPLS IP VPN; CE3; configure the Martini VLL on CE3 and CE4; configure the Martini VPLS on CE5 and CE6. Configure the simple traffic classification: trusting DSCP values carried by upstream packets. Configure the packets from VPN A, VPN B and VPN C to use the Uniform model in the MPLS TE tunnel. Configure resource reservation and bandwidth guarantee for the traffic from VPN A, VPN B, and VPN C.
NOTE
4. 5. 6.
The hierarchical resource reserved VPN is configured only on an ingress PE. After the configuration of the hierarchical resource reserved VPN, you can further configure interface-specific HQoS on the interface of the user side on the egress PE. Network traffic is bi-directional; therefore, you can configure hierarchical resource reserved VPN for the opposite traffic on the peer PE. In this example, the resource reserved VPN is configured only for packets from PE1 to PE2. The configuration of resource reserved VPN for packets from PE2 to PE1 is contained in the configuration file.
Data Preparation
l l
IP addresses of the interfaces MPLS LSR IDs on the PE and P devices, maximum usable bandwidth of the physical link along the MPLS TE tunnel, and the maximum reservable bandwidth Tunnel interfaces, MPLS TE tunnel encapsulation protocol, tunnel ID, and RSVP tunnel signaling Name of the VPN instance, VPN-target, and RD for VPN A Name of the remote PE peer, VC ID, and VLAN ID for VPN B
l l
Issue 03 (2008-09-22)

l l
VSI name, VSI ID, and VLAN ID of the AC sub-interface for VPN C Service types and colors of the packets from VPN B and VPN C for label mapping at the ingress of the MPLS TE tunnel Guaranteed bandwidths and scheduling parameters for flow queues that accept non-VPN packets from VPN A, VPN B, VPN C, and the MPLS TE tunnel Bandwidth limits for VPN A, VPN B, VPN C, and the MPLS TE tunnel
1. Configure the IP addresses of the interfaces on the MPLS backbone network and the IGP (OSPF) to ensure interworking between PE1, P, and PE2. The details are not mentioned here. For detailed description of the configuration, see "6.5.3 Example for Configuring a Hierarchical Resource Reserved L3VPN." 2. Configuring MPLS TE tunnels # Configure the basic MPLS functions and MPLS LDP on the MPLS backbone network.
l
Configure PE1.
Configure PE2.
# Establish a remote peer session between PE1 and PE2.

l
Configure PE1.
Configure PE2.

l
Configure PE1.
<PE1> system-view [PE1] mpls [PE1-mpls] mpls te [PE1-mpls] mpls rsvp-te [PE1-mpls] mpls te cspf [PE1-mpls] quit [PE1] interface pos 1/0/0 [PE1-Pos1/0/0] mpls [PE1-Pos1/0/0] mpls te [PE1-Pos1/0/0] mpls rsvp-te [PE1-Pos1/0/0] quit [PE1] ospf [PE1-ospf-1] opaque-capability enable [PE1-ospf-1] area 0
6-98
Issue 03 (2008-09-22)

[PE1-ospf-1-area-0.0.0.0] mpls-te enable [PE1-ospf-1-area-0.0.0.0] return l
Configure the P.
 system-view [P] mpls [P-mpls] mpls te [P-mpls] mpls rsvp-te [P-mpls] mpls te cspf [P-mpls] quit [P] interface pos 1/0/0 [P-Pos1/0/0] mpls [P-Pos1/0/0] mpls te [P-Pos1/0/0] mpls rsvp-te [P-Pos1/0/0] quit [P] interface pos 2/0/0 [P-Pos2/0/0] mpls [P-Pos2/0/0] mpls te [P-Pos2/0/0] mpls rsvp-te [P-Pos2/0/0] quit [P] ospf [P-ospf-1] opaque-capability enable [P-ospf-1] area 0 [P-ospf-1-area-0.0.0.0] mpls-te enable [P-ospf-1-area-0.0.0.0] return
Configure PE2.
<PE2> system-view [PE2] mpls [PE2-mpls] mpls te [PE2-mpls] mpls rsvp-te [PE2-mpls] mpls te cspf [PE2-mpls] quit [PE2] interface pos 1/0/0 [PE2-Pos1/0/0] mpls [PE2-Pos1/0/0] mpls te [PE2-Pos1/0/0] mpls rsvp-te [PE2-Pos1/0/0] quit [PE2] ospf [PE2-ospf-1] opaque-capability enable [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] mpls-te enable [PE2-ospf-1-area-0.0.0.0] return
NOTE
When you configure an MPLS TE tunnel, you need to specify the maximum usable bandwidth and the maximum reservable bandwidth for the physical link; then you also need to specify the bandwidth of the tunnel. The maximum reservable bandwidth of the physical link should not be greater than the maximum usable bandwidth. The bandwidth of a tunnel should not be greater than the maximum reservable bandwidth for the physical link.
l
Configure PE1.
Configure the P.
 system-view [P] interface pos 1/0/0 [P-Pos1/0/0] mpls te max-link-bandwidth 200000 [P-Pos1/0/0] mpls te max-reservable-bandwidth 120000 [P-Pos1/0/0] quit
Issue 03 (2008-09-22)
6-99

[P] interface pos 2/0/0 [P-Pos2/0/0] mpls te max-link-bandwidth 200000 [P-Pos2/0/0] mpls te max-reservable-bandwidth 120000 [P-Pos2/0/0] return
Configure PE2.
# Configure MPLS TE tunnels and tunneling policies on PEs.

l
Configure PE1.
<PE1> system-view [PE1] interface tunnel 1/0/0 [PE1-Tunnel1/0/0] ip address unnumbered interface loopback 1 [PE1-Tunnel1/0/0] tunnel-protocol mpls te [PE1-Tunnel1/0/0] destination 2.2.2.9 [PE1-Tunnel1/0/0] mpls te tunnel-id 100 [PE1-Tunnel1/0/0] mpls te signal-protocol rsvp-te [PE1-Tunnel1/0/0] mpls te reserved-for-binding [PE1-Tunnel1/0/0] mpls te commit [PE1-Tunnel1/0/0] quit [PE1] tunnel-policy policy1 [PE1-tunnel-policy-policy1] tunnel binding destination 2.2.2.9 te tunnel 1/0/0 [PE1-tunnel-policy-policy1] return
Configure PE2.
<PE2> system-view [PE2] interface tunnel 1/0/0 [PE2-Tunnel1/0/0] ip address unnumbered interface loopback 1 [PE2-Tunnel1/0/0] tunnel-protocol mpls te [PE2-Tunnel1/0/0] destination 1.1.1.9 [PE2-Tunnel1/0/0] mpls te tunnel-id 100 [PE2-Tunnel1/0/0] mpls te signal-protocol rsvp-te [PE2-Tunnel1/0/0] mpls te reserved-for-binding [PE2-Tunnel1/0/0] mpls te commit [PE2-Tunnel1/0/0] quit [PE2] tunnel-policy policy1 [PE2-tunnel-policy-policy1] tunnel binding destination 1.1.1.9 te tunnel 1/0/0 [PE2-tunnel-policy-policy1] return
Run the display interface tunnel command. You can view that the status of the interface is Up.
[PE1] display interface tunnel Tunnel1/0/0 current state : UP Line protocol current state : UP Description:HUAWEI, Quidway Series, Tunnel1/0/0 Interface Route Port,The Maximum Transmit Unit is 1500 Internet Address is unnumbered, using address of LoopBack1(1.1.1.9/32) Encapsulation is TUNNEL, loopback not set Tunnel destination 2.2.2.9 Tunnel up/down statistics 1 Tunnel protocol/transport MPLS/MPLS, ILM is available, primary tunnel id is 0x40c18000, secondary tunnel id is 0x0 300 minutes output rate 0 bytes/sec, 0 packets/sec 0 packets output, 0 bytes 0 output error
<PE1> display mpls te Tunnel Name Tunnel Desc Tunnel State Desc tunnel-interface : Tunnel1/0/0 : HUAWEI, Quidway Series, Tunnel1/0/0 Interface : CR-LSP is Up
6-100
Issue 03 (2008-09-22)

Tunnel Attributes : LSP ID : 1.1.1.9:1 Session ID : 100 Admin State : UP Ingress LSR ID : 1.1.1.9 Signaling Protocol : RSVP Class Type : CLASS 0 Reserved BW : 1200 kbps Setup Priority : 7 Hop Limit : Secondary Hop Limit : BestEffort Hop Limit: Affinity Prop/Mask : 0x0/0x0 Explicit Path Name : Secondary Affinity Prop/Mask: 0x0/0x0 Secondary Explicit Path Name: BestEffort Affinity Prop/Mask: 0x0/0x0 Tie-Breaking Policy : None Metric Type : None Record Route : Disabled FRR Flag : Disabled BackUpBW Type : Route Pinning : Disabled Retry Limit : 5 Reopt : Disabled Back Up Type : None Back Up LSPID : Auto BW : Disabled Min BW : Current Collected BW: Interfaces Protected: ACL Bind Value : VRF Bind Value : L2VPN Bind Value : Car Policy : Disabled Tunnel Group : Primary Primary Tunnel Sum : Primary Tunnel : Backup Tunnel : IPTN InLabel : Group Status : Up Oam Status : Up Bfd Capability : None BestEffort : Disabled IsBestEffortPath: Non-existent
UP 2.2.2.9 SE 0 kbps 7
Record Label : Disabled BackUpBW Flag: Not Supported BackUpBW : Retry Interval: 10 sec Reopt Freq : Auto BW Freq : Max BW : -
3.
Configure BGP MPLS IP VPN for VPN A. # Configure VPN instances on PEs and bind the VPN instances to the interfaces that connect CEs.
l
Configure CE1.
Configure CE2.

<PE1> system-view [PE1] ip vpn-instance vpna [PE1-vpn-instance-vpna] route-distinguisher 100:1 [PE1-vpn-instance-vpna] vpn-target 111:1 export-extcommunity
Issue 03 (2008-09-22)
6-101

[PE1-vpn-instance-vpna] vpn-target 111:1 import-extcommunity [PE1-vpn-instance-vpna] quit [PE1] interface gigabitethernet2/0/0 [PE1-GigabitEthernet2/0/0] undo shutdown [PE1-GigabitEthernet2/0/0] ip binding vpn-instance vpna [PE1-GigabitEthernet2/0/0] ip address 10.1.1.2 255.255.255.0 [PE1-GigabitEthernet2/0/0] return

<PE2> system-view [PE2] ip vpn-instance vpna [PE2-vpn-instance-vpna] route-distinguisher 200:1 [PE2-vpn-instance-vpna] vpn-target 111:1 export-extcommunity [PE2-vpn-instance-vpna] vpn-target 111:1 import-extcommunity [PE2-vpn-instance-vpna] quit [PE2] interface gigabitethernet2/0/0 [PE2-GigabitEthernet2/0/0] undo shutdown [PE2-GigabitEthernet2/0/0] ip binding vpn-instance vpna [PE2-GigabitEthernet2/0/0] ip address 10.2.1.2 255.255.255.0 [PE2-GigabitEthernet2/0/0] return
Run the display ip vpn-instance verbose command on a PE. You can view the configurations of the VPN instances. The following is the output on PE1:
[PE1] display ip vpn-instance verbose Total VPN-Instances configured : 1 VPN-Instance Name and ID : vpna, 1 Create date : 2007/07/21 11:30:35 Up time : 0 days, 00 hours, 05 minutes and 19 seconds Route Distinguisher : 1:1 Export VPN Targets : 1:1 Import VPN Targets : 1:1 Label policy: label per route Interfaces : GigabitEthernet2/0/0
On a PE, you can ping through the connected CEs. # Apply tunneling policies to the VPN instances and specify that VPN A uses the MPLS TE tunnel.
l
Configure PE1.
<PE1> system-view [PE1] ip vpn-instance vpna [PE1-vpn-instance-vpna] tnl-policy policy1 [PE1-vpn-instance-vpna] return
Configure PE2.
<PE2> system-view [PE2] ip vpn-instance vpna [PE2-vpn-instance-vpna] tnl-policy policy1 [PE2-vpn-instance-vpna] return
# Establish an IBGP adjacency between PE1 and PE2.

l
Configure PE1.
<PE1> system-view [PE1] bgp 500 [PE1-bgp] peer 2.2.2.9 as-number 500 [PE1-bgp] peer 2.2.2.9 connect-interface loopback 1 [PE1-bgp] ipv4-family vpnv4 [PE1-bgp-af-vpnv4] peer 2.2.2.9 enable [PE1-bgp-af-vpnv4] return
Configure PE2.
<PE2> system-view [PE2] bgp 500 [PE2-bgp] peer 1.1.1.9 as-number 500 [PE2-bgp] peer 1.1.1.9 connect-interface loopback 1 [PE2-bgp] ipv4-family vpnv4
6-102
Issue 03 (2008-09-22)

[PE2-bgp-af-vpnv4] peer 1.1.1.9 enable [PE2-bgp-af-vpnv4] return
# Establish EBGP adjacencies between PE1 and CE1, and between PE2 and CE2.
l
Configure CE1.
Configure CE2.
Configure PE1.
<PE1> system-view [PE1] bgp 500 [PE1-bgp] ipv4-family vpn-instance vpna [PE1-bgp-vpna] peer 10.1.1.1 as-number 65410 [PE1-bgp-vpna] import-route direct [PE1-bgp-vpna] return
Configure PE2.
<PE2> system-view [PE2] bgp 500 [PE2-bgp] ipv4-family vpn-instance vpna [PE2-bgp-vpna] peer 10.2.1.1 as-number 65420 [PE2-bgp-vpna] import-route direct [PE2-bgp-vpna] return
Running the display bgp peer and the display bgp vpnv4 peer commands on a PE, you can view that BGP peer relations between PEs, and between PEs and CEs have been established: The state should be Established. The following is the output on PE1:
[PE1] display bgp peer BGP local router ID : 1.1.1.9 Local AS number : 500 Total number of peers : 1 Peers in established state : 1 Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv 2.2.2.9 4 500 3 3 0 00:00:11 Established 0 [PE1] display bgp vpnv4 all peer BGP local router ID : 1.1.1.9 Local AS number : 500 Total number of peers : 2 Peers in established state : 2 Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv 2.2.2.9 4 500 12 18 0 00:09:38 Established 0 Peer of vpn instance: vpn instance vpna : 10.1.1.1 4 65410 25 25 0 00:17:57 Established 1
CE1 and CE2 can ping through each other. CEs in different VPNs cannot ping through each other. 4. Configure Martini VLL on VPN B. # Configure CEs.
l
Configure CE3.
<CE3> system-view [CE3] interface gigabitethernet 1/0/0.1 [CE3-GigabitEthernet1/0/0.1] vlan-type dot1q 10 [CE3-GigabitEthernet1/0/0.1] ip address 10.3.1.1 24
Issue 03 (2008-09-22)
6-103

[CE3-GigabitEthernet1/0/0.1] return l
Configure CE4.
# Enable MPLS L2VPN on PEs, and then create VC connections.

l
Configure PE1: Create a VC on the interface connecting CE3 and apply the tunneling policy on the interface; then specify that VPN B uses the MPLS TE tunnel.
<PE1> system-view [PE1] mpls l2vpn [PE1-l2vpn] mpls l2vpn default martini [PE1-l2vpn] quit [PE1] interface gigabitethernet 3/0/0.1 [PE1-GigabitEthernet3/0/0.1] vlan-type dot1q 10 [PE1-GigabitEthernet3/0/0.1] mpls l2vc 2.2.2.9 101 tunnel-policy policy1 [PE1-GigabitEthernet3/0/0.1] return
Configure PE2: Create a VC on the interface connecting CE4.

<PE2> system-view [PE2] mpls l2vpn [PE2-l2vpn] mpls l2vpn default martini [PE2-l2vpn] quit [PE2] interface gigabitethernet 3/0/0.1 [PE2-GigabitEthernet3/0/0.1] vlan-type dot1q 20 [PE2-GigabitEthernet3/0/0.1] mpls l2vc 1.1.1.9 101 tunnel-policy policy1 [PE2-GigabitEthernet3/0/0.1] quit
Run the display mpls l2vc command on a PE. You can view that two L2 VCs are established and the state is Up. The following is the output on PE1:
[PE1] display mpls l2vc Total ldp vc : 1 1 up 0 down *Client Interface : GigabitEthernet3/0/0.1 Session State : up AC Status : up VC State : up VC ID : 101 VC Type : vlan Destination : 2.2.2.9 Local VC Label : 1025 Remote VC Label : 1024 Control Word : Disable forwarding entry : existent local group ID : 0 manual fault : not set active state : active link state : up Local VC MTU : 1500 Remote VC MTU : 1500 Tunnel Policy Name : policy1 Traffic Behavior Name: -PW Template Name : -primary or secondary : primary Create time : 0 days, 0 hours, 3 minutes, 14 seconds UP time : 0 days, 0 hours, 1 minutes, 48 seconds Last change time : 0 days, 0 hours, 1 minutes, 48 seconds
CE3 and CE4 can ping through each other. 5. Configure Martini VPLS. # Enable MPLS L2VPN on PEs and configure VSIs.
l
Configure PE1.
<PE1> system-view [PE1] mpls l2vpn
6-104
Issue 03 (2008-09-22)

[PE1-l2vpn] quit [PE1] vsi vpnc static [PE1-vsi-vpnc] pwsignal ldp [PE1-vsi-vpnc-ldp] vsi-id 1 [PE1-vsi-vpnc-ldp] peer 2.2.2.9 [PE1-vsi-vpnc-ldp] return l
Configure PE2.
<PE2> system-view [PE2] mpls l2vpn [PE2-l2vpn] quit [PE2] vsi vpnc static [PE2-vsi-vpnc] pwsignal ldp [PE2-vsi-vpnc-ldp] vsi-id 1 [PE2-vsi-vpnc-ldp] peer 1.1.1.9 [PE2-vsi-vpnc-ldp] return
# Apply tunneling policies to VSIs and specify that VPN C uses the MPLS TE tunnel.
l
Configure PE1.
<PE1> system-view [PE1] vsi vpnc [PE1-vsi-vpnc] tnl-policy policy1 [PE1-vsi-vpnc] return
Configure PE2.
<PE2> system-view [PE2] vsi vpnc [PE2-vsi-vpnc] tnl-policy policy1 [PE2-vsi-vpnc] return
# Bind VSIs to interfaces on PE2.

l
Configure CE5.
Configure CE6.
Configure PE1.
<PE1> system-view [PE1] interface gigabitethernet4/0/0.1 [PE1-GigabitEthernet4/0/0.1] vlan-type dot1q 20 [PE1-GigabitEthernet4/0/0.1] l2 binding vsi vpnc [PE1-GigabitEthernet4/0/0.1] return
Configure PE2.
<PE2> system-view [PE2] interface gigabitethernet4/0/0.1 [PE2-GigabitEthernet4/0/0.1] vlan-type dot1q 30 [PE2-GigabitEthernet4/0/0.1] l2 binding vsi vpnc [PE2-GigabitEthernet4/0/0.1] return
Run the display vsi name vpnc verbose command on PE1. You can view that a PW to PE2 is established for the VSI vpna and that the VSI status is Up.
[PE1] display vsi name vpnc verbose ***VSI Name : vpnc Administrator VSI : no Isolate Spoken : disable VSI Index : 0 PW Signaling : ldp
Issue 03 (2008-09-22)
6-105

Member Discovery Style PW MAC Learn Style Encapsulation Type MTU Mode Service Class Color DomainId Domain Name VSI State VSI ID *Peer Router ID VC Label Peer Type Session Tunnel ID Tunnel Policy Name Interface Name State **PW Information: *Peer Ip Address PW State Local VC Label Remote VC Label PW Type Tunnel ID : : : : : : : : : : : : : : : : : : : : : : : : : static unqualify vlan 1500 uniform --0
up 2 2.2.2.9 142336 dynamic up 0xc08002, policy1 GigabitEthernet4/0/0.1 up 2.2.2.9 up 142336 142336 label 0xc08002
CE5 and CE6 can ping through each other. 6. Configure the simple traffic classification on the inbound interface of PE1: trusting the DSCP values of upstream IP packets.
<PE1> system-view [PE1] interface gigabitethernet 2/0/0 [PE1-GigabitEthernet2/0/0] trust upstream default [PE1-GigabitEthernet2/0/0] quit [PE1] interface gigabitethernet 3/0/0.1 [PE1-GigabitEthernet3/0/0.1] trust upstream default [PE1-GigabitEthernet3/0/0.1] quit [PE1] interface gigabitethernet 4/0/0.1 [PE1-GigabitEthernet4/0/0.1] trust upstream default [PE1-GigabitEthernet4/0/0.1] return
The configuration on PE2 is the same as that on PE1. 7. Configure flow queues on PE1 for non-VPN packets from VPN A, VPN B, and the MPLS TE tunnel. # Configure a WRED object used by a flow queue.
The configuration on PE2 is the same as that on PE1. # Configure the scheduling algorithms, WRED parameters, and shaping values for flow queues.
<PE1> system-view [PE1] flow-queue vpna [PE1-flow-queue-template-vpna] [PE1-flow-queue-template-vpna] 5000 [PE1-flow-queue-template-vpna] 5000 [PE1-flow-queue-template-vpna] queue ef pq flow-wred test shaping 10000 queue af4 wfq weight 15 flow-wred test shaping queue af3 wfq weight 10 flow-wred test shaping quit
6-106
Issue 03 (2008-09-22)
[PE1] flow-queue vpnb [PE1-flow-queue-template-vpnb] queue ef pq flow-wred test shaping 8000 [PE1-flow-queue-template-vpnb] quit [PE1] flow-queue vpnc [PE1-flow-queue-template-vpnc] queue ef pq flow-wred test shaping 10000 [PE1-flow-queue-template-vpnc] queue af4 wfq weight 15 flow-wred test shaping 5000 [PE1-flow-queue-template-vpnb] quit [PE1] flow-queue non-vpn [PE1-flow-queue-template-non-vpn] queue ef pq flow-wred test shaping 3000 [PE1-flow-queue-template-non-vpn] queue af4 wfq weight 15 flow-wred test shaping 2000 [PE1-flow-queue-template-non-vpn] queue af3 wfq weight 10 flow-wred test shaping 1000 [PE1-flow-queue-template-non-vpn] return
The configuration on PE2 is the same as that on PE1. 8. Configure VPNs to support a DiffServ model.
<PE1> system-view [PE1] ip vpn-instance vpna [PE1-vpn-instance-vpna] diffserv-mode uniform [PE1-vpn-instance-vpna] quit [PE1] interface gigabitethernet 3/0/0.1 [PE1-GigabitEthernet3/0/0.1] diffserv-mode uniform [PE1-GigabitEthernet3/0/0.1] quit [PE1] vsi vpnc [PE1-vsi-vpnc] diffserv-mode uniform [PE1-vsi-vpnc] return
NOTE
l l
If for the first time you configure a VPN support the Uniform model, you can use the default Uniform model rather than configure the model with the command. If a VPN instance has been configured to support the Pipe or Short Pipe model and then you want to configure them to support the Uniform model, you need to perform the preceding configuration in this step.
The configuration on PE2 is the same as that on PE1. 9. Configure class queues on the interfaces on the network side of PE1.
The configuration on PE2 is the same as that on PE1. 10. Configure a bandwidth for the MPLS TE tunnel and statically bind VPN A, VPN B, and VPN C to the MPLS TE tunnel.
<PE1> system-view [PE1] interface tunnel 1/0/0 [PE1-Tunnel1/0/0] mpls te bandwidth 100000 flow-queue non-vpn [PE1-Tunnel1/0/0] mpls te vpn-binding vpn-instance vpna cir 30000 pir 100000 flow-queue vpna [PE1-Tunnel1/0/0] mpls te vpn-binding l2vpn interface gigabitethernet 3/0/0.1 cir 20000 pir 100000 flow-queue vpnb [PE1-Tunnel1/0/0] mpls te vpn-binding l2vpn vsi vpnc cir 20000 pir 100000 flowqueue vpnc [PE1-Tunnel1/0/0] mpls te commit
The configuration on PE2 is the same as that on PE1. 11. Verify the configuration. Run the display traffic statistics interface tunnel interface-number command. You can view the traffic statistics of an MPLS TE tunnel on an interface. For example, the following displays the traffic statistics of the tunnel 1/0/0:
[PE1] display traffic statistics interface tunnel 1/0/0 Tunnel1/0/0 Traffic Statistics : Transit packets :718361906 Transit bytes :49836833844 Discard packets :0 Discard bytes :0 Transit packets rate :2435000 packets/sec Transit bytes rate :100154000 bytes/sec *********L3VPN RRVPN Traffic Statistics********* VPN Instance :vpna Transit packets :239453968 Transit bytes :24918416800 Discard packets :0 Discard bytes :0 Transit packets rate:39000 packets/sec Transit bytes rate :3650000 bytes/sec *********VLL RRVPN Traffic Statistics********* VPN Instance :GigabitEthernet3/0/0.1 Transit packets :239453970 Transit bytes :29213384340 Discard packets :0 Discard bytes :0 Transit packets rate:26000 packets/sec Transit bytes rate :2470000 bytes/sec *********VPLS RRVPN Traffic Statistics********* VPN Instance Transit packets Transit bytes Discard packets Discard bytes Transit packets rate Transit bytes rate :vpnc :239453970 :29213384340 :0 :0 :26000 packets/sec :2470000 bytes/sec
*********Other Traffic Statistics********* Transit packets :0 Transit bytes :0 Discard packets :0 Discard bytes :0 Transit packets rate :0 packets/sec Transit bytes rate :0 bytes/sec
Configuration Files
l

# sysname PE1 # flow-wred test color green low-limit 30 high-limit 50 discard-percentage 100 color yellow low-limit 20 high-limit 40 discard-percentage 100 color red low-limit 10 high-limit 30 discard-percentage 100 # flow-queue vpna queue ef pq shaping 10000 flow-wred test queue af4 wfq weight 15 shaping 5000 flow-wred test queue af3 wfq weight 10 shaping 5000 flow-wred test # flow-queue vpnb queue ef pq shaping 8000 flow-wred test # flow-queue vpnc queue ef pq shaping 10000 flow-wred test queue af4 wfq weight 15 shaping 5000 flow-wred test
6-108
Issue 03 (2008-09-22)

# flow-queue non-vpn queue ef pq shaping 3000 flow-wred test queue af4 wfq weight 15 shaping 2000 flow-wred test queue af3 wfq weight 10 shaping 1000 flow-wred test # ip vpn-instance vpna route-distinguisher 100:1 tnl-policy policy1 vpn-target 111:1 export-extcommunity vpn-target 111:1 import-extcommunity # mpls lsr-id 1.1.1.9 mpls mpls te mpls rsvp-te mpls te cspf # vsi vpnc static pwsignal ldp vsi-id 1 peer 2.2.2.9 tnl-policy policy1 # mpls ldp # mpls ldp remote-peer 2.2.2.9 remote-ip 2.2.2.9 # diffserv domain default # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.1.1.1 255.255.255.0 mpls mpls te mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te port-queue ef pq shaping 35 outbound port-queue af4 wfq weight 15 shaping 15 outbound port-queue af3 wfq weight 10 shaping 10 outbound # interface GigabitEthernet2/0/0 undo shutdown ip binding vpn-instance vpna ip address 10.1.1.2 255.255.255.0 trust upstream default # interface GigabitEthernet3/0/0 undo shutdown # interface GigabitEthernet3/0/0.1 vlan-type dot1q 10 mpls l2vc 2.2.2.9 101 tunnel-policy policy1 trust upstream default # interface GigabitEthernet4/0/0 undo shutdown # interface GigabitEthernet4/0/0.1 vlan-type dot1q 20 l2 binding vsi vpnc trust upstream default # interface LoopBack1 ip address 1.1.1.9 255.255.255.252 #
Issue 03 (2008-09-22)
6-109
interface Tunnel1/0/0 ip address unnumbered interface LoopBack1 tunnel-protocol mpls te destination 2.2.2.9 mpls te tunnel-id 100 mpls te bandwidth bc0 100000 flow-queue non-vpn mpls te reserved-for-binding mpls te vpn-binding vpn-instance vpna cir 30000 pir 100000 flow-queue vpna mpls te vpn-binding l2vpn interface gigabitethernet 3/0/0.1 cir 20000 pir 100000 flow-queue vpnb mpls te vpn-binding l2vpn vsi vpnc cir 20000 pir 100000 flow-queue vpnc mpls te commit # bgp 500 peer 2.2.2.9 as-number 500 peer 2.2.2.9 connect-interface LoopBack1 # ipv4-family vpnv4 peer 2.2.2.9 enable # ipv4-family vpn-instance vpna peer 10.1.1.1 as-number 65410 import-route direct # ospf 1 opaque-capability enable area 0.0.0.0 network 100.1.1.0 0.0.0.255 network 1.1.1.9 0.0.0.0 mpls-te enable # tunnel-policy policy1 tunnel binding destination 2.2.2.9 te Tunnel 1/0/0 # return l
# sysname P # mpls mpls te mpls rsvp-te mpls te cspf # diffserv domain default # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.1.1.2 255.255.255.0 mpls mpls te mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 200.1.1.1 255.255.255.0 mpls mpls te mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te # interface LoopBack1 ip address 2.2.2.9 255.255.255.252 #
6-110
Issue 03 (2008-09-22)

domain default # ospf 1 opaque-capability enable area 0.0.0.0 network 100.1.1.0 0.0.0.255 network 200.1.1.0 0.0.0.255 network 3.3.3.9 0.0.0.0 mpls-te enable # return l

# sysname PE2 # flow-wred test color green low-limit 30 high-limit 50 discard-percentage 100 color yellow low-limit 20 high-limit 40 discard-percentage 100 color red low-limit 10 high-limit 30 discard-percentage 100 # flow-queue vpna queue ef pq shaping 10000 flow-wred test queue af4 wfq weight 15 shaping 5000 flow-wred test queue af3 wfq weight 10 shaping 5000 flow-wred test # flow-queue vpnb queue ef pq shaping 8000 flow-wred test # flow-queue vpnc queue ef pq shaping 10000 flow-wred test queue af4 wfq weight 15 shaping 5000 flow-wred test # flow-queue non-vpn queue ef pq shaping 3000 flow-wred test queue af4 wfq weight 15 shaping 2000 flow-wred test queue af3 wfq weight 10 shaping 1000 flow-wred test # ip vpn-instance vpna route-distinguisher 200:1 tnl-policy policy1 vpn-target 111:1 export-extcommunity vpn-target 111:1 import-extcommunity # mpls lsr-id 2.2.2.9 mpls mpls te mpls rsvp-te mpls te cspf # vsi vpnc static pwsignal ldp vsi-id 1 peer 1.1.1.9 tnl-policy policy1 # mpls ldp # mpls ldp remote-peer 1.1.1.9 remote-ip 1.1.1.9 # # diffserv domain default # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 200.1.1.2 255.255.255.0 mpls mpls te
Issue 03 (2008-09-22)
6-111
mpls te max-link-bandwidth 200000 mpls te max-reservable-bandwidth 120000 mpls rsvp-te port-queue ef pq shaping 35 outbound port-queue af4 wfq weight 15 shaping 15 outbound port-queue af3 wfq weight 10 shaping 10 outbound # interface GigabitEthernet2/0/0 undo shutdown ip binding vpn-instance vpna ip address 10.2.1.2 255.255.255.0 trust upstream default # interface GigabitEthernet3/0/0 undo shutdown # interface GigabitEthernet3/0/0.1 vlan-type dot1q 20 mpls l2vc 2.2.2.9 101 tunnel-policy policy1 trust upstream default # interface GigabitEthernet4/0/0 undo shutdown # interface GigabitEthernet4/0/0.1 vlan-type dot1q 30 l2 binding vsi vpnc trust upstream default # interface LoopBack1 ip address 2.2.2.9 255.255.255.252 # interface Tunnel1/0/0 ip address unnumbered interface LoopBack1 tunnel-protocol mpls te destination 2.2.2.9 mpls te tunnel-id 100 mpls te bandwidth bc0 100000 flow-queue non-vpn mpls te reserved-for-binding mpls te vpn-binding vpn-instance vpna cir 30000 pir 100000 flow-queue vpna mpls te vpn-binding l2vpn interface gigabitethernet 3/0/0.1 cir 20000 pir 100000 flow-queue vpnb mpls te vpn-binding l2vpn vsi vpnc cir 20000 pir 100000 flow-queue vpnc mpls te commit # bgp 500 peer 1.1.1.9 as-number 500 peer 1.1.1.9 connect-interface LoopBack1 # ipv4-family vpnv4 peer 1.1.1.9 enable # ipv4-family vpn-instance vpna peer 10.2.1.1 as-number 65420 import-route direct # ospf 1 opaque-capability enable area 0.0.0.0 network 200.1.1.0 0.0.0.255 network 2.2.2.9 0.0.0.0 mpls-te enable # return l

# sysname CE1 # interface GigabitEthernet1/0/0
6-112
Issue 03 (2008-09-22)

undo shutdown ip address 10.1.1.1 255.255.255.0 # bgp 65410 peer 10.1.1.2 as-number 500 # undo synchronization import-route direct peer 10.1.1.2 enable # return l

# sysname CE2 # interface GigabitEthernet1/0/0 undo shutdown ip address 10.2.1.1 255.255.255.0 # bgp 65420 peer 10.2.1.2 as-number 500 # undo synchronization import-route direct peer 10.2.1.2 enable # return




Issue 03 (2008-09-22)

6.5.7 Example for Configuring an MPLS DiffServ Model on the VPLS over TE
As shown in Figure 6-14, CE1 and CE2 belong to the same VPLS and access the MPLS backbone network respectively through PE1 and PE2. In the MPLS backbone network, OSPF is taken as the IGP protocol. On PE1, the bandwidth for VPN traffic of CE1 is 1 Mbit/s. Set the Pipe model on PE1 to carry out MPLS DiffServ. VPN services are forwarded in the MPLS network with the priority configured by the service carrier. The egress router of the MPLS network does not change the 8021p value of the packet and only performs queue scheduling according to the EXP value in the MPLS label. Figure 6-14 Networking diagram for configuring an MPLS DiffServ model
The configuration roadmap is as follows: 1. 2. Configuring routing protocols and enabling MPLS on the PE and P devices Creating the MPLS TE tunnel and configuring the tunnel policy. For detailed configuration, refer to the "MPLS TE Configuration" in the Quidway NetEngine80E/40E Router Configuration MPLS
6-114
3. 4. 5.
Configuring VPLS over TE. For detailed configuration, refer to the "VPLS Configuration" in the Quidway NetEngine80E/40E Router Configuration VPN. Configuring traffic policing based on the complex traffic classification on PE1. Setting the MPLS DiffServ model on PE1.
Data Preparations
l l l
Name of the traffic classifier, behavior, and the traffic policy CIR used in traffic policing CoS and color of IP packets in the Pipe model
1. 2. Set the IP addresses on the interfaces and configure OSPF. The detailed configuration is not mentioned here. Enable MPLS, MPLS TE, MPLS RSVP-TE, and MPLS CSPF. Configure OSPF TE. On the nodes along the MPLS TE tunnel, enable MPLS, MPLS TE, and MPLS RSVP-TE both in the system view and the interface view. On the ingress node of the tunnel, enable MPLS CSPF in the system view. # Configure PE1.
[PE1] mpls lsr-id 1.1.1.9 [PE1] mpls [PE1-mpls] mpls te [PE1-mpls] mpls rsvp-te [PE1-mpls] mpls te cspf [PE1-mpls] quit [PE1] interface pos1/0/0 [PE1-Pos1/0/0] undo shutdown [PE1-Pos1/0/0] mpls [PE1-Pos1/0/0] mpls te [PE1-Pos1/0/0] mpls rsvp-te [PE1-Pos1/0/0] quit [PE1] ospf [PE1-ospf-1] opaque-capability enable [PE1-ospf-1] area 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] network 100.1.1.0 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] mpls-te enable [PE1-ospf-1-area-0.0.0.0] quit
# Configure the P.
[P] mpls lsr-id 2.2.2.9 [P] mpls [P-mpls] mpls te [P-mpls] mpls rsvp-te [P-mpls] quit [P] interface pos1/0/0 [P-Pos1/0/0] undo shutdown [P-Pos1/0/0] mpls [P-Pos1/0/0] mpls te [P-Pos1/0/0] mpls rsvp-te [P-Pos1/0/0] quit [P] interface pos2/0/0 [P-Pos2/0/0] undo shutdown [P-Pos2/0/0] mpls [P-Pos2/0/0] mpls te [P-Pos2/0/0] mpls rsvp-te
Issue 03 (2008-09-22)
6-115
[P-Pos2/0/0] quit [P] ospf [P-ospf-1] opaque-capability enable [P-ospf-1] area 0.0.0.0 [P-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0 [P-ospf-1-area-0.0.0.0] network 100.1.1.0 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 100.2.1.0 0.0.0.255 [P-ospf-1-area-0.0.0.0] mpls-te enable [P-ospf-1-area-0.0.0.0] quit
# Configure PE2. The configuration of PE2 is similar to that of PE1, and is not mentioned here. 3. Configure the Tunnel interface. # Create tunnel interfaces on the PE devices. Set tunneling protocol to MPLS TE and the signaling protocol to RSVP-TE. # Configure PE1.
[PE1] interface tunnel 1/0/0 [PE1-Tunnel1/0/0] ip address unnumbered interface loopback1 [PE1-Tunnel1/0/0] tunnel-protocol mpls te [PE1-Tunnel1/0/0] mpls te signal-protocol rsvp-te [PE1-Tunnel1/0/0] destination 3.3.3.9 [PE1-Tunnel1/0/0] mpls te tunnel-id 100 [PE1-Tunnel1/0/0] mpls te reserved-for-binding [PE1-Tunnel1/0/0] mpls te commit
# Configure PE2.
[PE2] interface tunnel 1/0/0 [PE2-Tunnel1/0/0] ip address unnumbered interface loopback1 [PE2-Tunnel1/0/0] tunnel-protocol mpls te [PE2-Tunnel1/0/0] mpls te signal-protocol rsvp-te [PE2-Tunnel1/0/0] destination 1.1.1.9 [PE2-Tunnel1/0/0] mpls te tunnel-id 100 [PE2-Tunnel1/0/0] mpls te reserved-for-binding [PE2-Tunnel1/0/0] mpls te commit
After the said configuration, run the display this interface command in the tunnel interface view. In the output, the value of "Line protocol current state" is UP. It indicates that the MPLS TE tunnel is set up successfully. Take PE1 for an example:
[PE1-Tunnel1/0/0] display this interface Tunnel1/0/0 current state : UP Line protocol current state : UP Description : HUAWEI, Quidway Series, Tunnel1/0/0 Interface, Route Port The Maximum Transmit Unit is 1500 bytes Internet Address is unnumbered, using address of LoopBack1(1.1.1.9/32) Encapsulation is TUNNEL, loopback not set Tunnel destination 3.3.3.9 Tunnel protocol/transport MPLS/MPLS, ILM is available, primary tunnel id is 0x1002003, secondary tunnel id is 0x0 5 minutes output rate 0 bytes/sec, 0 packets/sec 0 packets output, 0 bytes 0 output error
4.
Set up LDP sessions. Set up LDP sessions between PE1 and PE2. # Configure PE1.
[PE1] mpls ldp [PE1-mpls-ldp] quit [PE1] mpls ldp remote-peer 3.3.3.9 [PE1-mpls-ldp-remote-3.3.3.9] remote-ip 3.3.3.9 [PE1-mpls-ldp-remote-3.3.3.9] quit
# Configure PE2.
[PE2] mpls ldp [PE2-mpls-ldp] quit
6-116
Issue 03 (2008-09-22)

[PE2] mpls ldp remote-peer 1.1.1.9 [PE2-mpls-ldp-remote-1.1.1.9] remote-ip 1.1.1.9 [PE2-mpls-ldp-remote-1.1.1.9] quit
After the above configuration, the LDP session should be set up between the PE devices. Take PE1 for an example:
[PE1] display mpls ldp session LDP Session(s) in Public Network ---------------------------------------------------------------------Peer-ID Status LAM SsnRole SsnAge KA-Sent/Rcv ---------------------------------------------------------------------3.3.3.9:0 Operational DU Passive 000:00:06 26/26 ---------------------------------------------------------------------TOTAL: 1 session(s) Found. LAM : Label Advertisement Mode SsnAge Unit : DDD:HH:MM
5.
Create the VSI on the PE devices and configure the tunnel policies. # Configure PE1.
[PE1] tunnel-policy policy1 [PE1-tunnel-policy-policy1] tunnel binding destination 3.3.3.9 te tunnel1/0/0 [PE1-tunnel-policy-policy1] quit [PE1] mpls l2vpn [PE1] vsi a2 static [PE1-vsi-a2] pwsignal ldp [PE1-vsi-a2-ldp] vsi-id 2 [PE1-vsi-a2-ldp] peer 3.3.3.9 [PE1-vsi-a2-ldp] quit [PE1-vsi-a2] tnl-policy policy1
# Configure PE2.
[PE2] tunnel-policy policy1 [PE2-tunnel-policy-policy1] tunnel binding destination 1.1.1.9 te tunnel1/0/0 [PE2-tunnel-policy-policy1] quit [PE2] mpls l2vpn [PE2] vsi a2 static [PE2-vsi-a2] pwsignal ldp [PE2-vsi-a2-ldp] vsi-id 2 [PE2-vsi-a2-ldp] peer 1.1.1.9 [PE2-vsi-a2-ldp] quit [PE2-vsi-a2] tnl-policy policy1
6.
Bind the VSI with the interface on the PEs. # Configure PE1.
[PE1] interface gigabitethernet2/0/0.1 [PE1-GigabitEthernet2/0/0.1] vlan-type dot1q 10 [PE1-GigabitEthernet2/0/0.1] l2 binding vsi a2
# Configure PE2.
[PE2] interface gigabitethernet2/0/0.1 [PE2-GigabitEthernet2/0/0.1] vlan-type dot1q 10 [PE2-GigabitEthernet2/0/0.1] l2 binding vsi a2
# Configure CE1.
<Quidway> sysname CE1 [CE1] interface gigabitethernet1/0/0.1 [CE1-GigabitEthernet1/0/0.1] vlan-type dot1q 10 [CE1-GigabitEthernet1/0/0.1] ip address 10.1.1.1 255.255.255.0
# Configure CE2.
<Quidway> sysname CE2 [CE2] interface gigabitethernet1/0/0.1 [CE2-GigabitEthernet1/0/0.1] vlan-type dot1q 10 [CE2-GigabitEthernet1/0/0.1] ip address 10.1.1.2 255.255.255.0
7.
On PE1, configure traffic policing for VPN traffic of CE1.

<PE1> system-view [PE1] traffic classifier car
Issue 03 (2008-09-22)
6-117
[PE1-classifier-car] if-match any [PE1-classifier-car] quit [PE1] traffic behavior car [PE1-behavior-car] car cir 1000 green pass red discard [PE1-behavior-car] quit [PE1] traffic policy car [PE1-trafficpolicy-car] classifier car behavior car [PE1-trafficpolicy-car] quit [PE1] interface gigabitethernet2/0/0.1 [PE1-GigabitEthernet2/0/0.1] undo shutdown [PE1-GigabitEthernet2/0/0.1] traffic-policy car inbound [PE1-GigabitEthernet2/0/0.1] quit
8.
Set the MPLS DiffServ model on PE1 and PE2. # Configure PE1.
[PE1] vsi a2 [PE1-vsi-a2] diffserv-mode pipe af3 green [PE1-vsi-a2] quit [PE1] mpls [PE1-mpls] label advertise non-null [PE1-mpls] quit
# Configure PE1.
[PE2] vsi a2 [PE2-vsi-a2] diffserv-mode pipe af3 green [PE2-vsi-a2] quit [PE2] mpls [PE2-mpls] label advertise non-null [PE2-mpls] quit
9.
Verify the configuration. Run the display vsi verbose command on PE1. The output shows that the MPLS DiffServ model is Pipe.
<PE1> display vsi verbose ***VSI Name : a2 Administrator VSI : no Isolate Spoken : disable VSI Index : 0 PW Signaling : ldp Member Discovery Style : static PW MAC Learn Style : unqualify Encapsulation Type : vlan MTU : 1500 Mode : pipe Service Class : af3 Color : green DomainId : 0 Domain Name : Tunnel Policy Name : policy1 VSI State : up VSI ID : 2 *Peer Router ID : 3.3.3.9 VC Label : 117760 Peer Type : dynamic Session : up Tunnel ID : 0x60018000, Interface Name : GigabitEthernet2/0/0.1 State : up **PW Information: *Peer Ip Address : 3.3.3.9 PW State : up Local VC Label : 117760 Remote VC Label : 117759 PW Type : label Tunnel ID : 0x60618013
6-118
Issue 03 (2008-09-22)
Configuration Files
l

# sysname PE1 # mpls lsr-id 1.1.1.9 mpls mpls te mpls rsvp-te mpls te cspf label advertise non-null # mpls l2vpn # vsi a2 static pwsignal ldp vsi-id 2 peer 3.3.3.9 tnl-policy policy1 diffserv-mode pipe af3 green # mpls ldp # mpls ldp remote-peer 3.3.3.9 remote-ip 3.3.3.9 # traffic classifier car if-match any # traffic behavior car car cir 1000 cbs 10000 pbs 0 green pass red discard # traffic policy car classifier car behavior car # mpls ldp remote-peer 3.3.3.9 remote-ip 3.3.3.9 # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.1.1.1 255.255.255.0 mpls mpls te mpls rsvp-te # interface GigabitEthernet2/0/0 undo shutdown # interface GigabitEthernet2/0/0.1 vlan-type dot1q 10 l2 binding vsi a2 traffic-policy car inbound # interface LoopBack1 ip address 1.1.1.9 255.255.255.255 # interface Tunnel1/0/0 ip address unnumbered interface LoopBack1 tunnel-protocol mpls te destination 3.3.3.9 mpls te tunnel-id 100 mpls te reserved-for-binding mpls te commit # ospf 1 opaque-capability enable area 0.0.0.0
Issue 03 (2008-09-22)
6-119

network 1.1.1.9 0.0.0.0 network 100.1.1.0 0.0.0.255 mpls-te enable
# tunnel-policy policy1 tunnel binding destination 3.3.3.9 te tunnel1/0/0 # return l

# sysname P # mpls lsr-id 2.2.2.9 mpls mpls te mpls rsvp-te # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.1.1.2 255.255.255.0 mpls mpls te mpls rsvp-te # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 100.2.1.1 255.255.255.0 mpls mpls te mpls rsvp-te # interface LoopBack1 ip address 2.2.2.9 255.255.255.255 # ospf 1 opaque-capability enable area 0.0.0.0 network 2.2.2.9 0.0.0.0 network 100.1.1.0 0.0.0.255 network 100.2.1.0 0.0.0.255 mpls-te enable # return

# sysname PE2 # mpls lsr-id 3.3.3.9 mpls mpls te mpls rsvp-te mpls te cspf label advertise non-null # mpls l2vpn # vsi a2 static pwsignal ldp vsi-id 2 peer 1.1.1.9 tnl-policy policy1 diffserv-mode pipe af3 green # mpls ldp # mpls ldp remote-peer 1.1.1.9
6-120
Issue 03 (2008-09-22)

remote-ip 1.1.1.9 # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 100.2.1.2 255.255.255.0 mpls mpls te mpls rsvp-te mpls te cspf # interface GigabitEthernet2/0/0 undo shutdown # interface GigabitEthernet2/0/0.1 vlan-type dot1q 10 l2 binding vsi a2 # interface LoopBack1 ip address 3.3.3.9 255.255.255.255 # interface Tunnel1/0/0 ip address unnumbered interface LoopBack1 tunnel-protocol mpls te destination 1.1.1.9 mpls te tunnel-id 100 mpls te reserved-for-binding mpls te commit # ospf 1 opaque-capability enable area 0.0.0.0 network 3.3.3.9 0.0.0.0 network 100.2.1.0 0.0.0.255 mpls-te enable # tunnel-policy policy1 tunnel binding destination 1.1.1.9 te tunnel1/0/0 # return l

# sysname CE1 # interface GigabitEthernet1/0/0 undo shutdown # interface GigabitEthernet1/0/0.1 vlan-type dot1q 10 ip address 10.1.1.1 255.255.255.0 # return

# sysname CE2 # interface GigabitEthernet1/0/0 undo shutdown # interface GigabitEthernet1/0/0.1 vlan-type dot1q 10 ip address 10.1.1.2 255.255.255.0 # return
Issue 03 (2008-09-22)
6-121
6.6 Maintaining VPN QoS Configuration

This section describes the method for the fault analysis and troubleshooting, when QPPB cannot be used. 6.6.1 Troubleshooting
Fault Description
The VPN QoS feature fails to be applied.
Fault Analysis
The possible causes of the fault are as follows:
l l l l l l l
BGP VPNv4 routes cannot be received. VPN instance has been configured incorrectly. LSP has been set up incorrectly. Wrong routing policy has been applied. QoS parameters are not delivered to FIB. The QoS policy is created wrongly. No QPPB policy is applied on the interface.
1. Use the display mpls lsp command to check whether LSP has been created between PEs. If the LSP has not been created, there is a fault with MPLS. As a result, MPLS configuration fails. Use the display ip route vpn-instance vpn-name command to check whether the route on the private network is received. If the route is not received, there is a fault with the BGP. As a result, BGP configuration fails. Use the display ip routing-table vpn-instance vpn-name verbose command to check whether QoS parameters are delivered correctly. If the parameters are not delivered correctly, there is a fault with the configuration of the routing policy. As a result, the routing policy configuration fails. Use the display current interface [ interface-type interface-number ] command to display whether QPPB policy is configured correctly at the physical egress of LSP.
2.
3.
4.
6-122
Issue 03 (2008-09-22)
7 ATM QoS Configuration
7
About This Chapter
ATM QoS Configuration
This chapter describes the configuration of simple ATM traffic classification and forced ATM traffic classification. 7.1 Overview This section describes the basic concepts and principle of ATM QoS. 7.2 Configuring ATM Simple Traffic Classification This section describes the procedure of configuring the ATM simple traffic classification. 7.3 Configuring Forced ATM Traffic Classification This section describes the procedure of configuring the forced ATM traffic classification. 7.4 Configuring ATM Complex Traffic Classification This section describes the procedure of configuring the ATM Complex Traffic Classification. 7.5 Configuring the ATM Traffic Shaping This section describes the procedure of configuring the ATM traffic shaping. 7.6 Configuring the Priority of an ATM PVC This section describes the procedure of configuring the priority of an ATM PVC. 7.7 Configuring Congestion Management of the ATM PVC This section describes the procedure of configuring the congestion management of an ATM PVC. 7.8 Configuration Examples This section provides some examples of configuring ATM QoS.
Issue 03 (2008-09-22)
7-1
7.1 Overview
This section describes the basic concepts and principle of ATM QoS. 7.1.1 Introduction to ATM QoS 7.1.2 ATM QoS Features Supported by the NE80E/40E
7.1.1 Introduction to ATM QoS

The Asynchronous Transfer Mode (ATM) is a traditional multi-service bearing technology that is used on the backbone network. It is used to bear IP, FR, voice, conference call, and ISDN/ DSL. It has powerful QoS capability. The existing ATM networks have been used to bear crucial services. Limited by the transfer mode and class of services, however, the ATM nowadays is poorer than IP in the expansibility, upgradeability, and compatibility. In the process of network upgrade, the ATM faces the problem of how to use existing resources to combine the ATM network with the Packet Switched Network (PSN). The ATM network has powerful QoS capability. In combination with the PSN network, the QoS capability of the ATM network must be remained and the mapping between the IP precedence, MPLS precedence, VLAN precedence and the ATM precedence must be set so that packets are transmitted with the same priority in the two networks. Combination of the ATM network and the PSN network applies to the following two situations:
l
Transparent transmission of ATM cells: In the transition from the ATM network to the PSN network, the MPLS tunnel is taken as the PW to connect the ATM network at both ends. Over the PW, AAL5 data frames or ATM cells are encapsulated and transparently transmitted in MPLS packets. IPoEoA encapsulated with 1483B and IPoA encapsulated with 1483R: The router is located at the edge of the ATM network to carry out access to the IP network. When data packets are transmitted on the ATM network, they are encapsulated in AAL5 frames. The router performs ATM termination to forward IP packets to other types of interfaces or forward Layer 2 Ethernet frames to the Ethernet interface.
NOTE
To configure the data described in this chapter, you need to have the ATM and QoS knowledge. For information about the ATM concept and the ATM configuration, refer to the Quidway NetEngine80E/ 40E Router Configuration Guide WAN Access. This chapter describes the ATM QoS configuration only.
7.1.2 ATM QoS Features Supported by the NE80E/40E

When the ATM network transits to the PSN network or serves as the bearer layer of the IP network, QoS of the ATM network and QoS of the IP network should be integrated to provide end to end QoS.
7-2
Issue 03 (2008-09-22)
ATM Simple Traffic Classification

ATM QoS supports simple traffic classification in three modes, that is, ATM transparent transmission, 1483R, and 1483B. The NE40E supports ATM simple traffic classification on the ATM sub-interface, VE interface or PVC, and PVP. ATM transparent transmission consists of transparent transmission of ATM cells and that of ATM frames.
l
VCC and VPC transparent transmission modes are for ATM cells. In these two modes, the basic transmission unit is ATM cell with a fixed size, 53 bytes. This accords with the transmission unit over standard ATM links. SDU transparent transmission is for ATM frames. The basic transmission unit is frame and the size depends on the user-defined MTU and the packet received by the upstream PE.
The 1483R protocol is used to encapsulate IP packets to carry out IPoA service. The 1483B protocol is used to encapsulate Ethernet packets to carry out IPoEoA service.
l
Principle of ATM simple traffic classification for transparent transmission On the AC side of the ingress PE in the MPLS network, the CoS and CLP values of the ATM network are mapped to the internal priority of the router. On the PW side of the ingress PE in the MPLS network, the internal priority is mapped back to the EXP value. Thus, QoS parameters of the ATM network can be transmitted in the MPLS network.(For SDU transparent transmission, the CLP in the SDU is 1 only if any one of the CLP value is 1 on the AC side of the ingress PE on the MPLS network. Otherwise, the CLP in the SDU is 0. The CLP value, in combination with the CoS of PVC, is mapped to the internal priority of the router. On the PW side of the ingress PE, the CLP value is the same as that in transparent transmission of other modes.) On the PW side of the egress PE in the MPLS network, the router forwards packets according to the MPLS EXP field. On the AC side of the egress PE in the MPLS network, the router forwards packets according to the priority of the ATM cells. On the PW side of the egress PE, the transparent transmission of SDU is the same as that of other modes. On the AC side of the egress PE in the MPLS network, if the CLP is 1, the CLP values of all ATM cells are set to 1. Otherwise, the CLP values of all ATM cells are set to 0. Based on the said simple traffic classification, the QoS parameters of the ATM network are transparently transmitted from one ATM network to another through the PSN network.
Principle of 1483R and 1483B simple traffic classification At the edge of the ATM network, simple traffic classification is enabled to set the mapping from the DSCP field to the ATM precedence on the router that carries out access to the IP network. On the upstream PVC of the access router, the precedence of the 1483R and 1483B packets depend on the encapsulated DSCP value. On the downstream PVC of the access router, the internal priority inside the router is mapped to the ATM CLP to map the DSCP values to ATM precedence.
Forced ATM Traffic Classification

Although ATM cells in the ATM network hold the precedence information, it is very difficult to carry out IPoA, transparent transmission of cells and IWF simple traffic classification based on the precedence information. Forced ATM traffic classification does not concern the service type and precedence. On the upstream interface on the router at the ATM network edge, you can configure forced traffic classification to set the precedence and color manually for IP packets of
a PVC, an interface or a PVP. You can also apply QoS policies on the downstream interface of the router at the ATM network edge. As shown in Figure 7-1, you can set the precedence and color for a specific flow on the upstream ATM interface of Router A. Then, the downstream interface can specify the queue and scheduling mode for the flow according to the precedence and the color. In this way, ATM QoS is carried out. Figure 7-1 Forced ATM traffic classification
ATM physical interface, ATM sub-interfaces, ATM PVC, ATM PVP and Virtual Ethernet (VE) interfaces all support forced traffic classification.
ATM Complex Traffic Classification

In the deployment of IP over ATM (IPoA) or IP over Ethernet over AAL5 (IPoEoA) services, sometimes you need to classify and limit the traffic that enters an ATM network or that is on an ATM network, for example:
l
To differentiate packet types, such as voice packets, video packets, and data packets and provide different bandwidths and latencies for those packet types To handle traffic coming from different users and provide different bandwidths and priorities for those packet types
To do so, you need to classify packets according to parameters such as the DSCP value, the protocol type, the IP address, or the port number, provide differentiated services, and configure QoS traffic policies based on the ATM complex traffic classification. The ATM complex traffic classification is carried out through the application of QoS traffic policies. To provide QoS guarantee on an ATM interface, you can define a QoS policy which contains traffic classifiers associated with traffic behaviors and then apply the QoS policy to the ATM interface. To do so, perform the following procedures: 1.
7-4
Define traffic classifiers.

2. 3. 4.
Define traffic behaviors. Define traffic policies and associate the traffic classifiers with the traffic behaviors. Apply the traffic policies to the ATM interfaces (or sub-interfaces) or VE interfaces.
NOTE
The NE80E/40E does not support the ATM complex traffic classification of IPv6 packets or IPv4 multicast packets because ATM does not support IPv6 or IPv4 multicast protocols.
ATM Traffic Shaping

When an ATM network is congested so that the traffic rate exceeds the threshold, the subsequent excessive packets are discarded. To prevent a downstream network from being congested or dropping directly numerous packets because of too heavy traffic on an upstream network, you can configure ATM traffic shaping (TS) on the outbound interface of the upstream router. TS limits the traffic rate and burst size of traffic that goes out of a network so that this type of packets are sent out at a uniform rate. This benefits the bandwidth match between an upstream network and a downstream network. To configure ATM TS, perform the following procedures:
l
Configure the ATM service type and shaping parameters in the system view. You can configure the service types of the Constant Bit Rate (CBR), Non Real Time-Variable Bit Rate (NRT-VBR), or Real Time-Variable Bit Rate (RT-VBR). Specify a ATM service type on a PVC or a PVP and apply the TS parameters.
Congestion Management of ATM PVC

On an ATM network, when the traffic rate exceeds the threshold, the excessive packets are buffered instead of being discarded. When the network is not busy, the buffered packets are then forwarded. With the congestion management of ATM PVC, the packets are organized into eight PVC queues according to a specified algorithm. The packets then are forwarded according to the queue scheduling mechanism. The configuration of ATM PVC queues involves the PQ configuration and the WFQ configuration.
7.2 Configuring ATM Simple Traffic Classification

This section describes the procedure of configuring the ATM simple traffic classification. 7.2.1 Establishing the Configuration Task 7.2.2 Enabling ATM Simple Traffic Classification 7.2.3 Configuring Mapping Rules for ATM QoS 7.2.4 Checking the Configuration

ATM simple traffic classification is mainly applied to the following two situations:
l
Two ATM networks are connected through the PSN network (ATM transparent transmission)
Issue 03 (2008-09-22)
As shown in Figure 7-2, Router A and Router B are the edge routers of two ATM networks. The existing ATM networks have been used to bear crucial services. The two ATM networks are connected through the PSN backbone network. An MPLS tunnel serves as the PW to connect the two ATM networks. Over the PW, MPLS packets are used to encapsulate AAL5 data frames or ATM cells. Figure 7-2 Networking diagram for connecting two ATM networks with the PSN network
Ethernet or IP packets are carried over the existing ATM network (1483R or 1483B transparent transmission) As shown in Figure 7-3, Router A and Router B are edge routers of two ATM networks to carry out access to the IP network. On the ATM network, IP packets are transmitted in AAL5 frames. When IP packets are sent out of the ATM network, the router performs ATM termination and forwards IP packets to other types of interfaces or forwards Layer 2 Ethernet frames to the Ethernet interface. Figure 7-3 Networking diagram for transmitting Ethernet or IP packets over the ATM network
You can configure ATM simple traffic classification on an interface, or on a PVC or PVP. Note that:
l
If ATM simple traffic classification is configured on an interface, it takes effect on all the PVC or PVP under the interface. If ATM simple traffic classification is configured not on the interface but only on a specific PVC or PVP, it takes effect only on the PVC or PVP. If a PVC is bound with a VE interface, ATM simple traffic classification takes effect only when it is configured on both the PVC and the VE interface. If ATM simple traffic classification is configured on both ATM interface or VE interface and PVC or PVP, the configuration on PVC or PVP takes effect.
Before configuring ATM simple traffic classification, complete the following tasks:
l l l
Configuring link attributes of the interface Allocating IP addresses for the interface Configuring PVC or PVP and the related parameters
7-6

l
Configuring ATM services (ATM transparent transmission, IPoA, or IPoEoA)
Data Preparation
To configure ATM simple traffic classification, you need the following data. No. 1 2 Data Number of interface, PVC, or PVP where ATM simple traffic classification is enabled Mapping rules for ATM simple traffic classification
7.2.2 Enabling ATM Simple Traffic Classification

Context
Do as follows on the router on which ATM simple traffic classification is required:
Procedure
Step 1 Run:
system-view
The system view is displayed. Step 2 Do as follows on the router as required:

l
To create an ATM sub-interface and enter the view of the ATM sub-interface, run:
interface atm atm-number.sub-interface
To create a PVC or PVP and enter the PVC or PVP view, on the sub-interface view, run:
pvc [ pvc-name ] vpi/vci
or
pvp vpi l
To create a VE interface and enter the view of the VE interface, run:

interface virtual-ethernet ve-name
Step 3 Run:
trust upstream { ds-domain-name | default }
The specified DS domain is bound with the interface and simple traffic classification is enabled. ----End
7.2.3 Configuring Mapping Rules for ATM QoS

Context
Do as follows on the router on which ATM simple traffic classificatin is enabled:
Procedure
Step 1 Run:
system-view

diffserv domain default
A DS domain is defined and the DS domain view is displayed. Step 3 Do as follows on the router as required:
l
To set ATM simple traffic classification for upstream ATM cells, run:
atm-inbound service-type clp-value phb service-class [ color ]
To set ATM simple traffic classification for downstream ATM cells, run:
atm-outbound service-class [ color ] map clp-value
To define mapping rules for simple traffic classification of ATM control cells, run:
atm-inbound oam-cell phb service-class [ color ]
CLP is a bit indicating the cell priority in an ATM cell header. A cell with CLP being 0 is in normal priority. A cell with CLP being 1 is in low priority; this cell is discarded in congestion. ATM defines five services types, namely, CBR, rt-VBR, nrt-VBR, ABR, and UBR. The ATM simple traffic classification supports traffic classification on the basis of ATM service types and CLP. ----End

Run the following commands to check the previous configuration. Action Check the configuration of the DS domain. Command display diffserv domain [ ds-domain-name ]
If the configuration succeeds and when you run this command, you can see the configuration of the precedence mapping for simple traffic classification in the DS domain.
7.3 Configuring Forced ATM Traffic Classification

This section describes the procedure of configuring the forced ATM traffic classification. 7.3.1 Establishing the Configuration Task 7.3.2 Configuring ATM Services 7.3.3 Configuring Forced ATM Traffic Classification 7.3.4 Checking the Configuration

Forced ATM traffic classification can be applied to the following situations:
l
Transparent transmission of ATM cells As shown in Figure 7-4, set ATM cell transmission on Router A and Router B for ATM traffic from DSLAM. Router A transmits the received ATM cells to Router B over a PW. Router B continues to forward the ATM cells on its ATM links. On the upstream sub-interface, PVP or PVC of Router A, forced traffic classification can be set to classify traffic and mark the traffic with specific color. Then the downstream interface, PVP or PVC of Router A can schedule queues on the basis of classification and color. Figure 7-4 Forced traffic classification for transparent transmission of ATM cells
1483B traffic access As shown in Figure 7-5, the DSLAM processes 1483B traffic. The outbound interface of Router B is an Ethernet port. According to the design of ATM-Ethernet IWF, configure IWF function on Router A and Router B. This allows you to map VPN to the outer VLAN ID and map VCI to inner VLAN ID. The 1483B traffic can then be transmitted transparently to the BRAS. The 1483B-based ATM cells are transparently transmitted to the Ethernet link through the PW between Router A and Router B. In the upstream sub-interface view of Router A, set forced traffic classification and color marking. Then the downstream interface of Router A can perform queue scheduling based on the traffic classification and marked color.
Issue 03 (2008-09-22)
7-9
Figure 7-5 Forced traffic classification of 1483B traffic
NOTE
l l l l
Forced traffic classification based on PVC supports such services as transparent transmission of ATM cells, IPoA and IPoEoA. Forced traffic classification based on PVP supports such services as transparent transmission of ATM cells. Forced traffic classification based on sub-interface supports such services as transparent transmission of ATM cells, IPoA, and ATM IWF. Forced traffic classification based on the primary interface is valid to only PVC or PVP of the interface and supports transparent transmission of ATM cells and IPoA.
Before configuring forced ATM traffic classification, complete the following tasks:
l l l
Configure link attributes of the interface Allocating IP addresses for the interface Configuring L2VPN between PEs at both ends and binding L2VPN on the PE's interface that connects CE Configuring PVC on CE and configuring cell transmission, IWF at the ATM side on PE
Data Preparation
To configuring forced ATM traffic classification, you need the following data. No. 1 Data Precedence and color of PVC
7.3.2 Configuring ATM Services

Context
ATM services may be cell transmission, IWF or IPoA.
Procedure
Step 1 To configure ATM cell transmission, see the chapter "PWE3 Configuration" in the Quidway NetEngine80E/40E Router Operation Manual, VPN Volume. Step 2 To configure ATM IWF, see the chapter "ATM IWF Configuration" in the Quidway NetEngine80E/40E Router Operation Manual, VPN Volume. Step 3 To configure IPoA, see the chapter "ATM Configuration" in the Quidway NetEngine80E/40E Router Operation Manual, Access Volume. ----End
7.3.3 Configuring Forced ATM Traffic Classification

Context
Do as follows on the upstream interface of the router on which forced ATM traffic classification is required:
Procedure
Step 1 Run:
system-view
The system view is displayed. Step 2 Do as follows as required:

l
To enter the ATM interface, view, run:

interface atm interface-number
To create an ATM sub-interface and enter the sub-interface view, run:

interface atm interface-number.sub-interface
To credate a PVC or PVP and enter the PVC or PVP view, run the following command in the sub-interface view:
pvc [ pvc-name ] vpi/vci
or
pvp vpi
Step 3 Run
traffic queue service-class { green | red | yellow }
Forced traffic classification is set on the upstream ATM interface of the PE.
Issue 03 (2008-09-22)
7-11

NOTE
l l l l l
If the service class is AF1, AF2, AF3 or AF4, you must specify the color of the packets. If the service class is CS7, CS6, EF or BE, you need not specify the color of the packets. green: indicates the actions to the data packet when the packet traffic complies with the committed rate. The default value is pass. yellow: indicates the actions to the data packet when the packet traffic complies with the committed burst rate. The default value is pass. red: indicates the actions to the data packet when the packet traffic exceeds the committed burst rate. The default value is discard.
----End

Run the following command to check the previous configuration. Action From one CE, ping the other CE. Command ping ip-address
If the configuration is successful, you can get the following result when you run the above command:
l l
The CE at both the ends can ping through each other. Traffic is classified according to the service class.
7.4 Configuring ATM Complex Traffic Classification

This section describes the procedure of configuring the ATM Complex Traffic Classification. 7.4.1 Establishing the Configuration Task 7.4.2 Defining Traffic Classifiers 7.4.3 Defining Traffic Behaviors 7.4.4 Defining Traffic Policies 7.4.5 Applying Traffic Policies 7.4.6 Checking the Configuration

You are required to classify and limit the traffic that enters an ATM network or that is on an ATM network, for example:

l
To differentiate packet types such as voice packets, video packets, and data packets, and provide different bandwidths and latencies for those packet types To handle traffic coming from different users and provide different bandwidths and priorities for those packet types
You can classify packets according to parameters such as the DSCP value, the protocol type, the IP address, or the port number, and then provide differentiated services and configure QoS traffic policies based on the ATM complex traffic classification.
Before configuring the ATM complex traffic classification, complete the following tasks:
l l l l
Configuring the link attributes of ATM interfaces Configuring the IP addresses of ATM interfaces or VE interfaces Configuring PVC or PVP parameters Configuring IPoA or IPoEoA services
NOTE
An ATM interface configured with IPoA or IPoEoA services supports the ATM complex traffic classification whereas that configured with ATM transparent cell transport services or IWF does not support the ATM complex traffic classification.
Data Preparation
To configure the ATM complex traffic classification, you need the following data. No. 1 2 3 4 5 6 Data Names of traffic classifiers Data for matching rules Names of traffic behaviors Data for traffic behaviors Names of traffic policies Types and numbers of the interfaces where traffic policies are applied
7.4.2 Defining Traffic Classifiers

Context
Procedure
Step 1 Run:
system-view
Issue 03 (2008-09-22)
7-13

A traffic classifier is defined and the traffic classifier view is displayed. Step 3 Run the following command as required to define a traffic policy.
l
To define an ACL rule, run:

if-match acl acl-number
NOTE
Only ACLs to be matched based on Layer 3 or Layer 4 information are supported.

l
To define a DSCP rule, run:

if-match dscp dscp-value
To define a TCP flag rule, run:

To define a matching rule based on IP precedence, run:

To define a rule for matching all packets, run:

if-match any
To define a rule for matching packets based on the MPLS EXP value, run:
----End
7.4.3 Defining Traffic Behaviors

Context
Procedure
Step 1 Run:
system-view

A traffic behavior is defined and the traffic behavior view is displayed. Step 3 Run one of the following commands as required.
l
To allow packets to pass the device, run:

permit
To discard matched packets, run:

deny
To re-configure the traffic shaping, run:

car { cir cir-value [ pir pir-value] } [ cbs cbs-value pbs pbs-value ] [ green { discard | pass [ service-class class color color ] } | yellow { discard |
7-14
Issue 03 (2008-09-22)
pass [ service-class class color color ] } | red { discard | pass [ serviceclass class color color ] } ]* l
To re-configure the IP precedence of an IP packet, run:

To re-configure the DSCP value of an IP packet, run:

remark dscp dscp-value
To re-configure the priority of an MPLS packet, run:

remark mpls-exp exp
NOTE
The remark mpls-exp exp command can be applied to only upstream traffic on a router.
l
To configure the Class of Service (CoS) of packets, run:

service-class service-class color color
To configure a load-balancing mode (per flow or per packet) of packets, run:

load-balance { flow | packet }
To configure to redirect packets to a single next hop device, run:

redirect ip-nexthop ip-address [ interface interface-type interface-number ]
To redirect IP packets to a target LSP on the public network, run:

redirect lsp public dest-ipv4-address [ nexthop-address | interface interfacetype interface-number | secondary ]
----End
7.4.4 Defining Traffic Policies

Context
Procedure
Step 1 Run:
system-view

A traffic behavior is associated with a specified traffic classifier in the traffic policy. ----End
7.4.5 Applying Traffic Policies

Context
Procedure
Step 1 Run:
system-view
The system view is displayed. Step 2 Run one of the following commands as required.
l
To enter the ATM interface (or sub-interface) view, run:

interface atm interface-number [.sub-interface ]
To enter the VE interface view, run:

interface virtual-ethernet interface-number
Step 3 Run:
traffic-policy policy-name { inbound | outbound }
The traffic policy is applied to the interface.

NOTE
After a traffic policy is applied to an interface, you cannot modify the shared or unshared mode of the traffic policy. Before modifying the shared or unshared mode of a traffic policy, you must cancel the application of the traffic policy from the interface. A traffic policy with the shared attribute: Although a traffic policy is applied to different interfaces, the statistics information to be displayed is the sum of the statistics of all interfaces. Therefore, the original data for each individual interface is not identified. A traffic policy with the unshared attribute: You can identify the statistics of a traffic policy according the interface where the traffic policy is applied. Whether a traffic policy is shared or unshared depends on the PAF file. The inbound and outbound attributes can be identified in traffic statistics, no matter a policy is of the shared attribute or the unshared attribute. An ATM interface configured with ATM transparent cell transport services or IWF does not support the ATM complex traffic classification and this command.
l l
----End

Run the following commands to check the previous configuration. Action Check the configuration of a traffic behavior. Check the configuration of a traffic classifier. Check information about the associations of all traffic classifiers with traffic behaviors, or information about the association of a particular traffic classifier with a traffic behavior.
7-16
Command display traffic behavior { system-defined | userdefined } [ behavior-name ] display traffic classifier { system-defined | userdefined } [ classifier-name ] display traffic policy { system-defined | userdefined } [ policy-name [ classifier classifiername ] ]
Issue 03 (2008-09-22)
Action Check information about the traffic policy statistics on an interface.
Command display traffic policy statistics interface interface-type interface-number [ .sub-interface ] { inbound | outbound } [ verbose { classifierbased | rule-based } [ class class-name ] ]
Run the display traffic behavior command. If correct traffic behaviors, it means that the configuration succeeds. Run the display traffic classifier command. If correct rules for traffic classifier are displayed, it means that the configuration succeeds. Run the display traffic policy command. If correct traffic policy names and the binding relations between traffic classifiers and traffic behaviors are displayed, it means that the configuration succeeds. Run the display traffic policy statistics command. If correct statistics about the specified interface defined in a traffic policy are displayed, it means that the configuration succeeds.
For example:
<Quidway> display traffic policy statistics interface atm 1/0/0 inbound Interface: Atm1/0/0 Traffic policy inbound: test Traffic policy applied at 2007-08-30 18:30:20 Statistics enabled at 2007-08-30 18:30:20 Statistics last cleared: Never Rule number: 7 IPv4, 0 IPv6 Current status: OK! Item Packets Bytes ------------------------------------------------------------------Matched 1,000 100,000 +--Passed 500 50,000 +--Dropped 500 50,000 +--Filter 100 10,000 +--CAR 300 30,000 Missed 500 50,000 Last 30 seconds rate Item pps bps ------------------------------------------------------------------Matched 1,000 100,000 +--Passed 500 50,000 +--Dropped 500 50,000 +--Filter 100 10,000 +--CAR 300 30,000 Missed 500 50,000
7.5 Configuring the ATM Traffic Shaping

This section describes the procedure of configuring the ATM traffic shaping. 7.5.1 Establishing the Configuration Task 7.5.2 Configuring ATM Traffic Shaping Parameters 7.5.3 Applying ATM Traffic Shaping Parameters 7.5.4 Checking the Configuration

To keep the traffic over an ATM network within a reasonable scope to avoid abnormal operation of the network in the case of heavy and bursting traffic, you can configure ATM traffic shaping to limit the outgoing traffic rate. The configuration can better utilize the network resources.
Before configuring the ATM traffic shaping, complete the following tasks:
l
Configuring the physical parameters of ATM interfaces to ensure normal operation of the interfaces Configuring IP addresses of the ATM interfaces
Data Preparation
To configure ATM traffic shaping, you need the following data: No. 1 2 3 Data Names of service types and service type on the PVC Peak Cell Rate, Sustainable Cell Rate, Maximum Burst Size, and Cell Delay Variation Tolerance VPI or VCI of PVC used for traffic shaping
7.5.2 Configuring ATM Traffic Shaping Parameters

Context
Procedure
Step 1 Run:
system-view

atm service service-name { cbr output-pcr cdvt-value | nrt-vbr output-pcr outputscr output-mbs cdvt-value | rt-vbr output-pcr output-scr output-mbs cdvt-value }
The PVC or PVP service types and related parameters are configured. To configure PVC service types, you need to create service types in the system view; then apply the service types to specific PVCs.
The default PVC service type is UBR; therefore, you do not need to create the service type of UBR. ----End
7.5.3 Applying ATM Traffic Shaping Parameters

Context
Procedure
Step 1 Run:
system-view

interface atm interface-number[.subinterface ]
The ATM interface view or sub-interface view is displayed. Step 3 Run the following command as required:
l
To create PVP and display the PVP view, run:

pvp vpi
To create PVC and display the PVC view, run:

pvc { pvc-name vpi/vci | vpi/vci }
NOTE
l l
PVP can be configured on ATM sub-interfaces only. PVP and PVC should not coexist on the same ATM sub-interface.
Step 4 Run:
shutdown
The PVC or PVP is shut down. Step 5 Run:

service output service-name
The service type of PVC or PVP is specified and the traffic shaping parameters are applied to the PVC or PVP.
NOTE
To specify a service type of PVC or PVP with the service output command, you need to run the shutdown command to shut down the PVC or PVC and then run the undo shutdown command to reenable the PVC or PVP. In this manner, the configuration can be ensured to take effect.
Step 6 Run:
undo shutdown
The traffic shaping is enabled on the PVC or PVP. ----End


Run the following commands to check the previous configuration. Action Check the configuration of traffic shaping parameters. Command display atm service [ service-name ]
Run the display atm service [ service-name ] command. If the correct configuration of the traffic shaping parameters is displayed, it means that the configuration succeeds. For example:
<Quidway> display atm Atm Service Config: Service Name: State: VALID Index: 0 ServiceType: PCR: 111 SCR: 0 MBS: 0 CDVT: 111 Traffic Type: service cbr CBR
Shaper
7.6 Configuring the Priority of an ATM PVC

This section describes the procedure of configuring the priority of an ATM PVC. 7.6.1 Establshing the Configuration Task 7.6.2 Configuring the Priority of an ATM PVC
7.6.1 Establshing the Configuration Task

To ensure the bandwidth for user services with different priorities in an ATM network, you can configure the priorities of the traffic in ATM PVCs so that traffic scheduling is performed based on the priorities.
Before configuring the priority of an ATM PVC, complete the following task:
l
Configuring the physical parameters of ATM interfaces to ensure normal operation of the interfaces Configuring IP addresses of the ATM interfaces
Data Preparation
To configure the priority of an ATM PVC, you need the following data.
No. 1 2
Data The VPI and VCI of the PVC to be configured with a priority Priority of the PVC
7.6.2 Configuring the Priority of an ATM PVC

Context
Procedure
Step 1 Run:
system-view

interface atm interface-number.sub-interface
The ATM sub-interface view is displayed.

NOTE
To configure the priorities of all PVCs in the interface view, you can run the service output priority higher command on the interface.
Step 3 Run:
pvc { pvc-name [ vpi/vci ] | vpi/vci }
The PVC view is displayed. Step 4 Run:

service output priority higher
The priority of the PVC or PVP is specified to higher.

NOTE
You can use this command to configure priorities of only UBR-type PVCs. Thus, the system can schedule the traffic in the PVCs with different priorities.
----End
7.7 Configuring Congestion Management of the ATM PVC

This section describes the procedure of configuring the congestion management of an ATM PVC. 7.7.1 Establshing the Configuration Task 7.7.2 Configuring the Queue Scheduling of an ATM PVC 7.7.3 Checking the Configuration
7.7.1 Establshing the Configuration Task

On an ATM network, when the traffic rate exceeds the threshold, the excessive packets are buffered instead of being discarded. When the network is not busy, the buffered packets are then forwarded. After the congestion management of ATM PVC is configured, the packets are organized into queues according to a specified algorithm. The packets then are forwarded according to the queue scheduling mechanism. The configuration of ATM PVC queues involves the PQ configuration and the WFQ configuration.
Before configuring the traffic shaping of the ATM PVC, complete the following task:
l
Configuring the physical parameters of ATM interfaces to ensure normal operation of the interfaces Configuring IP addresses of the ATM interfaces Configuring a PVC Configuring the traffic shaping of the ATM PVC
l l l
Data Preparation
To configure congestion management of the ATM PVC, you need the following data. No. 1 2 3 Data Interface type and ID, PVC name, and VPI or VCI number Queue names for queue scheduling (Optional) WFQ weights. (If the queue scheduling is configured to PQ, this parameter is unnecessary.)
7.7.2 Configuring the Queue Scheduling of an ATM PVC

Context
Procedure
Step 1 Run:
system-view

Step 2 Run:
interface atm interface-number [.sub-interface ]
The ATM interface view or sub-interface view is displayed. Step 3 Run:

pvc { pvc-name [ vpi/vci ] | vpi/vci }
The PVC view is displayed. Step 4 Run:

shutdown
The PVC is shut down. Step 5 Run:

pvc-queue cos-value { pq | wfq weight weight } outbound
The queue scheduling parameter of the ATM PVC is configured.

NOTE
l l l
Of the eight queues for a PVC, only one queue can be configured for the PQ scheduling. If one PVC queue is configured with the PQ or WFQ scheduling, the rest queues default the WFQ scheduling. The default scheduling parameter is 20. Queue scheduling of ATM PVCs can be configured only to downstream packets.
Step 6 Run:
undo shutdown
The queue scheduling parameter for the PVC is enabled. By default, the ATM PVC is not configured with a queue scheduling algorithm. Before configuring the queue scheduling parameter of an ATM PVC, you must run the shutdown command to shut down the PVC. ----End

Run the following command to check the previous configuration. Action Check queue scheduling information on all PVCs or one PVC on an ATM interface. Check information of PVCs on an ATM interface. Command display atm pvc-queue [ interface interfacetype interface-number [.sub-interface ] [ pvc vpi/ vci ] ] display atm pvc-info [ interface atm interfacenumber [ pvc { pvc-name [ vpi/vci ] | vpi/vci } ] ]
Run the display atm pvc-queue command. If correct queue scheduling information on all PVCs or one PVC on an ATM interface is displayed, it means that the configuration succeeds. For example:
<Quidway> display atm pvc-queue interface atm 4/0/1
Issue 03 (2008-09-22)
7-23

Show CBQ PVC configeration of be distribute OutBound wfq af1 distribute OutBound pq af2 distribute OutBound wfq af3 distribute OutBound wfq af4 distribute OutBound wfq ef distribute OutBound wfq cs6 distribute OutBound wfq cs7 distribute OutBound wfq Show CBQ PVC configeration of be distribute OutBound wfq af1 distribute OutBound pq af2 distribute OutBound wfq af3 distribute OutBound wfq af4 distribute OutBound wfq ef distribute OutBound wfq cs6 distribute OutBound wfq

interface Atm4/0/1 PVC 0/1: Weight 20 Weight 50 Weight 20 Weight 20 Weight 20 Weight 20 Weight 20 interface Atm4/0/1 PVC 0/2: Weight 20 Weight Weight Weight Weight Weight 20 20 20 20 20
Run the display atm pvc-info command after queue scheduling of PVCs configured. The information of PVCs is displayed, including information of traffic queue. For example:
<Quidway> display atm pvc-info interface atm 7/1/3.24 pvc 24/24 Atm7/1/3.24, VPI: 24, VCI: 24, INDEX: 275 AAL5 Encaps: SNAP, Protocol: IP OAM interval: 0 sec(disabled), OAM retry interval: 0 sec OAM retry count (up/down): 0/0 input pkts: 0, input bytes: 0, input pkt errors: 0 output pkts: 0, output bytes: 0, output pkt errors: 0 [be] output pkts: 2222123, output bytes: 0 [af1] output pkts: 0, output bytes: 0 [af2] output pkts: 0, output bytes: 0 [af3] output pkts: 0, output bytes: 0 [af4] output pkts: 0, output bytes: 0 [ef] output pkts: 0, output bytes: 0 [cf6] output pkts: 0, output bytes: 0 [cf7] output pkts: 0, output bytes: 0 Interface State: DOWN, PVC State: DOWN

This section provides some examples of configuring ATM QoS. 7.8.1 Example for Configuring Simple Traffic Classification for 1-to-1 VCC ATM Transparent Transmission 7.8.2 Example for Configuring Simple Traffic Classification for 1-to-1 VPC ATM Transparent Transmission 7.8.3 Example for Configuring Simple Traffic Classification for AAL5 SDU ATM Transparent Transmission 7.8.4 Example of Configuring for 1483R-based ATM Simple Traffic Classification 7.8.5 Example for Configuring 1483B-Based ATM Simple Traffic Classificaiton 7.8.6 Example for Configuring Forced ATM Traffic Classification 7.8.7 Example for Configuring the ATM Complex Traffic Classification 7.8.8 Example for Configuring Queue Scheduling for an ATM PVC
7-24
Issue 03 (2008-09-22)
7.8.1 Example for Configuring Simple Traffic Classification for 1to-1 VCC ATM Transparent Transmission
As shown in Figure 7-6, the ATM interface of CE1 is connected to the MPLS network through PE1, and is connected to CE2 through PE2. A VC is established between CE1 and CE2 over the MPLS network. Simple traffic classification is required for the upstream traffic on PE1. PE1 maps the PVC service type and the CLP of upstream traffic to its internal precedence. For downstream traffic, it maps the internal precedence to the MPLS EXP field. The precedence of ATM cells is transmitted transparently over the MPLS network. Figure 7-6 Networking diagram for configuring ATM simple traffic classification for 1-to-1 VCC ATM transparent transmission
The configuration roadmap is as follows: 1. 2. 3. 4. 5. 6. 7. 8. 9. Configure the IP addresses and PVC parameters for the interfaces. Configure IGP on the P and PE devices in the MPLS network to achieve IP connectivity. Configure basic MPLS functions on the P and PE devices. Configure MPLS LDP on the P and PE devices. Establish LDP sessions between the two PEs. Enable MPSL L2VPN on the PE devices. Configure 1-to-1 VCC ATM transparent transmission. Configure mapping rules for ATM simple traffic classification. Enable simple traffic classification.
Data Preparation

l l l l l
Data for configuring OSPF Remote peer name of the PE VC ID VPI/VCI value on the CE Service type and CLP value
1. Configure the ATM interfaces on the CEs. # Configure CE1.
<CE1> system-view [CE1] interface atm 1/0/0 [CE1-Atm1/0/0] undo shutdown [CE1-Atm1/0/0] quit [CE1] interface atm 1/0/0.1 [CE1-Atm1/0/0.1] ip address 202.38.160.1 24 [CE1-Atm1/0/0.1] pvc 1/100 [CE1-atm-pvc-Atm1/0/0.1-1/100] map ip 202.38.160.2 [CE1-atm-pvc-Atm1/0/0.1-1/100] return
# Configure CE2.
2.
Configure IGP on the MPLS network (In this example, OSPF is used). # Assign IP addresses for the interfaces on the PE1, PE2, and P devices (not mentioned). # Configure PE1.
<PE1> system-view [PE1] ospf 1 router-id 1.1.1.9 [PE1-ospf-1] area 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit
# Configure the P.
 system-view [P] ospf 1 router-id 2.2.2.9 [P-ospf-1] area 0.0.0.0 [P-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0 [P-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255 [P-ospf-1-area-0.0.0.0] quit [P-ospf-1] quit
# Configure PE2.
<PE2> system-view [PE2] ospf 1 router-id 3.3.3.9 [PE2-ospf-1] area 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] network 10.1.2.0 0.0.0.255 [PE2-ospf-1-area-0.0.0.0] quit [PE2-ospf-1] quit
3.
7-26
Configure based MPLS and LDP on the MPLS network.

# Configure PE1.
<PE1> system-view [PE1] mpls lsr-id 1.1.1.9 [PE1] mpls [PE1-mpls] lsp-trigger all [PE1-mpls] quit [PE1] mpls ldp [PE1-mpls-ldp] quit [PE1] interface pos 2/0/0 [PE1-Pos2/0/0] undo shutdown [PE1-Pos2/0/0] mpls [PE1-Pos2/0/0] mpls ldp [PE1-Pos2/0/0] return
# Configure the P.
 system-view [P] mpls lsr-id 2.2.2.9 [P] mpls [P-mpls] lsp-trigger all [P-mpls] quit [P] mpls ldp [P-mpls-ldp] quit [P] interface pos 1/0/0 [P-Pos1/0/0] undo shutdown [P-Pos1/0/0] mpls [P-Pos1/0/0] mpls ldp [P-Pos1/0/0] quit [P] interface pos 2/0/0 [P-Pos2/0/0] undo shutdown [P-Pos2/0/0] mpls [P-Pos2/0/0] mpls ldp [P-Pos2/0/0] quit
# Configure PE2.
<PE2> system-view [PE2] mpls lsr-id 3.3.3.9 [PE2] mpls [PE2-mpls] lsp-trigger all [PE2-mpls] quit [PE2] mpls ldp [PE2-mpls-ldp] quit [PE2] interface pos 2/0/0 [PE2-Pos2/0/0] undo shutdown [PE2-Pos2/0/0] mpls [PE2-Pos2/0/0] mpls ldp [PE2-Pos2/0/0] quit
4.
Establish LDP sessions between the two PEs. # Configure PE1.

<PE1> system-view [RouterC] mpls ldp remote-peer 1 [PE1-mpls-ldp-remote-1] remote-ip 3.3.3.9 [PE1-mpls-ldp-remote-1] return
# Configure PE2.
<PE2> system-view [PE2] mpls ldp remote-peer 1 [PE2-mpls-ldp-remote-1] remote-ip 1.1.1.9 [PE2-mpls-ldp-remote-1] return
5.
On the PE, enable MPLS L2VPN and configure 1-to-1 VCC ATM transmission. # Configure PE1.
<PE1> system-view [PE1] mpls l2vpn [PE1-l2vpn] quit [PE1] interface atm 3/0/0 p2p [PE1-Atm3/0/0] undo shutdown
Issue 03 (2008-09-22)
7-27

[PE1-Atm3/0/0] quit [PE1] interface atm 3/0/0.1 p2p [PE1-Atm3/0/0.1] atm cell transfer [PE1-Atm3/0/0.1] pvc 1/100 [PE1-atm-pvc-Atm3/0/0.1-1/100] quit [PE1-Atm3/0/0.1] mpls l2vc 3.3.3.9 101 [PE1-Atm3/0/0.1] return
# Configure PE2.
<PE2> system-view [PE2] mpls l2vpn [PE2-l2vpn] quit [PE2] interface atm 4/0/0 p2p [PE2-Atm4/0/0] undo shutdown [PE2-Atm4/0/0] quit [PE2] interface atm 4/0/0.1 p2p [PE2-Atm4/0/0.1] atm cell transfer [PE2-Atm4/0/0.1] pvc 1/100 [PE2-atm-pvc-Atm4/0/0.1-1/100] quit [PE2-Atm4/0/0.1] mpls l2vc 1.1.1.9 101 [PE2-Atm4/0/0.1] return
6.
Set the service type for the ATM PVC on PE1.

<PE1> system-view [PE1] atm service cbr-name cbr [PE1] interface atm 3/0/0.1 [PE1-Atm3/0/0.1] pvc 1/100 [PE1-atm-pvc-Atm3/0/0.1-1/100] [PE1-atm-pvc-Atm3/0/0.1-1/100] [PE1-atm-pvc-Atm3/0/0.1-1/100] [PE1-atm-pvc-Atm3/0/0.1-1/100]
NOTE
100 2000 shutdown service output cbr-name undo shutdown return
Before running the service output command on a PVC or PVP, run the shutdown command to shut down it. Otherwise, the configuration does not take effect.
7.
On PE1, configure mapping rules for ATM simple traffic classification and enable simple traffic classification.
<PE1> system-view [PE1] diffserv domain default [PE1-dsdomain-default] atm-inbound cbr 0 phb af2 green [PE1-dsdomain-default] quit [PE1] interface atm 3/0/0.1 [PE1-Atm3/0/0.1] pvc 1/100 [PE1-atm-pvc-Atm3/0/0.1-1/100] trust upstream default [PE1-atm-pvc-Atm3/0/0.1-1/100] quit [PE1-Atm3/0/0.1] quit [PE1] interface pos 2/0/0 [PE1-pos2/0/0] trust upstream default [PE1-pos2/0/0] return
NOTE
On PE2, you also need to configure ATM simple traffic classification for the reverse traffic. The configuration is similar to that on PE1 and is not mentioned in this example.
8.
Verify the configuration

l
On the PE devices, view the L2VPN connections. The output shows that an L2VC is set up and the status is Up. Take PE1 for an example:
[PE1] display mpls l2vc Total ldp vc : 1 1 up 0 down *Client Interface : Atm3/0/0.1 Session State : up AC Status : up VC State : up VC ID : 101
7-28
Issue 03 (2008-09-22)

VC Type : Destination : Local VC Label : Remote VC Label : Control Word : Local VC MTU : Remote VC MTU : Tunnel Policy Name : Traffic Behavior Name: PW Template Name : Create time : UP time : Last change time : l l

atm 1to1 vcc 3. 3. 3.9 138240 138240 Disable 1500 0 ---0 days, 0 hours, 5 minutes, 22 seconds 0 days, 0 hours, 5 minutes, 22 seconds 0 days, 0 hours, 5 minutes, 22 seconds
CE1 and CE2 can ping through each other. Traffic mapping succeeds.
[PE1] display port-queue statistics interface pos 2/0/0 af2 outbound af2 Traffic statistics OutBound: Last 1 second rate(pps): 118647 Last 1 second rate(Bps): 9017172 Pass packets: 271004559 Pass bytes: 20596342912 Discard packets: 0
Configuration Files
l

# sysname CE1 # interface Atm1/0/0 undo shutdown # interface Atm1/0/0.1 pvc 1/100 map ip 202.38.160.2 ip address 202.38.160.1 255.255.255.0 # return


# sysname PE1 # atm service cbr-name cbr 100 2000 # mpls lsr-id 1.1.1.9 mpls lsp-trigger all mpls l2vpn # mpls ldp #
Issue 03 (2008-09-22)
7-29

mpls ldp remote-peer 1 remote-ip 3.3.3.9 # diffserv domain default atm-inbound cbr 0 phb af2 green # interface Atm3/0/0 p2p undo shutdown # interface Atm3/0/0.1 p2p atm cell transfer pvc 1/100 trust upstream default service output cbr-name mpls l2vc 3.3.3.9 101 # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 10.1.1.1 255.255.255.0 mpls mpls ldp trust upstream default # interface LoopBack1 ip address 1.1.1.9 255.255.255.255 # ospf 1 area 0.0.0.0 network 1.1.1.9 0.0.0.0 network 10.1.1.0 0.0.0.255 # return l
# sysname P # mpls lsr-id 2.2.2.9 mpls lsp-trigger all # mpls ldp # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 10.1.1.2 255.255.255.0 mpls mpls ldp # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 10.1.2.1 255.255.255.0 mpls mpls ldp # interface LoopBack1 ip address 2.2.2.9 255.255.255.255 # ospf 1 area 0.0.0.0 network 2.2.2.9 0.0.0.0 network 10.1.1.0 0.0.0.255 network 10.1.2.0 0.0.0.255 # return

7-30

# sysname PE2 # mpls lsr-id 3.3.3.9 mpls lsp-trigger all mpls l2vpn # mpls ldp # mpls ldp remote-peer 1 remote-ip 1.1.1.9 # interface Atm4/0/0 p2p undo shutdown # interface Atm4/0/0.1 p2p atm cell transfer pvc 1/100 mpls l2vc 1.1.1.9 101 # interface Pos2/0/0 undo shutdown ip address 10.1.2.2 255.255.255.0 mpls mpls ldp # interface LoopBack1 ip address 3.3.3.9 255.255.255.255 # ospf 1 area 0.0.0.0 network 1.1.1.9 0.0.0.0 network 10.1.2.0 0.0.0.255 # return
7.8.2 Example for Configuring Simple Traffic Classification for 1to-1 VPC ATM Transparent Transmission
As shown in Figure 7-7, the ATM interface of CE1 is connected to the MPLS network through PE1, and is connected to CE2 through PE2. A VP is established between CE1 an CE2 over the MPLS network. Two VCs are established in the VP. Simple traffic classification is required for the upstream traffic on PE1. PE1 maps the PVC service type and the CLP of upstream traffic to its internal precedence. For downstream traffic, it maps the internal precedence to the MPLS EXP field. The precedence of ATM cells is transmitted transparently over the MPLS network.
Issue 03 (2008-09-22)
7-31
Figure 7-7 Networking diagram for configuring simple traffic classification for 1-to-1 VPC ATM transparent transmission
The configuration roadmap is as follows: 1. 2. 3. 4. 5. 6. 7. 8. 9. Configure the IP addresses and PVC parameters for the interfaces. Configure IGP on the P and PE devices in the MPLS network to achieve IP connectivity. Configure basic MPLS functions on the P and PE devices. Configure MPLS LDP on the P and PE devices. Establish LDP sessions between the two PEs. Enable MPSL L2VPN on the PE devices. Configure 1-to-1 VPC ATM transparent transmission. Configure mapping rules for ATM simple traffic classification. Enable simple traffic classification.
Data Preparation
l l l l l
<CE1> system-view [CE1] interface atm 1/0/0 [CE1-Atm1/0/0] undo shutdown
7-32
Issue 03 (2008-09-22)

[CE1-Atm1/0/0] quit [CE1] interface atm 1/0/0.1 [CE1-Atm1/0/0.1] ip address 202.38.160.1 24 [CE1-Atm1/0/0.1] pvc 2/300 [CE1-atm-pvc-Atm1/0/0.1-2/300] map ip 202.38.160.2 [CE1-atm-pvc-Atm1/0/0.1-2/300] quit [CE1-Atm1/0/0.1] quit [CE1] interface atm 1/0/0.2 [CE1-Atm1/0/0.2] ip address 202.37.10.1 24 [CE1-Atm1/0/0.2] pvc 2/200 [CE1-atm-pvc-Atm1/0/0.2-2/200] map ip 202.37.10.2 [CE1-atm-pvc-Atm1/0/0.2-2/200] return
# Configure CE2.
<CE2> system-view [CE2] interface atm 2/0/0 [CE2-Atm2/0/0] undo shutdown [CE2-Atm2/0/0] quit [CE2] interface atm 2/0/0.1 [CE2-Atm2/0/0.1] ip address 202.38.160.2 24 [CE2-Atm2/0/0.1] pvc 2/300 [CE2-Atm2/0/0.1-2/300] map ip 202.38.160.1 [CE2-Atm2/0/0.1-2/300] quit [CE2-Atm2/0/0.1] interface atm 2/0/0.2 [CE2-Atm2/0/0.2] ip address 202.37.10.2 24 [CE2-Atm2/0/0.2] pvc 2/200 [CE2-Atm2/0/0.2-2/200] map ip 202.37.10.1 [CE2-Atm2/0/0.2-2/200] quit
2.
Configure IGP on the MPLS network (In this example, OSPF is used). See Example for Configuring Simple Traffic Classification for 1-to-1 VCC ATM Transparent Transmission step 2.
3.
Configure MPLS and LDP on the MPLS network. See Example for Configuring Simple Traffic Classification for 1-to-1 VCC ATM Transparent Transmission step 3.
4.
Establish LDP sessions between the two PEs. See Example for Configuring Simple Traffic Classification for 1-to-1 VCC ATM Transparent Transmission step 4.
5.
On the PE, enable MPLS L2VPN and configure 1-to-1 VPC ATM transmission. # Configure PE1.
<PE1> system-view [PE1] mpls l2vpn [PE1-l2vpn] quit [PE1] interface atm 3/0/0 p2p [PE1-Atm3/0/0] undo shutdown [PE1-Atm3/0/0] quit [PE1] interface atm 3/0/0.1 p2p [PE1-Atm3/0/0.1] atm cell transfer [PE1-Atm3/0/0.1] pvp 2 [PE1-atm-pvp-Atm3/0/0.1-2] quit [PE1-Atm3/0/0.1] mpls l2vc 3.3.3.9 101 [PE1-Atm3/0/0.1] return
# Configure PE2.
<PE2> system-view [PE2] mpls l2vpn [PE2-l2vpn] quit [PE2] interface atm 4/0/0 p2p [PE2-Atm4/0/0] undo shutdown [PE2-Atm4/0/0] quit [PE2] interface atm 4/0/0.1 p2p [PE2-Atm4/0/0.1] atm cell transfer [PE2-Atm4/0/0.1] pvp 2 [PE2-atm-pvp-Atm4/0/0.1-2] quit
Issue 03 (2008-09-22)
7-33

[PE2-Atm4/0/0.1] mpls l2vc 1.1.1.9 101 [PE2-Atm4/0/0.1] return
6.
On PE1, set the CoS of the PVP.

<PE1> system-view [PE1] atm service cbr-name cbr 100 2000 [PE1] interface atm 3/0/0.1 [PE1-Atm3/0/0.1] pvp 2 [PE1-atm-pvp-Atm3/0/0.1-2] shutdown [PE1-atm-pvp-Atm3/0/0.1-2] service output cbr-name [PE1-atm-pvp-Atm3/0/0.1-2] undo shutdown [PE1-atm-pvp-Atm3/0/0.1-2] return
NOTE
7.
<PE1> system-view [PE1] diffserv domain default [PE1-dsdomain-default] atm-inbound cbr 0 phb af2 green [PE1-dsdomain-default] quit [PE1] interface atm 3/0/0.1 [PE1-Atm3/0/0.1] pvp 2 [PE1-atm-pvc-Atm3/0/0.1-2/0] trust upstream default [PE1-atm-pvc-Atm3/0/0.1-2/0] quit [PE1-Atm3/0/0.1] quit [PE1] interface pos 2/0/0 [PE1-pos2/0/0] undo shutdown [PE1-pos2/0/0] trust upstream default [PE1-pos2/0/0] return
NOTE
8.
Verify the configuration

l
[PE1] display mpls l2vc Total ldp vc : 1 1 up 0 down *Client Interface : Atm3/0/0.1 Session State : up AC Status : up VC State : up VC ID : 101 VC Type : atm 1to1 vpc Destination : 3. 3. 3.9 Local VC Label : 138240 Remote VC Label : 138240 Control Word : Disable Local VC MTU : 1500 Remote VC MTU : 0 Tunnel Policy Name : -Traffic Behavior Name: -PW Template Name : -Create time : 0 days, 0 hours, 5 minutes, 22 seconds UP time : 0 days, 0 hours, 5 minutes, 22 seconds Last change time : 0 days, 0 hours, 5 minutes, 22 seconds
l l
CEs (Router A and Router B) can ping through each other. Traffic mapping succeeds.
[PE1] display port-queue statistics interface Pos 2/0/0 af2 outbound
7-34
Issue 03 (2008-09-22)

af2 Traffic statistics OutBound: Last 1 second rate(pps): 118647 Last 1 second rate(Bps): 9017172 Pass packets: 271004559 Pass bytes: 20596342912 Discard packets: 0
Configuration Files
l

# sysname CE1 # interface Atm1/0/0 undo shutdown # interface Atm1/0/0.1 pvc 2/300 map ip 202.38.160.2 ip address 202.38.160.1 255.255.255.0 # interface Atm1/0/0.2 pvc 2/200 map ip 202.37.10.2 ip address 202.37.10.1 255.255.255.0 # return

# sysname CE2 # interface Atm2/0/0 undo shutdown # interface Atm2/0/0.1 pvc 2/300 map ip 202.38.160.1 ip address 202.38.160.2 255.255.255.0 # interface Atm2/0/0.2 pvc 2/200 map ip 202.37.10.1 ip address 202.37.10.2 255.255.255.0 # return

# sysname PE1 # atm service cbr-name cbr 100 2000 # mpls lsr-id 1.1.1.9 mpls lsp-trigger all mpls l2vpn # mpls ldp # mpls ldp remote-peer 1 remote-ip 3.3.3.9 # diffserv domain default atm-inbound cbr 0 phb af2 green # interface Atm3/0/0 undo shutdown
Issue 03 (2008-09-22)
7-35

# interface Atm3/0/0.1 atm cell transfer pvp 2 trust upstream default service output cbr-name mpls l2vc 3.3.3.9 101 # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 10.1.1.1 255.255.255.0 mpls mpls ldp trust upstream default # interface LoopBack1 ip address 1.1.1.9 255.255.255.255 # ospf 1 area 0.0.0.0 network 1.1.1.9 0.0.0.0 network 10.1.1.0 0.0.0.255 # return l
# sysname P # mpls lsr-id 2.2.2.9 mpls lsp-trigger all # mpls ldp # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 10.1.1.2 255.255.255.0 mpls mpls ldp # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 10.1.2.1 255.255.255.0 mpls mpls ldp # interface LoopBack1 ip address 2.2.2.9 255.255.255.255 # ospf 1 area 0.0.0.0 network 2.2.2.9 0.0.0.0 network 10.1.1.0 0.0.0.255 network 10.1.2.0 0.0.0.255 # return

# sysname PE2 # mpls lsr-id 3.3.3.9 mpls lsp-trigger all mpls l2vpn #
7-36
Issue 03 (2008-09-22)

mpls ldp # mpls ldp remote-peer 1 remote-ip 1.1.1.9 # interface Atm4/0/0 undo shutdown # interface Atm4/0/0.1 atm cell transfer pvp 2 mpls l2vc 1.1.1.9 101 # interface Pos2/0/0 undo shutdown ip address 10.1.2.2 255.255.255.0 mpls mpls ldp # interface LoopBack1 ip address 3.3.3.9 255.255.255.255 # ospf 1 area 0.0.0.0 network 1.1.1.9 0.0.0.0 network 10.1.2.0 0.0.0.255 # return
7.8.3 Example for Configuring Simple Traffic Classification for AAL5 SDU ATM Transparent Transmission
As shown in Figure 7-8, the ATM interface of CE1 is connected to the MPLS network through PE1, and is connected to CE2 through PE2. A VC is established between Router A and Router B over the MPLS network. Simple traffic classification is required for the upstream traffic on PE1. PE1 maps the PVC service type and the CLP of upstream traffic to its internal precedence. For downstream traffic, it maps the internal precedence to the MPLS EXP field. The precedence of ATM cells is transmitted transparently over the MPLS network.
Issue 03 (2008-09-22)
7-37
Figure 7-8 Networking diagram for configuring simple traffic classification for AAL5 SDU ATM transparent transmission
The configuration roadmap is as follows: 1. 2. 3. 4. 5. 6. 7. 8. 9. Configure the IP addresses and PVC parameters for the interfaces. Configure IGP on the P and PE devices in the MPLS network to achieve IP connectivity. Configure basic MPLS functions on the P and PE devices. Configure MPLS LDP on the P and PE devices. Establish LDP sessions between the two PEs. Enable MPSL L2VPN on the PE devices. Configure AAL5 SUD ATM transparent transmission Configure mapping rules for ATM simple traffic classification. Enable simple traffic classification.
Data Preparation
l l l l l
<CE1> system-view [CE1] interface atm 1/0/0 [CE1-Atm1/0/0] undo shutdown
7-38
Issue 03 (2008-09-22)

[CE1-Atm1/0/0] quit [CE1] interface atm 1/0/0.1 [CE1-Atm1/0/0.1] ip address 202.38.160.1 24 [CE1-Atm1/0/0.1] pvc 1/100 [CE1-atm-pvc-Atm1/0/0.1-1/100] map ip 202.38.160.2 [CE1-atm-pvc-Atm1/0/0.1-1/100] return
# Configure CE2.
2.
3.
Configure based MPLS and LDP on the MPLS network. See Example for Configuring Simple Traffic Classification for 1-to-1 VCC ATM Transparent Transmission step 3.
4.
Establish LDP sessions between the two PEs. See Example for Configuring Simple Traffic Classification for 1-to-1 VCC ATM Transparent Transmission step 4.
5.
On the PE, enable MPLS L2VPN and configure transmission of AAL5 SDU frames. # Configure PE1.
<PE1> system-view [PE1] mpls l2vpn [PE1-l2vpn] quit [PE1] interface atm 3/0/0 p2p [PE1-Atm3/0/0] undo shutdown [PE1-Atm3/0/0] quit [PE1] interface atm 3/0/0.1 p2p [PE1-Atm3/0/0.1] pvc 1/100 [PE1-atm-pvc-Atm3/0/0.1-1/100] quit [PE1-Atm3/0/0.1] mpls l2vc 3.3.3.9 101 no-control-word [PE1-Atm3/0/0.1] return
# Configure PE2.
<PE2> system-view [PE2] mpls l2vpn [PE2-l2vpn] quit [PE2] interface atm 4/0/0 p2p [PE2-Atm4/0/0] undo shutdown [PE2-Atm4/0/0] quit [PE2] interface atm 4/0/0.1 p2p [PE2-Atm4/0/0.1] pvc 1/100 [PE2-atm-pvc-Atm4/0/0.1-1/100] quit [PE2-Atm4/0/0.1] mpls l2vc 1.1.1.9 101 no-control-word [PE1-Atm4/0/0.1] return
6.
On PE1, set the CoS of the PVC.

<PE1> system-view [PE1]atm service cbr-name cbr 100 2000 [PE1] interface atm 3/0/0.1 [PE1-Atm3/0/0.1] pvc 1/100 [PE1-atm-pvc-Atm3/0/0.1-1/100] shutdown [PE1-atm-pvc-Atm3/0/0.1-1/100] service output cbr-name [PE1-atm-pvc-Atm3/0/0.1-1/100] undo shutdown [PE1-atm-pvc-Atm3/0/0.1-1/100] return
Issue 03 (2008-09-22)
7-39

NOTE
7.
<PE1> system-view [PE1] diffserv domain default [PE1-dsdomain-default] atm-inbound cbr 0 phb af2 green [PE1-dsdomain-default] quit [PE1] interface atm 3/0/0.1 [PE1-Atm3/0/0.1] pvc 1/100 [PE1-atm-pvc-Atm3/0/0.1-1/100] trust upstream default [PE1-atm-pvc-Atm3/0/0.1-1/100] quit [PE1-Atm3/0/0.1] quit [PE1] interface pos 2/0/0 [PE1-pos 2/0/0] undo shutdown [PE1-pos 2/0/0] trust upstream default [PE1-pos 2/0/0] return
NOTE
8.
Verify the configuration.

l
[RouterC] display mpls l2vc Total ldp vc : 1 1 up 0 down *Client Interface : Atm3/0/0.1 Session State : up AC Status : up VC State : up VC ID : 101 VC Type : atm aal5 sdu Destination : 3. 3. 3.9 Local VC Label : 138240 Remote VC Label : 138240 Control Word : Disable Local VC MTU : 1500 Remote VC MTU : 1500 Tunnel Policy Name : -Traffic Behavior Name: -PW Template Name : -Create time : 0 days, 0 hours, 5 minutes, 22 seconds UP time : 0 days, 0 hours, 5 minutes, 22 seconds Last change time : 0 days, 0 hours, 5 minutes, 22 seconds
l l
CEs (Router A and Router B) can ping through each other. Traffic mapping succeeds.
Configuration Files
l

# sysname CE1 # interface Atm1/0/0 undo shutdown # interface Atm1/0/0.1 pvc 1/100 map ip 202.38.160.2
7-40
Issue 03 (2008-09-22)

ip address 202.38.160.1 255.255.255.0 # return l


# sysname PE1 # atm service cbr-name cbr 100 2000 # mpls lsr-id 1.1.1.9 mpls lsp-trigger all mpls l2vpn # mpls ldp # mpls ldp remote-peer 1 remote-ip 3.3.3.9 # diffserv domain default atm-inbound cbr 0 phb af2 green # interface Atm3/0/0 undo shutdown # interface Atm3/0/0.1 p2p pvc 1/100 trust upstream default service output cbr-name mpls l2vc 3.3.3.9 101 no-control-word # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 10.1.1.1 255.255.255.0 mpls mpls ldp trust upstream default # interface LoopBack1 ip address 1.1.1.9 255.255.255.255 ospf 1 area 0.0.0.0 network 1.1.1.9 0.0.0.0 network 10.1.1.0 0.0.0.255 network 202.38.160.0 0.0.0.255 # return
# sysname P # mpls lsr-id 2.2.2.9 mpls
Issue 03 (2008-09-22)
7-41

lsp-trigger all # mpls ldp # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 10.1.1.2 255.255.255.0 mpls mpls ldp # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 10.1.2.1 255.255.255.0 mpls mpls ldp # interface LoopBack1 ip address 2.2.2.9 255.255.255.255 # ospf 1 area 0.0.0.0 network 2.2.2.9 0.0.0.0 network 10.1.1.0 0.0.0.255 network 10.1.2.0 0.0.0.255 # return l

# sysname PE2 # mpls lsr-id 3.3.3.9 mpls lsp-trigger all mpls l2vpn # mpls ldp # mpls ldp remote-peer 1 remote-ip 1.1.1.9 # interface Atm4/0/0 undo shutdown # interface Atm4/0/0.1 p2p pvc 1/100 mpls l2vc 1.1.1.9 101 no-control-word # interface Pos2/0/0 undo shutdown ip address 10.1.2.2 255.255.255.0 mpls mpls ldp # interface LoopBack1 ip address 3.3.3.9 255.255.255.255 # ospf 1 area 0.0.0.0 network 1.1.1.9 0.0.0.0 network 10.1.2.0 0.0.0.255 network 202.38.160.0 0.0.0.255 # return
7-42
Issue 03 (2008-09-22)
7.8.4 Example of Configuring for 1483R-based ATM Simple Traffic Classification

As shown in Figure 7-9, Router A, Router B, and Router C are located at the edge of the ATM network to carry out the access to the IP network. The three routers connect the three PSN networks that are separated by the ATM network. On the ATM network, IP packets are transmitted in AAL5 frames. When the IP packets are sent out of the ATM network, the routers perform ATM termination and forward the packets to interfaces of other types.
l
The IP addresses for the ATM interfaces of the three routers are 202.38.160.1/24, 202.38.160.2/24, and 202.38.160.3/24 respectively. In the ATM network, the VPI and VCI of Router A are 0/40 and 0/50, which are connected to Router B and Router C respectively; the VPI and VCI of Router B are 0/40 and 0/60, which are connected to Router A and Router C respectively; the VPI and VCI of Router C are 0/50 and 0/60, which are connected to Router A and Router B. All the PVCs on the ATM interfaces of the three routers adopt IPoA. On the outbound interface of Router A, enable simple traffic classification, and map the DSCP filed of IP packets to the CLP of ATM cells.
l l
Figure 7-9 Networking diagram of configuring 1483R-based ATM simple traffic classification
The configuration roadmap is as follows: 1. 2. 3. 4.
Issue 03 (2008-09-22)
Assign IP addresses for interfaces. Configure IPoA mapping on the PVC of each interface. Configure mapping rules for ATM simple traffic classification. Enable simple traffic classification.
Data Preparation
l
The IP addresses for the ATM interfaces of the three routers are 202.38.160.1/24, 202.38.160.2/24, and 202.38.160.3/24 respectively VPI/VCI of Router A: 0/40 and 0/50 that are connected to Router B and Router C respectively VPI/VCI of Router B: 0/40 and 0/60 that are connected to Router A and Router C respectively VPI/VCI of Router C: 0/50 and 0/60 that are connected to Router A and Router B respectively Service type and CLP value
1. Assign an IP address for the ATM interface and enable simple traffic classification on the interface.
<RouterA> system-view [RouterA] interface atm 1/0/0 [RouterA-Atm1/0/0] undo shutdown [RouterA-Atm1/0/0] ip address 202.38.160.1 255.255.255.0 [RouterA-Atm1/0/0] return <RouterB> system-view [RouterB] interface atm 1/0/0 [RouterB-Atm1/0/0] undo shutdown [RouterB-Atm1/0/0] ip address 202.38.160.2 255.255.255.0 [RouterB-Atm1/0/0] return <RouterC> system-view [RouterC] interface atm 1/0/0 [RouterC-Atm1/0/0] undo shutdown [RouterC-Atm1/0/0] ip address 202.38.160.3 255.255.255.0 [RouterC-Atm1/0/0] return
2.
Create a PVC and set the IPoA mapping for the PVC.
<RouterA> system-view [RouterA] interface atm 1/0/0 [RouterA-Atm1/0/0] pvc to_b 0/40 [RouterA-atm-pvc-Atm1/0/0-0/40-to_b] [RouterA-atm-pvc-Atm1/0/0-0/40-to_b] [RouterA-Atm1/0/0] pvc to_c 0/50 [RouterA-atm-pvc-Atm1/0/0-0/50-to_c] [RouterA-atm-pvc-Atm1/0/0-0/50-to_c] <RouterB> system-view [RouterB] interface atm 1/0/0 [RouterB-Atm1/0/0] pvc to_a 0/40 [RouterB-atm-pvc-Atm1/0/0-0/40-to_a] [RouterB-atm-pvc-Atm1/0/0-0/40-to_a] [RouterB-Atm1/0/0] pvc to_c 0/60 [RouterB-atm-pvc-Atm1/0/0-0/60-to_c] [RouterB-atm-pvc-Atm1/0/0-0/60-to_c] <RouterC> system-view [RouterC] interface atm 1/0/0 [RouterC-Atm1/0/0] pvc to_a 0/50 [RouterC-atm-pvc-Atm1/0/0-0/50-to_a] [RouterC-atm-pvc-Atm1/0/0-0/50-to_a] [RouterC-Atm1/0/0] pvc to_b 0/60 [RouterC-atm-pvc-Atm1/0/0-0/60-to_b] [RouterC-atm-pvc-Atm1/0/0-0/60-to_b]
map ip 202.38.160.2 quit map ip 202.38.160.3 return
3.
Configure mapping rules for ATM simple traffic classification and enable simple traffic classification
7-44

NOTE
If you do not set the mapping rule for the downstream, the router uses the rule in the default domain. If other DS domain is applied to the interface, the router uses the rule in the user-defined domain.
l
For the traffic that goes into the ATM network, set ATM mapping rules for simple traffic classification and enable simple traffic classification on the Router A, Router B, and Router C.
<RouterA> system-view [RouterA] diffserv domain default [RouterA-dsdomain-default] atm-outbound af1 green map 0 [RouterA-dsdomain-default] quit [RouterA] interface atm 1/0/0 [RouterA-Atm1/0/0] trust upstream default [RouterA-Atm1/0/0] return <RouterB> system-view [RouterB] diffserv domain default [RouterB-dsdomain-default] atm-outbound af1 green map 0 [RouterB-dsdomain-default] quit [RouterB] interface atm 1/0/0 [RouterB-Atm1/0/0] trust upstream default [RouterB-Atm1/0/0] return <RouterC> system-view [RouterC] diffserv domain default [RouterC-dsdomain-default] atm-outbound af1 green map 0 [RouterC-dsdomain-default] quit [RouterC] interface atm 1/0/0 [RouterC-Atm1/0/0] trust upstream default [RouterC-Atm1/0/0] return
The IPoA service has been configured for the traffic that is sent out of the ATM network, so Router A, Router B, and Router C can automatically obtain the IP packets and forward them to other interfaces.
4.
Check the configuration. # View the status of the PVC on Router A.

[RouterA] display atm pvc-info VPI/VCI |STATE|PVC-NAME |INDEX |ENCAP|PROT |INTERFACE --------|-----|----------------|--------|-----|-----|--------------------0/40 |UP |to_b |0 |SNAP |IP |Atm1/0/0 (UP) 0/50 |UP |to_c |1 |SNAP |IP |Atm1/0/0 (UP)
# View the mapping rule for the PVC on Router A.

[RouterA] display atm map-info Atm1/0/0, PVC 0/40, IP, State UP 202.38.160.2, vlink 393217 Atm1/0/0, PVC 0/50, IP, State UP 202.38.160.3, vlink 393218
Similarly, you can view the status of the PVC and the mapping rule on Router B and Router C. # On Router A, run the ping command to ping Router B. Router A can ping through Router B.
[RouterA] ping 202.38.160.2 PING 202.38.160.2: 56 data bytes, press CTRL_C to break Reply from 202.38.160.2: bytes=56 Sequence=1 ttl=255 time=62 Reply from 202.38.160.2: bytes=56 Sequence=2 ttl=255 time=31 Reply from 202.38.160.2: bytes=56 Sequence=3 ttl=255 time=31 Reply from 202.38.160.2: bytes=56 Sequence=4 ttl=255 time=31 Reply from 202.38.160.2: bytes=56 Sequence=5 ttl=255 time=31 --- 202.38.160.2 ping statistics --5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 31/37/62 ms ms ms ms ms ms
Issue 03 (2008-09-22)
7-45
Similarly, Router A can ping through Router C; Router B can ping through Router A and Router C; Router C can ping through Router A and Router B.
Configuration Files
l

# sysname RouterA # interface Atm1/0/0 undo shutdown trust upstream default pvc to_b 0/40 map ip 202.38.160.2 pvc to_c 0/50 map ip 202.38.160.3 ip address 202.38.160.1 255.255.255.0 # diffserv domain default atm-outbound af1 green map 0 # return
Configuration file of Router B.

# sysname RouterB # interface Atm1/0/0 undo shutdown trust upstream default pvc to_a 0/40 map ip 202.38.160.1 pvc to_c 0/60 map ip 202.38.160.3 ip address 202.38.160.2 255.255.255.0 # diffserv domain default atm-outbound af1 green map 0 # return
Configuration file of Router C.

# sysname RouterC # interface Atm1/0/0 undo shutdown trust upstream default pvc to_a 0/50 map ip 202.38.160.1 pvc to_b 0/60 map ip 202.38.160.2 ip address 202.38.160.3 255.255.255.0 # diffserv domain default atm-outbound af1 green map 0 # return
7.8.5 Example for Configuring 1483B-Based ATM Simple Traffic Classificaiton
7-46
Issue 03 (2008-09-22)
As shown in Figure 7-10, Router A and Router B are located at the edge of the ATM network to carry out the access to the IP network. The intranets of an enterprise are in two different locations. The ATM interfaces of the routers are used to transparently transmit Ethernet frames for the intranet. The enterprise has two departments, whose VLAN IDs are 10 and 20 respectively. ATM bridging function is enabled on the routers so that users in the same VLAN can communicate as if they are in the same LAN. On the outbound interfaces of Router A and Router B, enable simple traffic classification to apply IP QoS to the ATM network. Figure 7-10 Networking diagram of configuring 1483B-based ATM simple traffic classification
The configuration roadmap is as follows: 1. 2. 3. 4. 5. Create the VLAN and add GE ports into the VLAN. Create the VE interface and add the VE interface to the VLAN. Create a PVC and set the IPoEoA mapping for the PVC. Configure mapping rules for ATM simple traffic classification. Enable simple traffic classification.
Data Preparation
l l l l
Number of the interface that is added to the VLAN ID of the VLAN that is connected to the ATM network VPI/VCI of the PVC that is used to transparently transmit layer 2 packets Service type and CLP value
Configurations of Router A and Router B are the same as follows: 1. On Router A and Router B, create VLANs and add the GE interfaces to the VLAN.
<Quidway> system view [Quidway] vlan 10 [Quidway-vlan10] quit [Quidway] vlan 20
Issue 03 (2008-09-22)
7-47
[Quidway-vlan20] quit [Quidway] interface gigabitethernet3/0/1 [Quidway-GigabitEthernet3/0/1] undo shutdown [Quidway-GigabitEthernet3/0/1] portswitch [Quidway-GigabitEthernet3/0/1] port default vlan 10 [Quidway-GigabitEthernet3/0/1] quit [Quidway] interface gigabitethernet3/0/2 [Quidway-GigabitEthernet3/0/2] undo shutdown [Quidway-GigabitEthernet3/0/2] portswitch [Quidway-GigabitEthernet3/0/2] port default vlan 20 [Quidway-GigabitEthernet3/0/2] quit [Quidway] quit
2.
On Router A and Router B, create VE interfaces and add the VE interfaces to VLAN.
<Quidway> system view [Quidway] interface virtual-ethernet1/0/0 [Quidway-Virtual-Ethernet1/0/0] portswitch [Quidway-Virtual-Ethernet1/0/0] port default vlan 10 [Quidway-Virtual-Ethernet1/0/0] quit [Quidway] interface virtual-ethernet1/0/1 [Quidway-Virtual-Ethernet1/0/1] portswitch [Quidway-Virtual-Ethernet1/0/1] port default vlan 20 [Quidway-Virtual-Ethernet1/0/1] quit [Quidway] quit
3.
On Router A and Router B, create PVCs and set IPoEoA mapping for the PVC.
<Quidway> system view [Quidway] interface atm1/0/0 [Quidway-Atm1/0/0] undo shutdown [Quidway-Atm1/0/0] pvc 100/1 [Quidway-atm-pvc-Atm1/0/0-100/1-1] [Quidway-atm-pvc-Atm1/0/0-100/1-1] [Quidway-atm-pvc-Atm1/0/0-100/1-1] [Quidway-Atm1/0/0] pvc 100/2 [Quidway-atm-pvc-Atm1/0/0-100/2-2] [Quidway-atm-pvc-Atm1/0/0-100/2-2] [Quidway-atm-pvc-Atm1/0/0-100/2-2] [Quidway] quit
encapsulation aal5snap map bridge virtual-ethernet1/0/0 quit encapsulation aal5snap map bridge virtual-ethernet1/0/1 quit
4.
Configure mapping rules for ATM simple traffic classification and enable simple traffic classification
NOTE
If you do not set the mapping rule for the downstream, the router uses the rule in the default domain. If other DS domain is applied to the interface, the router uses the rule in the user-defined domain.
l
For the traffic that goes into the ATM network, set ATM mapping rules for simple traffic classification and enable simple traffic classification on the Router A and Router B.
<Quidway> system-view [Quidway] diffserv domain default [Quidway-dsdomain-default] atm-outbound af1 green map 0 [Quidway-dsdomain-default] quit [Quidway] interface atm1/0/0 [Quidway-Atm1/0/0] pvc 100/1 [Quidway-atm-pvc-Atm1/0/0-100/1-1] trust upstream default [Quidway-Atm1/0/0] pvc 100/2 [Quidway-atm-pvc-Atm1/0/0-100/2-2] trust upstream default [Quidway-atm-pvc-Atm1/0/0-100/2-2] return
The IPoEoA service has been configured for the traffic that is sent out of the ATM network, so Router A and Router B can automatically obtain the IP packets and forward them to Ethernet interfaces.
5.
Verify the configuration. # View the status of the PVC on Router A and Router B.
[Quidway] display atm pvc-info VPI/VCI |STATE|PVC-NAME |INDEX |ENCAP|PROT |INTERFACE
7-48
Issue 03 (2008-09-22)
--------|-----|-------------|--------|-----|-----|----------------------100/1 |UP | |0 |SNAP |GE |Atm3/0/1 (UP) 100/2 |UP | |1 |SNAP |GE |Atm3/0/2 (UP)
The PCs connected to Router A and that connected to Router B can ping through each other.
Configuration Files
l

# sysname RouterA # vlan batch 10 20 # interface Atm1/0/0 undo shutdown pvc 100/1 map bridge Virtual-Ethernet1/0/0 trust upstream default pvc 100/2 map bridge Virtual-Ethernet1/0/1 trust upstream default # interface Gigabitethernet3/0/1 undo shutdown portswitch port default vlan 10 # interface Gigabitethernet3/0/2 undo shutdown portswitch port default vlan 20 # interface Virtual-Ethernet1/0/0 portswitch port default vlan 10 # interface Virtual-Ethernet1/0/1 portswitch port default vlan 20 # diffserv domain default atm-outbound af1 green map 0 # return
Configuration file of Router B.

# sysname RouterB # vlan batch 10 20 # interface Atm1/0/0 undo shutdown pvc 100/1 map bridge Virtual-Ethernet1/0/0 trust upstream default pvc 100/2 map bridge Virtual-Ethernet1/0/1 trust upstream default # interface Gigabitethernet3/0/1 undo shutdown portswitch port default vlan 10 # interface Gigabitethernet3/0/2 undo shutdown portswitch
Issue 03 (2008-09-22)
7-49

port default vlan 20 # interface Virtual-Ethernet1/0/0 portswitch port default vlan 10 # interface Virtual-Ethernet1/0/1 portswitch port default vlan 20 # diffserv domain default atm-outbound af1 green map 0 # return
7.8.6 Example for Configuring Forced ATM Traffic Classification

As shown in Figure 7-11, when PE1 receives the ATM cells from CE1, it transmits transparently the ATM cells over PW to PE2. PE2 then transmits the ATM cells on the ATM link. Configure L2VPN between PE1 and PE2; set forced traffic classification for the traffic flowing from CE1 to CE2. Figure 7-11 Networking diagram for forced ATM traffic classification
The configuration roadmap is as follows: 1. 2. 3. 4. 5. 6. 7.
7-50
Configure the IP addresses and PVC parameters for the interfaces. Configure IGP on the P and PE devices in the MPLS network to achieve IP connectivity. Configure basic MPLS functions on the P and PE devices. Configure MPLS LDP on the P and PE devices. Establish LDP sessions between the two PEs. Enable MPSL L2VPN on the PE devices. Configure transparent transmission of ATM cells on the PE devices.
8.
Configure forced ATM traffic classification on the upstream interface ATM 3/0/0 of PE1.
Data Preparation
l l l l l
Data for configuring OSPF Remote peer name of the PE VC ID VPI/VCI value on the CE CoS and color of IP packets on the PVC for forced traffic classification.
1. Configure the ATM interfaces of the CEs. # Configure CE1.
# Configure CE2.
2.
3.
Configure based MPLS and LDP on the MPLS network. See Example for Configuring Simple Traffic Classification for 1-to-1 VCC ATM Transparent Transmission step 3.
4.
Establish LDP sessions between the two PE devices. See Example for Configuring Simple Traffic Classification for 1-to-1 VCC ATM Transparent Transmission step 4.
5.
Enable MPLS L2VPN on PEs, and then configure ATM cell relay in 1-to-1 VCC mode. See Example for Configuring Simple Traffic Classification for 1-to-1 VCC ATM Transparent Transmission step 5.
6.
Configure forced ATM traffic classification on PE1.

<PE1> system-view [PE1] interface atm 3/0/0 [PE1-Atm3/0/0] undo shutdown [PE1-Atm3/0/0] quit [PE1] interface atm 3/0/0.1
Issue 03 (2008-09-22)
7-51

[PE1-Atm3/0/0.1] traffic queue af4 green [PE1-Atm3/0/0.1] quit [PE1] interface pos 2/0/0 [PE1-pos2/0/0] undo shutdown [PE1-pos2/0/0] trust upstream default [PE1-pos2/0/0] return
NOTE
7.
Verify the configuration On the PE devices, view the L2VPN connections. The output shows that an L2VC is set up and the status is Up.
<PE1> display mpls l2vc Total ldp vc : 1 1 up 0 down
*Client Interface : POS2/0/0 Session State : up AC Status : up VC State : up VC ID : 1 VC Type : ip-interworking Destination : 3.3.3.9 Local VC Label : 138240 Remote VC Label : 138240 Control Word : Disable Local VC MTU : 1500 Remote VC MTU : 1500 Tunnel Policy Name : -Traffic Behavior Name: -PW Template Name : -Create time : 0 days, 0 hours, 0 minutes, 29 seconds UP time : 0 days, 0 hours, 0 minutes, 26 seconds Last change time : 0 days, 0 hours, 0 minutes, 26 seconds
The output shows that the Session State, AC Status, and VC State are Up. This implies that the L2VPN has been configured successfully. From the CE, run the ping command to ping the other CE. The two CEs should be able to ping through each other.
Configuration Files
l


# sysname CE2 # interface Atm2/0/0 undo shutdown # interface Atm2/0/0.1 pvc 1/100
7-52
Issue 03 (2008-09-22)

map ip 202.38.160.1 ip address 202.38.160.2 255.255.255.0 # return l

# sysname PE1 # mpls lsr-id 1.1.1.9 mpls lsp-trigger all mpls l2vpn # mpls ldp # mpls ldp remote-peer 1 remote-ip 3.3.3.9 # interface Atm3/0/0 undo shutdown # interface Atm3/0/0.1 p2p traffic queue af4 green atm cell transfer pvc 1/100 mpls l2vc 3.3.3.9 101 no-control-word # interface Pos2/0/0 undo shutdown ip address 10.1.1.1 255.255.255.0 trust upstream default mpls mpls ldp # interface LoopBack1 ip address 1.1.1.9 255.255.255.255 # ospf 1 area 0.0.0.0 network 1.1.1.9 0.0.0.0 network 10.1.1.0 0.0.0.255 network 202.38.160.0 0.0.0.255 # return
# sysname P # mpls lsr-id 2.2.2.9 mpls lsp-trigger all # mpls ldp # interface Pos1/0/0 undo shutdown link-protocol ppp ip address 10.1.1.2 255.255.255.0 mpls mpls ldp # interface Pos2/0/0 undo shutdown link-protocol ppp ip address 10.1.2.1 255.255.255.0 mpls mpls ldp #
Issue 03 (2008-09-22)
7-53

interface LoopBack1 ip address 2.2.2.9 255.255.255.255 # ospf 1 area 0.0.0.0 network 2.2.2.9 0.0.0.0 network 10.1.1.0 0.0.0.255 network 10.1.2.0 0.0.0.255 # return l

# sysname PE2 # mpls lsr-id 3.3.3.9 mpls lsp-trigger all mpls l2vpn # mpls ldp # mpls ldp remote-peer 1 remote-ip 1.1.1.9 # interface Atm1/0/0 undo shutdown # interface Atm4/0/0.1 p2p traffic queue af4 green atm cell transfer pvc 1/100 mpls l2vc 1.1.1.9 101 no-control-word # interface Pos2/0/0 undo shutdown ip address 10.1.2.2 255.255.255.0 mpls mpls ldp # interface LoopBack1 ip address 3.3.3.9 255.255.255.255 ospf 1 area 0.0.0.0 network 1.1.1.9 0.0.0.0 network 10.1.2.0 0.0.0.255 network 202.38.160.0 0.0.0.255 # return
7.8.7 Example for Configuring the ATM Complex Traffic Classification

As shown in Figure 7-12, Router A, Router B, and Router C are at the edge of the ATM network. They control the access to IP networks, enabling communications between the three separated packet switched networks (PSNs). IP packets are encapsulated into AAL5 frames when they are transmitted over the ATM network. The service is therefore called the IPoA service. When the packets leave the ATM network, the AAL5 frame headers are removed on the router before the packets are forwarded to other types of interfaces.
7-54
Issue 03 (2008-09-22)

l
The IP addresses of the ATM interfaces of the three routers are 202.38.160.1/24, 202.38.160.2/24, and 202.38.160.3/24. On the ATM network, the VPIs/VCIs of Router A are 0/40 and 0/50, which connect Router B and Router C respectively; the VPIs/VCIs of Router B are 0/40 and 0/60, which connect Router A and Router C respectively; the VPIs/VCIs of Router C are 0/50 and 0/60 respectively, which connect Router A and Router B respectively. All PVCs on the ATM interfaces of the three routers are in IPoA mode.
The specific requirements are as follows: The downstream ATM 1/0/0 on Router A is applied with the complex traffic classification. All ATM cells carrying the IP packets with the IP precedence of 5, 6, and 7 can pass; the ATM cells carrying the IP packets with the IP precedence of 4 are guaranteed with a bandwidth of 2 Mbit/ s. Figure 7-12 Networking diagram for configuring the ATM complex traffic classification
The configuration roadmap is as follows: 1. 2. 3. 4. 5. Configure the IP addresses of the interfaces. Configure traffic classifiers. Configure traffic behaviors. Configure traffic policies. Apply traffic policies to the ATM interfaces.
Data Preparation
l
The IP addresses of the ATM interfaces of the three routers: 202.38.160.1/24, 202.38.160.2/24, and 202.38.160.3/24.
Issue 03 (2008-09-22)

l
The VPIs/VCIs of Router A: 0/40 and 0/50, which connect Router B and Router C respectively The VPIs/VCIs of Router B: 0/40 and 0/60, which connect Router A and Router C respectively The VPIs/VCIs of Router C: 0/50 and 0/60, which connect Router A and Router B respectively Parameters for the ATM complex traffic classification: names of traffic classifiers, IP precedence, names of traffic behaviors, guaranteed bandwidths, the name of a traffic policy, and interfaces where the policy are applied
1. Enter the system view and configure IP addresses for the ATM interfaces of the routers.
<RouterA> system-view [RouterA] interface atm 1/0/0 [RouterA-Atm1/0/0] undo shutdown [RouterA-Atm1/0/0] ip address 202.38.160.1 255.255.255.0 [RouterA-Atm1/0/0] return <RouterB> system-view [RouterB] interface atm 1/0/0 [RouterB-Atm1/0/0] undo shutdown [RouterB-Atm1/0/0] ip address 202.38.160.2 255.255.255.0 [RouterB-Atm1/0/0] return <RouterC> system-view [RouterC] interface atm 1/0/0 [RouterC-Atm1/0/0] undo shutdown [RouterC-Atm1/0/0] ip address 202.38.160.3 255.255.255.0 [RouterC-Atm1/0/0] return
2.
Create PVCs and configure IPoA mappings for the PVCs.

<RouterA> system-view [RouterA] interface atm 1/0/0 [RouterA-Atm1/0/0] pvc to_b 0/40 [RouterA-atm-pvc-Atm1/0/0-0/40-to_b] [RouterA-atm-pvc-Atm1/0/0-0/40-to_b] [RouterA-Atm1/0/0] pvc to_c 0/50 [RouterA-atm-pvc-Atm1/0/0-0/50-to_c] [RouterA-atm-pvc-Atm1/0/0-0/50-to_c] <RouterB> system-view [RouterB] interface atm 1/0/0 [RouterB-Atm1/0/0] pvc to_a 0/40 [RouterB-atm-pvc-Atm1/0/0-0/40-to_a] [RouterB-atm-pvc-Atm1/0/0-0/40-to_a] [RouterB-Atm1/0/0] pvc to_c 0/60 [RouterB-atm-pvc-Atm1/0/0-0/60-to_c] [RouterB-atm-pvc-Atm1/0/0-0/60-to_c] <RouterC> system-view [RouterC] interface atm 1/0/0 [RouterC-Atm1/0/0] pvc to_a 0/50 [RouterC-atm-pvc-Atm1/0/0-0/50-to_a] [RouterC-atm-pvc-Atm1/0/0-0/50-to_a] [RouterC-Atm1/0/0] pvc to_b 0/60 [RouterC-atm-pvc-Atm1/0/0-0/60-to_b] [RouterC-atm-pvc-Atm1/0/0-0/60-to_b]
3.
Configure the ATM complex traffic classification. # Create traffic classifiers and define matching rules.
[RouterA] traffic classifier a [RouterA-classifier-a] if-match ip-precedence 7 [RouterA-classifier-a] if-match ip-precedence 6 [RouterA-classifier-a] if-match ip-precedence 5 [RouterA-classifier-a] quit [RouterA] traffic classifier b
7-56
Issue 03 (2008-09-22)

[RouterA-classifier-b] if-match ip-precedence 4 [RouterA-classifier-b] quit
After the preceding configuration, you can run the display command to view the configuration of the traffic classifiers.
[RouterA] display traffic classifier user-defined User Defined Classifier Information: Classifier: b Operator: OR Rule(s): if-match ip-precedence 4 Classifier: a Operator: OR Rule(s) : if-match ip-precedence 7 if-match ip-precedence 6 if-match ip-precedence 5
# Define traffic behaviors.

[RouterA] traffic behavior a [RouterA-behavior-a] permit [RouterA-behavior-a] quit [RouterA] traffic behavior b [RouterA-behavior-b] car cir 2000 [RouterA-behavior-b] quit
After the preceding configuration, you can run the display command to view the configuration of the traffic classifiers.
[PE1] display traffic behavior user-defined User Defined Behavior Information: Behavior: b Committed Access Rate: CIR 2000 (Kbps), PIR 0 (Kbps), CBS 10000 (byte), PBS 0 (byte) Conform Action: pass Yellow Action: pass Exceed Action: discard Behavior: a Firewall: permit
# Define a traffic policy and associate the traffic classifiers with the traffic behaviors.
[RouterA] traffic policy p [RouterA-trafficpolicy-a] classifier a behavior a [RouterA-trafficpolicy-a] classifier b behavior b [RouterA-trafficpolicy-a] quit
# Apply the traffic policy to the outbound interface.

[RouterA] interface atm 1/0/0 [RouterA-Atm1/0/0] undo shutdown [RouterA-Atm1/0/0] traffic-policy p outbound [RouterA-Atm1/0/0] quit
4.
Verify the configuration. Run the display traffic policy command. You can view the configuration of the traffic policies, traffic classifiers defined in the traffic policies, and the traffic behaviors associated with traffic classifiers.
[RouterA] display traffic policy user-defined User Defined Traffic Policy Information: Policy: p Classifier: default-class Behavior: be -noneClassifier: a Behavior: a Firewall: permit Classifier: b Behavior: b Committed Access Rate:
Issue 03 (2008-09-22)
7-57

CIR 2000 (Kbps), PIR 0 (Kbps), CBS 10000 (byte), PBS 0 (byte) Conform Action: pass Yellow Action: pass Exceed Action: discard
Run the display interface command on Router A. You can view that the traffic on the interfaces are controlled according to the specified requirements.
Configuration Files
l

# sysname RouterA # traffic classifier a if-match ip-precedence 7 if-match ip-precedence 6 if-match ip-precedence 5 traffic classifier b if-match ip-precedence 4 # traffic behavior a permit traffic behavior b car cir 2000 cbs 10000 pbs 0 green pass red discard # traffic policy p classifier a behavior a classifier b behavior b # interface Atm1/0/0 undo shutdown pvc to_b 0/40 map ip 202.38.160.2 pvc to_c 0/50 map ip 202.38.160.3 ip address 202.38.160.1 255.255.255.0 traffic-policy p outbound # return

# sysname RouterB # interface Atm1/0/0 undo shutdown pvc to_a 0/40 map ip 202.38.160.1 pvc to_c 0/60 map ip 202.38.160.3 ip address 202.38.160.2 255.255.255.0 # return

# sysname RouterC # interface Atm1/0/0 undo shutdown pvc to_a 0/50 map ip 202.38.160.1 pvc to_b 0/60 map ip 202.38.160.2 ip address 202.38.160.3 255.255.255.0 # return
7-58
Issue 03 (2008-09-22)
7.8.8 Example for Configuring Queue Scheduling for an ATM PVC

As shown in Figure 7-13, GE 1/0/1 of Router A connects GE 1/0/0 of Router B. Server, PC1, and PC2 can access the Internet through Router A and Router B. Server, PC1, and GE1/0/0 of Router A are in the same network segment. PC2 and GE 2/0/0 of Router A are in the same network segment. To avoid congestion when a lot of traffic enters the ATM network, you are required to configure the traffic shaping and queue scheduling on ATM 2/0/1 of Router B. Figure 7-13 Networking diagram for configuring queue scheduling of ATM PVCs
The configuration roadmap is as follows: 1. 2. 3. 4. Set the IP address of each interface and the route. Configure IPoA on Router B. Configure the traffic shaping for the ATM PVC on ATM 2/0/1 of Router B. Configure the queue scheduling for the ATM PVC on ATM 2/0/1 of Router B.
Data Preparation
l l l
PVC name and VPI or VCI number Traffic shaping rate Queue name, queue scheduling type, and WFQ weight
1. 2.
Issue 03 (2008-09-22)
Configure the IP address and route to ensure normal operation of the network (omitted). Create a PVC and configure IPoA mapping of the PVC (omitted).
For details of the configurations, refer to "ATM Configuration" in the Quidway NetEngine80E/40E Router Configuration Guide WAN Access. 3. Configure the simple traffic classification on GE 1/0/0 of Router B.
<RouterB> system-view [RouterB] interface gigabitethernet 1/0/0 [RouterB-GigabitEthernet1/0/0] ip address 20.1.1.1 255.0.0.0 [RouterB-GigabitEthernet1/0/0] trust upstream default [RouterB-GigabitEthernet1/0/0] return
4.
Configure the traffic shaping and queue scheduling for the ATM PVC on Router B.
<RouterB> system-view [RouterB] atm service cbr-name cbr 100 2000 [RouterB] interface atm 2/0/1 [RouterB-Atm2/0/1] pvc 0/40 [RouterB-atm-pvc-Atm2/0/1-0/40] shutdown [RouterB-atm-pvc-Atm2/0/1-0/40] service output cbr-name [RouterB-atm-pvc-Atm2/0/1-0/40] pvc-queue ef pq outbound [RouterB-atm-pvc-Atm2/0/1-0/40] pvc-queue af4 wfq 50 outbound [RouterB-atm-pvc-Atm2/0/1-0/40] undo shutdown [RouterB-atm-pvc-Atm2/0/1-0/40] return
5.
Verify the configuration. Run the display atm pvc-queue command on Router B and view the queue scheduling information on PVC 0/40 on ATM 4/0/1. For example:
<RouterB> display atm pvc-queue interface atm 4/0/1 pvc 0/40 Show CBQ PVC configeration of interface Atm4/0/1 PVC 0/40: be distribute OutBound wfq Weight 20 af1 distribute OutBound wfq Weight 20 af2 distribute OutBound wfq Weight 20 af3 distribute OutBound wfq Weight 20 af4 distribute OutBound wfq Weight 50 ef distribute OutBound pq cs6 distribute OutBound wfq Weight 20 cs7 distribute OutBound wfq Weight 20
Configuration Files
l

# sysname RouterA # interface gigabitEthernet1/0/0 undo shutdown ip address 1.1.1.10 255.0.0.0 # interface gigabitEthernet1/0/1 undo shutdown ip address 20.1.1.2 255.0.0.0 # interface gigabitEthernet2/0/0 undo shutdown ip address 10.1.1.1 255.0.0.0 # ospf 1 area 0.0.0.0 network 1.0.0.0 0.255.255.255 network 10.0.0.0 0.255.255.255 network 20.0.0.0 0.255.255.255 # return

# sysname RouterB #
7-60
Issue 03 (2008-09-22)

atm service cbr-name cbr 100 2000 # interface GigabitEthernet1/0/0 undo shutdown ip address 20.1.1.1 255.0.0.0 trust upstream default # interface Atm2/0/1 undo shutdown ip address 30.1.1.1 255.0.0.0 pvc 0/40 map ip 202.38.160.2 service output cbr-name pvc-queue ef pq outbound pvc-queue af4 wfq 50 outbound # ospf 1 area 0.0.0.0 network 20.0.0.0 0.255.255.255 network 30.0.0.0 0.255.255.255 # return
Issue 03 (2008-09-22)
7-61
8 Frame Relay QoS Configuration
Frame Relay QoS Configuration
About This Chapter

This chapter describes the various QoS mechanism in FR network. It also describes the FR QoS configuration steps, along with typical examples. 8.1 Overview This section describes the basic concepts of frame relay QoS. 8.2 Configuring Frame Relay Traffic Shaping This section describes how to limit the rate of packets sent on the virtual circuit to avoid packet loss. 8.3 Configuring Frame Relay Traffic Policing This section describes how to limit the traffic entering a frame relay network to avoid network congestion. 8.4 Configuring Universal Frame Relay Queues This section describes how to set the cached packets to enter corresponding queues such as firstin-first-out (FIFO) queuing, custom queuing (CQ), priority queuing (PQ), weighted fair queuing (WFQ), class-based queuing (CBQ), and real time transport protocol queuing (RTPQ) and send the packets according to the scheduling mechanism. 8.5 Configuring PVC PQ of Frame Relay This section describes how to set the precedence of Permanent Virtual Circuit Priority Queuing (PVC PQ). Packets entering specified virtual circuits then are placed in the corresponding PVC PQ. 8.6 Configuring Frame Relay Congestion Avoidance This section describes how to configure frame relay class and WRED on frame interface to carry out congestion avoidance. 8.7 Configuring Frame Relay Fragmentation This section describes how to divide a large frame relay packet into several smaller ones to ensure that data can be transmitted with low delay on low-speed lines. 8.8 Debugging Frame Relay QoS This section describes how to debug FR QoS. 8.9 Configuration Examples
This section provides configuration examples of frame relay traffic shaping and frame relay fragmentation.
8-2
Issue 03 (2008-09-22)
8.1 Overview
This section describes the basic concepts of frame relay QoS. 8.1.1 Introduction to Frame Relay QoS 8.1.2 Frame Relay QoS Supported by the NE80E/40E
8.1.1 Introduction to Frame Relay QoS

QoS provides network services of different grades on demand. It can be used on a frame relay interface. In addition, frame relay also has its own QoS mechanisms, and can configure QoS at the PVC level to offer users, flexible quality services. Frame relay class defines traffic parameters. To validate the configured frame relay class parameters, associate frame relay class with an interface or a virtual circuit, and enable frame relay QoS on the related interface. After the frame relay class is associated with the interface, all virtual circuits on the interface inherit QoS parameters of the frame relay class. When a virtual circuit provides QoS, it searches the corresponding frame relay class in the following order:
l
If there is a frame relay class related to the virtual circuit, the virtual circuit uses the configured QoS parameters of such class. If there is a frame relay class related to the interface where the virtual circuit resides, the virtual circuit uses the configured QoS parameters of such class. If there is no frame relay class related to the interface where the virtual circuit resides, the virtual circuit uses the default QoS parameters.
8.1.2 Frame Relay QoS Supported by the NE80E/40E

The NE80E/40E supports the implementation of QoS on the frame relay links, including frame relay traffic shaping (FRTS), frame relay traffic policing (FRTP), frame relay congestion management, frame relay queue management, and frame relay fragmentation.
8.2 Configuring Frame Relay Traffic Shaping

This section describes how to limit the rate of packets sent on the virtual circuit to avoid packet loss. 8.2.1 Establishing the Configuration Task 8.2.2 Configuring FRTS Parameters 8.2.3 Applying FRTS Parameters to the Interface 8.2.4 Enabling FRTS

If the rates of the link at two ends of a router are unmatched, packets transmitted in the network may be discarded when they are sent from a high-speed interface to a low-speed interface. To avoid this, you need to configure FRTS to limit the rate of packets sent from the virtual circuit.
Before configuring FRTS, complete the following tasks:
l l
Configuring the frame relay interface or the multi-link frame relay bundle interface Configuring the related parameters of frame relay interface or multi-link frame relay bundle interface
Data Preparation
To configure FRTS, you need the following data. No 1 2 3 4 5 Data Name of frame relay class Committed information rate (CIR), MinCIR, committed burst size (CBS) and excess burst size (EBS) Number of frame relay interface, MFR number, or Data-Link Connection Identifier (DLCI) Ratio that adjusts rate according to the receiving status of Backward Explicit Congestion Notification (BECN) packets Length threshold of interface queue that triggers rate adjustment
8.2.2 Configuring FRTS Parameters

Context
Self-adaptive traffic adjustment function of FRTS decides the sending rate to be reduced using the following two methods:
l
BECN: After the sending interface of a router receives packets with a BECN value of 1 bit from the frame relay network, all PVCs that have been configured with FRTS reduce the sending rate by the specified percentage. The bigger value between the reduced rate and MinCIR serves as the new sending rate. After the sending rate is reduced, if the router receives no packet with BECN field as 1 within the period of time of 16 (Tc), the sending rate increases by the specified percentage. The smaller value between the increased rate and the CIR serves as the new sending rate. Interface congestion: When the number of packets in the queue of the sending interface reaches the set value, all PVCs that have been configured with FRTS reduce their sending
8-4
rates. When the number of packets in the queue is less than the set value, the sending rate is raised again. Do as follows on the router:
Procedure
Step 1 Run:
system-view

fr class class-name
An FR class is created and the FR class view is displayed. Step 3 Perform the following as required to set the committed information rate.
l
Run
cir allow outbound rate-limit
CIR is set.
l
Run:
cir rate-limit
The minimum CIR is set.

l
Run:
cbs outbound cbs
CBS is set.
l
Run:
pbs outbound pbs
PBS is set.
l
Run:
traffic-shaping adaptation { becn percentage | interface-congestion number }
Self-adaptive traffic adjustment of FRTS is enabled. The MinCIR cannot be larger than the CIR. ----End
8.2.3 Applying FRTS Parameters to the Interface

Context
Procedure
Step 1 Run:
system-view

Step 2 Perform the following as required.

l
Run:
The FR interface view is displayed.

l
Run:
interface mfr interface-number
The MFR view is displayed.

l
To apply traffic shaping parameters to the specified DLCI, run:

fr dlci dlci
The DLCI view is displayed. Step 3 Run:

fr-class class-name
The FR class is associated with the interface. FRTS is applied to the sending interface of frame relay packets on a router. In general, it is applied to the Data Terminal Equipments (DTE) end of the frame relay network. ----End
8.2.4 Enabling FRTS

Context
Run the following commands on the router:
Procedure
Step 1 Run:
system-view
The system view is displayed. Step 2 Perform the following as required.

l
Run:

l
Run:
The MFR view is displayed. Step 3 Run:

fr traffic-shaping
FRTS is enabled. You can enable traffic shaping. You cannot enable RTP queue attributes if you run the qos rtpq command after the fr traffic-shaping command. To enable RTP priority queue, you need to run the rtpq command in the frame relay class view and apply it to the virtual circuit. ----End
8.3 Configuring Frame Relay Traffic Policing

This section describes how to limit the traffic entering a frame relay network to avoid network congestion. 8.3.1 Establishing the Configuration Task 8.3.2 Configuring FRTP Parameters 8.3.3 Applying FRTP Parameters to the Interface 8.3.4 Enabling FRTP

The rate of traffic that enters a frame relay network needs to be limited to avoid network congestion. Through the FRTP configuration, you can limit the network traffic within a certain scope. FRTP can be applied only to the inbound interfaces of routers. In addition, it can be applied to only the Data Circuit-terminal Equipment (DCE) end of a frame relay network.
NOTE
For configurations about DTE and DCE, refer to the Quidway NetEngine80E/40E Router Configuration Guide WAN Access.
Before configuring FRTP, complete the following tasks:
l l
Configuring the frame relay interface or multi-link frame relay bundle interface Configuring related parameters of the frame relay interface or multi-link frame relay bundle interface
Data Preparation
To configure FRTP, you need the following data. No 1 2 3 Data Name of the frame relay class CIR, CBS and EBS Number of frame relay interface or MFR number
8.3.2 Configuring FRTP Parameters

Context
Procedure
Step 1 Run:
system-view

fr class class-name
An FR class is created and the FR class view is displayed. Step 3 Perform the following as required to set the information rate.
l
Run
cir allow outbound rate-limit
CIR is set.
l
Run:
cbs outbound cbs
CBS is set.
l
Run:
pbs outbound pbs
PBS is set. ----End
8.3.3 Applying FRTP Parameters to the Interface

Context
Procedure
Step 1 Run:
system-view

l
Run:

l
Run:


fr-class class-name
The FR class is associated with the interface. ----End
8.3.4 Enabling FRTP

Context
Procedure
Step 1 Run:
system-view

l
Run:

l
Run:

fr traffic-policing
FRTP is enabled. ----End
8.4 Configuring Universal Frame Relay Queues

This section describes how to set the cached packets to enter corresponding queues such as firstin-first-out (FIFO) queuing, custom queuing (CQ), priority queuing (PQ), weighted fair queuing (WFQ), class-based queuing (CBQ), and real time transport protocol queuing (RTPQ) and send the packets according to the scheduling mechanism. 8.4.1 Establishing the Configuration Task 8.4.2 Configuring Universal Frame Relay Queues 8.4.3 Applying Universal Queues to an Frame Relay Interface 8.4.4 Applying Universal Queues to Frame Relay Virtual Circuits

For congestion management, the packets that exceed bandwidth need to be stored for a while, and sent after the network becomes idle. To configure universal frame relay queues, the cached packets can be set to enter corresponding queues such as first-in-first-out (FIFO) queuing, custom queuing (CQ), priority queuing (PQ), weighted fair queuing (WFQ), and real time transport protocol queuing (RTPQ) and sent according to the scheduling mechanism.
Before configuring universal queues of frame relay, complete the following tasks:
l l
Configuring the frame relay interface or multi-link frame relay bundle interface Configuring related parameters of the frame relay interface or multi-link frame relay bundle interface Configuring frame relay virtual circuits and related parameters
Data Preparation
To configure the universal queues of frame relay, you need the following data. No 1 Data FIFO queue length, CQ queue number, PQ queue number, WFQ queue total, and maximum length of queues, upper limit and lower limit of UDP port, and RTP bandwidth Name of the frame relay class Interface type and number DLCI number
2 3 4
8.4.2 Configuring Universal Frame Relay Queues

Context
The frame relay interface supports universal queues such as FIFO, PQ, CQ, WFQ, and RTPQ. The rtpq command is used to set a strict priority queue. That is, only the UDP packet whose destination port number is an even and is between start-port and end-port enter the RTP priority queue. Do as follows on teh router:
Procedure
Step 1 Run:
system-view
8-10
Issue 03 (2008-09-22)

fr class class-name
An FR class is created and the FR class view is displayed. Step 3 Perform the following as required to configure different FR queues.
l
Run:
fifo queue-length queue-size
The length FR FIFO queue is set.

l
Run:
pq pql list-number
FR PQ is set.
l
Run:
cq cql list-number
FR CQ is set.
l
Run:
wfq [ congestive-discard-threshold [ dynamic-queues ] ]
FR WFQ is set.
l
Run:
rtpq start-port min-rtp-port-number end-port max-rtp-port-number bandwidth bandwidth [ cbs cbs ]
RTPQ is applied. ----End
8.4.3 Applying Universal Queues to an Frame Relay Interface

Context
Procedure
Step 1 Run:
system-view

l
Run:

l
Run:

fr-class class-name
Issue 03 (2008-09-22)
8-11
Universal frame relay queues are applied. ----End
Postrequisite
When an FR interface is enabled with FRTS or congestion management, the interface supports only FIFO, PVC PQ, or RTPQ.
8.4.4 Applying Universal Queues to Frame Relay Virtual Circuits

Context
Procedure
Step 1 Run:
system-view

l
Run:

l
Run:

fr traffic-shaping
FRTS is enabled. When an FR interface is enabled with FRTS, each virtual circuit on his interface has an independent virtual circuit queue. The queue type of the virtual circuit can be FIFO, PQ, CQ, WFQ, or RTPQ. When the FR virtual circuit enables congestion management, the queue type of virtual circuit can be only FIFO. Step 4 Run:
fr dlci dlci

fr-class class-name
The universal queues of FR are applied. ----End

8.5 Configuring PVC PQ of Frame Relay

This section describes how to set the precedence of Permanent Virtual Circuit Priority Queuing (PVC PQ). Packets entering specified virtual circuits then are placed in the corresponding PVC PQ. 8.5.1 Establishing the Configuration Task 8.5.2 Configuring PVC PQ on an FR Interface 8.5.3 Configuring the FR PVC PQ Precedence

Permanent Virtual Circuit Priority Queuing (PVC PQ) is a unique queue on the frame relay interface. When the key data with priority is to be forwarded on the virtual circuit of the frame relay, you need to configure the frame relay virtual circuit.
Before configuring queue management of frame relay, complete the following tasks:
l l
Configuring the frame relay interface or multi-link frame relay bundle interface Configuring related parameters of the frame relay interface or multi-link frame relay bundle interface Configuring frame relay virtual circuits and related parameters
Data Preparation
To configure PVC PQ of frame relay, you need the following data. No 1 2 3 4 Data Name of frame relay class The length of queues with top, middle, normal and bottom priorities Interface type and number DLCI number
8.5.2 Configuring PVC PQ on an FR Interface
Issue 03 (2008-09-22)
8-13
Context
PVC PQ contians four sub-queues, that is, top, middle, normal, and bottom queues. The top value has the highest priority and the bottom queue has the lowest priority. PVC PQ classifies packets into four groups to enter the above four sub-queues. The router sends packets in order according to the priorites of queues. That is, first send packets in top queue, then middle queue, normal queue, and bottom queue. Run the fr traffic-shaping command prior to running the fr pvc-pq command. Do as follows on the router:
Procedure
Step 1 Run:
system-view

l
Run:

l
Run:

fr pvc-pq [ top-limit middle-limit normal-limit bottom-limit ]
The queue type of the FR interface is set to PVC PQ. ----End
8.5.3 Configuring the FR PVC PQ Precedence

Context
Procedure
Step 1 Run:
system-view

fr class class-name
An FR class is created and the FR class view is displayed. Step 3 Run:

pvc-pq { top | middle | normal | bottom }
8-14
Issue 03 (2008-09-22)
PVC PQ is specified. Step 4 Run:

quit
Return to the system view. Step 5 Perform the following as required.

l
Run:

l
Run:

fr dlci dlci

fr-class class-name
The FR class is associated with a virtual circuit. Each FR virtual circuit on the interface has its own PVC PQ preference. Packets sent from this virtual circuit can only enter the corresponding PVC PQ. ----End
8.6 Configuring Frame Relay Congestion Avoidance

This section describes how to configure frame relay class and WRED on frame interface to carry out congestion avoidance. 8.6.1 Establishing the Configuration Task 8.6.2 Creating a Frame Relay Class 8.6.3 Configuring WRED Parameters 8.6.4 Applying WRED Parameters on the Frame Relay Interface 8.6.5 Checking the Configuration

Traditional frame relay congestion avoidance is carried out by using the tail drop policy, which leads to inevitable global TCP synchronization. In addition, the device cannot perform selective packet dropping according to the status of queues. To avoid global TCP synchronization, you can configure Weighted Random Early Detection (WRED) to carry out congestion avoidance. When configuring WRED, you can set the threshold values for each queue.

l l l
When the length of a queue is less than the low limit, no packet is dropped. When the length of a queue exceeds the high limit, all the incoming packets are dropped. When the length of a queue is between the low and high limits, the incoming packets are dropped randomly. The longer the queue is, the higher the dropping probability is.
WRED enables the system to drop packets selectively before congestion occurs and thus improve QoS performance of interface. In frame relay, you can set WRED parameters on multiple interfaces or frame relay links to optimize the link efficiently.
Before configuring congestion avoidance in frame relay fragmentation, complete Configuring basic frame relay functions
Data Preparation
To configure congestion avoidance in frame relay, you need the following data. No. 1 2 3 4 Data Name of frame relay Value of WRED parameters High and low threshold WRED values for each local queue The drop percentage of each queue
8.6.2 Creating a Frame Relay Class

Context
Do as follows on the router.
Procedure
Step 1 Run:
system-view

fr class class-name
An frame relay (FR) class is created and the FR class view is displayed. Step 3 Run:
wred enable
8-16
Issue 03 (2008-09-22)
The WRED function is enabled. ----End
8.6.3 Configuring WRED Parameters

Procedure
l Configuring WRED Parameters Do as follows on the router. 1. Run:
system-view

fr class class-name
View of the specified FR class is displayed. 3. Run:

wred weighting-constant length-factor
The value of the mean weighted factor for queues is set.

NOTE
l l
The current queue length has an impact on the average queue length. The impact varies inversely with the weighting factor. When the value of the weighting factor is 1, the average queue length equals the current queue length.
Configuring WRED Parameters for the FIFO Queue Do as follows on the router. 1. Run:
system-view

fr class class-name

wred fifo low-limit mini-number high-limit max-number discard-probability denominator
The higher limit, lower limit and denominator used for calculating the drop percentage are set for the FIFO queue. l Configuring WRED Parameters for the PQ Queue Do as follows on the router. 1. Run:
system-view
Issue 03 (2008-09-22)
8-17

fr class class-name

wred pq queue { bottom | middle | normal | top } low-limit mini-number highlimit max-number discard-probability denominator
The higher limit, lower limit and denominator used for calculating the drop percentage are set for the PQ queue. l Configuring WRED Parameters for the CQ Queue Do as follows on the router. 1. Run:
system-view

fr class class-name

wred cq queue queue-number low-limit mini-number high-limit max-number discard-probability denominator
The higher limit, lower limit and denominator used for calculating the drop percentage are set for the CQ queue. l Configuring WRED Parameters for the WFQ Queue Do as follows on the router. 1. Run:
system-view

fr class class-name
The specified FR class view is displayed. 3. Run:

wred cq queue queue-number low-limit mini-number high-limit max-number discard-probability denominator
The higher limit, lower limit and denominator used for calculating the drop percentage are set for the WFO queue. ----End
8.6.4 Applying WRED Parameters on the Frame Relay Interface

Context
Do as follows on the router.
Procedure
Step 1 Run:
system-view

interface interface-type interface-number [.subnumber ]
View of the specified frame relay interface is displayed. Step 3 Run:

fr-class fr-class-name
The WRED parameters configured under the FR class view are applied to the interface. ----End

Action Check the status of the frame relay interface. Command display fr interface [ interface-type interface-number ]
8.7 Configuring Frame Relay Fragmentation

This section describes how to divide a large frame relay packet into several smaller ones to ensure that data can be transmitted with low delay on low-speed lines. 8.7.1 Establishing the Configuration Task 8.7.2 Configuring Frame Relay Fragmentation 8.7.3 Applying FR Fragmentation to a Virtual Circuit 8.7.4 Checking the Configuration

On low-speed frame relay links, large packets may increase the transmission delay. Accordingly, some packets with high demand on real time cannot be sent in time. With the frame relay fragmentation feature, a large frame relay packet is divided into several smaller packets, ensuring the transmission with low delay on low-speed links.
Before configuring frame relay fragmentation, complete the following tasks:

l l
Configuring the frame relay interface or multi-link frame relay bundle interface Configuring related parameters of the frame relay interface or multi-link frame relay bundle interface Configuring the frame relay virtual circuit and related parameters
Data Preparation
To configure the frame relay fragmentation, you need the following data. No 1 2 3 4 Data Length of fragment Name of the frame relay class Interface type and number DLCI number
8.7.2 Configuring Frame Relay Fragmentation

Context
Procedure
Step 1 Run:
system-view

fr class class-name
An FR class is created and the FR class view is displayed. Step 3 Run:

fragment [ fragment-size ]
FR fragmentation is enabled. ----End
8.7.3 Applying FR Fragmentation to a Virtual Circuit

Context
To validate frame relay fragmentation, you need to enable FRTS. Do as follows on the router:
Procedure
Step 1 Run:
system-view

l
Run:

l
Run:

fr dlci dlci

fr-class class-name
The FR class is applied. ----End

Run the following command to check the previous configuration. Action View the frame relay fragmentation on an interface. Command display fr fragment-info [ interface interface-type interface-number ] [ dlci-number ]
Run the display fr fragment-info command. If information about frame relay fragments is displayed, it means that the configuration succeeds. For example:
<Quidway> display fr fragment-info interface Serial Serial4/0/0 dlci type size in/out/drop 16 FRF12(ETE) 80 0/0/0
8.8 Debugging Frame Relay QoS

This section describes how to debug FR QoS.
Issue 03 (2008-09-22)
8-21
CAUTION
Debugging affects the performance of the system. So, after debugging, run the undo debugging all command to disable it immediately. Run the debug commands in the user view to debug FR QoS and locate the fault. For the procedure of displaying the debugging information, refer to NE80E/40E Router Command Reference. Action Enable congestion management debugging. Enable rate adjustment debugging. Command debugging fr congestion [ interface interface-type interface-number ] debugging fr transmit-rate [ interface interfacetype interface-number ]

This section provides configuration examples of frame relay traffic shaping and frame relay fragmentation. 8.9.1 Example for Configuring Frame Relay Traffic Shaping 8.9.2 Example for Configuring Frame Relay Fragmentation
8.9.1 Example for Configuring Frame Relay Traffic Shaping

Router A is connected to a frame relay network through the interface Serial 4/0/0. The required average rate of the router to send packets is 96 kbit/s, the maximum rate is 128 kbit/s and the minimum rate is 32 kbit/s. The router has self-adaptive traffic adjustment function. For packets with BECN flag, the adjustment ratio every time is 20. PQ is required to ensure all IP packets from the network segment 10.0.0.0 could pass first. Figure 8-1 Networking diagram of FRTS
10.0.0.0/8
RouterA Ethernet1/0/0 Serial4/0/0 DTE
Frame Relay Network
Configuring Roadmap
The configuration roadmap is as follows:
1. 2. 3. 4. 5.
Configure basic FR functions. Define a preferential queue group 1 to allow packets from specified network segment pass first. Create an FR class and configure TS parameters for FR. Configure Serial 4/0/0 and enable FRTS. Create an FR virtual link and associate it with the FR class.
Data Preparation
l l
ACL number CIR, minimum CIR, CBS, and PBS
Do as follows on Router A: 1. Configure basic FR functions. See the chapter "Frame Relay Configurtation" in the Quidway NetEngine80E/40E Router Configuration Guide - WAN Access. 2. Define a preferential queue group 1 to allow all IP packets from the network segment 10.0.0.0 pass first.
<RouterA> system-view [RouterA] acl number 2001 [RouterA-acl-basic-2001] rule permit source 10.0.0.0 0 [RouterA-acl-basic-2001] quit [RouterA] qos pql 1 protocol ip acl 2001 queue top
3.
Create an FR class and configure FRTS parameters.

[RouterA] fr class 96k [RouterA-fr-class-96k] [RouterA-fr-class-96k] [RouterA-fr-class-96k] [RouterA-fr-class-96k] [RouterA-fr-class-96k] [RouterA-fr-class-96k] [RouterA-fr-class-96k] cir allow outbound 96000 cir 32000 cbs outbound 96000 pbs outbound 32000 traffic-shaping adaptation becn 20 pq pql 1 quit
4.
Configure Serial 4/0/0 and enable FRTS on it.

[RouterA] interface pos 4/0/0 [RouterA-Pos4/0/0] link-protocol fr [RouterA-Pos4/0/0] ip address 1.1.1.1 255.255.255.0 [RouterA-Pos4/0/0] fr traffic-shaping
5.
Create an FR virtual circuit and associate it with the FR class

[RouterA-Pos4/0/0] fr dlci 16 [RouterA-fr-dlci-Pos4/0/0-16] fr-class 96k
6.
Verify the configuration. After the preceding configurations, you can find that the packets from 10.0.0.0 are sent preferentially when passing Router A and packet rates are controlled to be 96 kbit/s.
Configuration Files
The configuration file of Router A is as follows:
#
Issue 03 (2008-09-22)
8-23

sysname RouterA # qos pql 1 protocol ip acl 2001 queue top # acl number 2001 rule 5 permit source 10.0.0.0 0 # interface Serial4/0/0 link-protocol fr fr traffic-shaping fr dlci 16 fr-class 96K ip address 1.1.1.1 255.255.255.0 # fr class 96K cir allow outbound 96000 cbs outbound 96000 pbs outbound 32000 cir 32000 traffic-shaping adaptation becn 20 pq pql 1 # return
8.9.2 Example for Configuring Frame Relay Fragmentation

As shown in Figure 8-2, Router A, and Router B are connected through the frame relay network. The required average rate of the routers to send packets is 96 kbit/s, the maximum rate is 128 kbit/s and the minimum rate is 32 kbit/s. FR fragmentation is enabled with the size of the fragment is 80 bytes. Figure 8-2 Networking diagram of FR fragmentation
Serial4/0/0 10.1.1.1/8 RouterA
Frame Relay Network
Serial5/0/0 20.1.1.1/8 RouterB
The configuration road map is as follows: 1. 2. 3. Create frame relay classes, configure traffic shaping parameters, and enable the frame relay fragmentation function. Configure the link encapsulation type of the interface to frame relay and enable FRTS on the interface. Create frame relay virtual circuits and associate frame relay classes with the virtual circuits.
Data Preparation
l
CIR, minimum CIR, CBS, and PBS

8-24

l
Sizes of frame relay fragments
1. Create frame relay classes, configure traffic shaping parameters, and enable the frame relay fragmentation function. # Create frame relay classes on Router A.
<RouterA> system-view [RouterA] fr class test1 [RouterA-fr-class-test1] [RouterA-fr-class-test1] [RouterA-fr-class-test1] [RouterA-fr-class-test1] [RouterA-fr-class-test1] cir allow outbound 64000 cir 32000 cbs outbound 64000 pbs outbound 64000 fragment 80
# Create frame relay classes on Router B. This configuration is similar to that on Router A, so it is not mentioned here. 2. Configure the link encapsulation type of the interface to frame relay and enable FRTS on the interface. # Configure Serial 4/0/0 on Router A.
[RouterA] interface Serial 4/0/0 [RouterA-Serial4/0/0] link-protocol fr [RouterA-Serial4/0/0] ip address 10.1.1.1 255.0.0.0 [RouterA-Serial4/0/0] fr traffic-shaping
# Configure Serial 5/0/0 on Router B.

[RouterB] interface Serial 5/0/0 [RouterB-Serial5/0/0] link-protocol fr [RouterB-Serial5/0/0] ip address 20.1.1.1 255.0.0.0 [RouterB-Serial5/0/0] fr traffic-shaping
3.
Create frame relay virtual circuits and associate frame relay classes with the virtual circuits. # Create DLCI 16 on Router A and apply the frame relay class with the name test1 to DLCI 16.
[RouterA-Serial4/0/0] fr dlci 16 [RouterA-fr-dlci-Serial4/0/0-16] fr-class test1
# The configuration on Router B is similar to that on Router A, so it is not mentioned here. 4. Verify the configuration. # Take Router A as an example. Running the display fr fragment-info command on Router A, you can view that the size of the fragment is 80.
<RouterA> display fr fragment-info interface Serial Serial4/0/0 dlci type size in/out/drop 16 FRF12(ETE) 80 0/0/0
Configuration Files
l

# sysname RouterA # interface Serial4/0/0 link-protocol fr fr traffic-shaping fr dlci 16 fr-class test1 ip address 10.1.1.2 255.0.0.0 # fr class test1
Issue 03 (2008-09-22)
8-25

cir allow outbound 64000 cbs outbound 64000 pbs 64000 fragment 80 cir 32000 # return l

# sysname RouterB # interface Serial5/0/0 link-protocol fr fr traffic-shaping fr dlci 16 fr-class test1 ip address 10.1.1.1 255.0.0.0 # fr class test1 cir allow outbound 64000 cbs outbound 64000 pbs 64000 fragment 80 cir 32000 # return
8-26
Issue 03 (2008-09-22)
9 HQoS Configuration
9
About This Chapter
HQoS Configuration
This chapter describes the basic concept, configuration procedure and examples of HQoS. 9.1 Overview This section covers basic concepts of HQoS. 9.2 Configuring HQoS on an Ethernet Interface This section describes the configuration of HQoS on an Ethernet interface. 9.3 Configuring HQoS on a QinQ Termination Sub-interface This section describes the HQoS configuration on the QinQ interface. 9.4 Configuring HQoS on a CPOS or E3/T3 Interface This section describes the configuration of HQoS on an E3 or T3 interface. 9.5 Configuring HQoS Based on the PBB-TE Tunnels This section describes the procedure of configuring HQoS on a PBB-TE tunnel. 9.6 Configuring Class-based HQoS This section describes the procedure of configuring Class-based HQoS. 9.7 Configuring Template-based HQoS This section describes how to configure template-based HQoS. 9.8 Maintaining HQoS This section introduces how to clearing queue statistics. 9.9 Configuration Examples This section presents the examples for configuring HQoS on the Ethernet interface, QinQ interface, CPOS interface, E3 or T3 interface, and PBB-TE tunnel.
Issue 03 (2008-09-22)
9-1
9.1 Overview
This section covers basic concepts of HQoS. 9.1.1 Introduction to HQoS 9.1.2 Related Concepts 9.1.3 HQoS Supported by the NE80E/40E
9.1.1 Introduction to HQoS

Traditional QoS performs traffic scheduling on the basis of the interface. A single interface can distinguish service priorities but cannot identify users or services among users. Packets of the same priority go to the same interface queue; they compete for the same queue resource. As a result, the traditional QoS is unable to identify a type of packets from a specific user on an interface and to provide differentiated services for this type of packets. Figure 9-1 shows the queue scheduling principle of traditional QoS. Figure 9-1 Principle of traditional QoS queue scheduling
For example, two users want to send AF4 packets at the same time: user 1 sends packets at 10 Mbit/s and user 2 sends packets at 1 Gbit/s. The traffic rate of AF4, however, is limited to 10 Mbit/s. Traditional QoS does not identify user features. Because user 2 sends AF4 packets at a higher rate, these packets are most likely to enter the queue whereas packets from user 1 are most likely to be discarded. This mechanism results in the fact that user 1's traffic is susceptible to other users' traffic. This is unfavorable for a telecommunication carrier to develop services specific to certain enterprises or subscribers. The reason is that a carrier is unable to ensure the quality of service for traffic of all users; as a result, the carrier is unable to attract more users to buy its products and services. Nowadays, network users and services are expanding continuously. Users and service providers both expect user-specific and segmented services so that users can obtain better quality of service and service providers can draw more profits. HQoS can provide better user-specific quality of service for advanced users and save cost in network operation and maintenance. Therefore, HQoS is highly demanded by the market.
9.1.2 Related Concepts

Flow Queue
HQoS enables a router to perform user-specific queue scheduling. You can restrict the bandwidth of a user by setting the CIR and PIR. A user's service can be divided into eight FQs. You can configure the PQ, WFQ or LPQ scheduling and WRED for each flow queue and configure the traffic rate for traffic shaping.
Subscriber Queue
A subscriber queue (SQ) is a virtual queue. A virtual queue means that there is no buffer for the queue; data of the queue enters or leaves the queue without any delay. The queue is only a level in hierarchical scheduling for output packets. Each SQ maps eight types of FQ priority and can be configured with one to eight FQs. Idle queues cannot be used by other SQs, that is, one to eight FQs share the total SQ bandwidth. Each SQ maps one user, either a VLAN user or a VPN user. Each user can use one to eight FQs. You can define the CIR and PIR for the SQ.
Group Queue
One group queue (GQ) consists of multiple SQs that are bound together to carry out Level-3 queue scheduling. GQ functions to limit the traffic rate of a group of users together. It is recommended that the PIR is no less than the sum of CIRs of the SQ. Otherwise, the traffic rate of an SQ in the GQ cannot be guaranteed. GQ is also a virtual queue. Each SQ can be bound to only one GQ. If it is not bound to any GQ, the router skips Level-3 queue scheduling. GQ can perform traffic shaping. You can set the traffic shaping rate for a GQ.
Class Queue
In HQoS scheduling, packets of the FQ, after CQ scheduling, enter the CQ on the port together with common packets. When packets of an FQ enter a CQ, the router supports two priority mapping models:
l
Uniform The eight levels of FQs of each SQ map the eight CQs on a port. The mapping is predetermined by the system.
Pipe The mapping between the eight levels of FQs of the SQ and the eight CQs on the port can be configured manually. The pipe model does not impact the priority of packets.
9.1.3 HQoS Supported by the NE80E/40E

HQoS Implementation on an Ethernet Interface
A router performs five-level HQoS scheduling on an Ethernet interface for upstream traffic and downstream traffic each on Ethernet interfaces and as a result provides rich QoS services for users. Figure 9-2 shows the principle of HQoS scheduling on an Ethernet interface.
Figure 9-2 Principle of HQoS scheduling on an Ethernet interface
Upstream HQoS Upstream HQoS queues fall into five levels: Flow Queue (FQ) Subscriber Queue (SQ) Group Queue (GQ) Target Blade (TB) Class Queue (CQ), as shown in Figure 9-3.
9-4
Issue 03 (2008-09-22)
Figure 9-3 Upstream HQoS scheduling on an Ethernet interface
1.
Level-1 queue scheduling: FQ An FQ is a physical queue, which is identified by the priority of a user service and used to store the data of each flow temporarily. A delay occurs when the data enters or leaves the queue. You can set the scheduling weight, shaping value, and flow-wred object for each FQ. The mapping between the two levels of physical queues, namely FQ and CQ can be implemented according to the customized flow mapping template.
2.
Level-2 queue scheduling: SQ The SQ is a virtual queue. A virtual queue means that there is no buffer for the queue and data of the queue enters or leaves the queue without any delay. The queue serves only as a level in the hierarchical scheduling for output scheduling. You can set the scheduling weight, CIR, and PIR for each SQ; you can also set quoted flow queue, flow mapping, customer group queue objects.
Issue 03 (2008-09-22)
9-5
One SQ maps eight types of FQs. You can set to use some of them according to the actual conditions. But no more than eight types can be set. Idle FQs cannot be used by other SQs, that is, one to eight FQs share the total SQ bandwidth. In application, each SQ maps one user, either a VLAN user or a VPN user. Each user can use one to eight service priority FQs. An SQ can quote only one GQ or nothing. 3. Level-3 queue scheduling: GQ GQ is also a virtual queue. One group queue (GQ) consists of multiple SQs that are bound together to carry out queue scheduling of the third level. You can set the shaping value for each GQ. GQ performs virtual scheduling and can only limit the traffic rate. Each SQ can be bound to only one GQ. If it is not bound to any GQ, the router does not perform third-level queue scheduling. One GQ can schedule multiple SQs. 4. Level-4 queue scheduling: TB TB performs queue scheduling among boards. A TB has four buffer queues, which map four service CQs respectively. This scheduling works inside the system and cannot be configured by users. 5. Level-5 queue scheduling: CQ CQ is a physical queue. Each physical interface for upstream HQoS maps four CQs, which identify users' upstream service flows. You can set the scheduling weight, shaping value, and port-wred object for each CQ. After CQ scheduling, users' data is forwarded at a high rate through the switching fabric card (SFC). Upstream HQoS scheduling of CQs cannot be configured by users; it works inside the system.
l
Processing of Upstream HQoS on Ethernet Interfaces 1. 2. The router performs simple traffic classification of packets and marks a packet with one of the eight service priorities. The classified packets are identified as SQ or GQ on the interface. Then they enter the eight FQs of SQ according to the service priority.
To shape the FQ, a user can set the FQ congestion avoidance parameters and queue scheduling policy; a user can also set the mapping of an SQ service to a CQ.
NOTE
You can set PQ, WFQ, and LPQ scheduling mode for FQ. The three queue scheduling modes are in the following sequence of priority (from high to low): PQ > WFQ > LPQ A queue of high priority can preempt the bandwidth of a queue of low priority.
Users can set an SQ bandwidth, a GQ name, and the FQ quotation relations. Each SQ can be bound to only one GQ. If it is not bound to any GQ, the router does not perform third-level queue scheduling. Users can set a bandwidth for a GQ.
3.
In queue scheduling, the scheduler first checks whether the GQ has sufficient bandwidth.
If the GQ has sufficient bandwidth resources, the router forwards the SQ packets in the GQ at the configured bandwidth. If the GQ does not have sufficient bandwidth resources, the packets in the GQ are in the waiting state and not forwarded.
4.
9-6
The system checks whether the SQs in the GQ have sufficient bandwidth resources.
If the SQs have sufficient bandwidth resources, the router forwards the FQ packets in the SQ at the configured bandwidth. If the SQs do not have sufficient bandwidth resources, the packets in the SQ are in the waiting state and not forwarded.
5. 6.
l
The packets in the FQ are given TB scheduling; these packets then enter the CQ according to the bound mapping relationship between the FQ and the CQ. The packets are then forwarded through the SFC after CQ scheduling.
Downstream HQoS The downstream HQoS scheduling falls into five levels: Flow Queue Subscriber Queue (virtual queue) Group Queue (virtual queue) Class Queue target port, as shown in Figure 9-4.
Issue 03 (2008-09-22)
9-7
Figure 9-4 Downstream HQoS scheduling on an Ethernet interface
The three levels of queue scheduling, namely, Level-1 queue scheduling (FQ), Level-2 queue scheduling (SQ), and Level-3 queue scheduling (GQ) are the same as those of the upstream HQoS scheduling. Level-4 queue scheduling: CQ. CQ is a physical queue. Each physical interface for downstream HQoS maps eight CQs, which identify users' downstream service flows
according to service priorities. You can set the scheduling weight, shaping value, and portwred object for each CQ. Users' data is mapped to the CQ for scheduling according to the configured mapping between the FQ and the CQ. Level-5 queue scheduling: TP. TP schedules data among the interfaces. TP has buffer queues, which maps eight CQ service queues. Being given TP scheduling, users' data is forwarded through the corresponding interface. This scheduling works inside the system and is not configured by users. The processing of downstream HQoS is similar to that of upstream HQoS and is not described here. The only difference is that users can set the congestion avoidance parameters and queue scheduling policy to shape the CQ. The requirement of HQoS deployment can be on the user side or the network side. To meet the requirement, the product can perform upstream and downstream HQoS. You can configure the parameters in different positions according to users' requirements and choose to implement HQoS independently or jointly. You can configure HQoS for five-level scheduling on the Ethernet, GE, Eth-Trunk, VirtualEthernet, or POS (encapsulated with an FR link protocol) interface, or the corresponding sub-interfaces.
HQoS Implementation on a CPOS or E3/T3 Interface

Figure 9-5 shows the Level-2 queue scheduling for HQoS on the CPOS, E3, or T3 interface. Figure 9-5 HQoS on a CPOS or E3/T3 interface
On E3 and T3 interface, HQoS adopts two levels of scheduling, as shown in Figure 9-5.
l
The first level of scheduling supports bandwidth allocation to each user. It controls the bandwidth of each user and guarantees bandwidth of each user upon traffic congestion. The second level of scheduling supports three modes: PQ, CBPQ and CBFQ for eight kinds of services (BE, AF1, AF4, EF, CS6 and CS7).
Processing of HQoS on a CPOS, E3, or T3 interface 1. 2. The router performs simple or complex traffic classification and marks the packets with one of the eight service priorities. After traffic classification, packets go into corresponding channel for traffic policing. Here, the channel is like a user. For example, each serial interface corresponds to one user and a channel corresponds to one user. Level-1 scheduling is now complete.
3.
Each channel can be configured with eight CARs, mapping a classified flow respectively. CAR works in token bucket mode. Each CAR is allocated with a certain bandwidth, which is called the size of a token bucket. The total bandwidth of the eight CARs is the same as the channel bandwidth. For example, if the channel bandwidth of Seria1 1/2/0/0:1 is 10 Mbit/s, the total bandwidth of the eight CARs for the serial interface is also 10 Mbit/s. You can set the CAR bandwidth of CS7 to AF1, and the remaining bandwidth is the CAR bandwidth for BE. The scheduling before CAR configuration is in three modes: PQ, CBPQ, and CBFQ. Level-2 scheduling is now complete.
4.
After being processed in the CAR bucket, the packets enter the channel. Each channel has one primary queue and one secondary queue. The total size of the two queues is the size of the channel. For example, the bandwidth of Serial 1/2/0/0:1 is 10 Mbit/ s, and thus the total size of the two queues is 10 Mbit/s. This guarantees the bandwidth of different users and ensures queue scheduling of services of each user according to the priority. Usually, only the primary queue is used. The secondary queue is used only when the total size of the CAR bucket changes. This case may occur on the MP interface because the status change of members (Up or Down) of the MP interface can impact the total MP bandwidth. In this case, the size of the CAR bucket and the queue size need to be changed. When the queue size is changed, there should be no packets in the queue. Before the queue size is changed, traffic is switched from the primary queue to the secondary queue. After the queue size is changed, traffic is then switched back to the primary queue. Fair scheduling is adopted between the two queues of a channel. No congestion occurs during the scheduling because the total bandwidth of the two queues is equal to or less than the bandwidth of the physical interface.
5.
Packets go into the physical interface and are sent out.
Class-based HQoS
Class-based Hierarchical Quality of Service (HQoS), which integrates the complex traffic classification (CTC) and HQoS, is an extension of interface-based HQoS. Interface-based HQoS takes the traffic on an interface or a sub-interface as only one user's. In actual networking, carriers hope to use an interface or a sub-interface to provide hierarchical traffic scheduling for multiple users. Interface-based HQoS, however, is incapable of further classifying users based on the traffic on one interface. Integrating the classification function of the CTC and the queue scheduling function of HQoS, class-based HQoS enables segmented classification and hierarchical scheduling of classified traffic. The device carries out class-based HQoS as follows:
l l
Classifies traffic that needs HQoS scheduling through the CTC. Configures HQoS parameters by taking all the packets that match a classifying rule as one user. The system then distributes resources according to the configured HQoS parameters for HQoS scheduling.
9-10
Issue 03 (2008-09-22)

NOTE
To configure interface-based HQoS, you need to directly configure Subscriber Queues (SQs) on an interface; you also need to specify the parameter inbound or outbound to configure upstream HQoS scheduling or downstream HQoS scheduling on the interface. To configure class-based HQoS, you need to configure SQs in a traffic behavior. The HQoS configuration takes effect after you apply the traffic policy that contains the traffic behavior to an interface. Class-based HQoS is valid to upstream traffic only. In the two HQoS modes, the configurations of Flow Queues (FQs), Group Queues (GQs), and Class Queues (CQs) are the same. The interior scheduling mechanism for class-based HQoS is exactly the same as that for interface-based HQoS.
l l l
Class-based HQoS supports the Ethernet interface, GE interface, Eth-Trunk interface, and the layer-2 interface and sub-interface of the preceding three types of interfaces. Class-based HQoS also supports the POS interface, IP-Trunk interface, RINGIF interface, and tunnel interface.
9.2 Configuring HQoS on an Ethernet Interface

This section describes the configuration of HQoS on an Ethernet interface.
NOTE
Configuring upstream HQoS on an Ethernet interface is independent from that of downstream HQoS. They do not affect each other. Currently you can configure only FQ, SQ, and GQ for upstream HQoS on an Ethernet interface. CQ, however, adopts the default setting of the system and does not need your configuration. You can configure all FQ, SQ, GQ, and CQ when for downstream HQoS on an Ethernet interface. It is recommended that you configure upstream FQ, SQ, and GQ, and downstream CQ on the Ethernet interface. You do not need to configure both upstream CQ and downstream CQ.
9.2.1 Establishing the Configuration Task 9.2.2 (Optional) Configuring an FQ WRED Object 9.2.3 (Optional) Configuring Scheduling Parameters of an FQ 9.2.4 (Optional) Configuring Mapping from an FQ to a CQ 9.2.5 (Optional) Configuring the Traffic Shaping of a GQ 9.2.6 Configuring Scheduling Parameters of an SQ 9.2.7 (Optional) Configuring a CQ WRED Object 9.2.8 (Optional) Configuring Scheduling Parameters of a CQ 9.2.9 Checking the Configuration

HQoS is mostly used on the user side of
l
A PE device of a backbone network

Issue 03 (2008-09-22)
l
An access router of an access network.
In the case of multiple user access and multiple service access, HQoS can differentiate users (VLAN users or VPN users) in a network for priority scheduling and bandwidth guarantee. In addition, HQoS can also save the costs in network operation and maintenance. To differentiate users and provide hierarchical QoS for them, HQoS divides a GE interface into multiple sub-interfaces. Each user occupies one GE sub-interface for service access. In this manner, the interface bandwidth can be better utilized. Figure 9-6 provides a typical networking diagram for VLAN user access through sub-interfaces. Figure 9-7 provides a typical networking diagram for VPN user access through sub-interfaces. The procedures of configuring HQoS in the two environments are the same. Figure 9-6 Typical networking diagram for VLAN user access through sub-interfaces
Figure 9-7 Typical networking diagram for VPN user access through sub-interfaces
Before configuring HQoS, complete the following tasks:
l
Configuring IP addresses for the interfaces

9-12

l l
Configuring IP routing protocol on the routers and ensure that the link works normally Configuring simple traffic classification
NOTE
Before you configure the HQoS function, it is recommended that you configure the simple traffic classification or complex traffic classification; otherwise, in FQ scheduling all traffic is considered BE by default.
Data Preparation
To configure HQoS, you need the following data. No. 1 2 3 4 5 6 7 8 Data VLAN IDs (Optional) Parameters of flow-wred packet discarding (Optional) Algorithms for flow-queue scheduling and related parameters (Optional) Service class mappings for flow-mapping (Optional) A value of user-group-queue shaping Values of CIR, PIR, and network-header-length (Optional) Parameters of port-wred referenced by port-queue scheduling (Optional) Algorithms for port-queue scheduling and related parameters, and the shaping value
9.2.2 (Optional) Configuring an FQ WRED Object

Context
Procedure
Step 1 Run:
system-view

The flow-wred is created and the flow-wred view is displayed. Step 3 Run:
color { green | yellow | red } low-limit low-limit-percentage high-limit high-limitpercentage discard-percentage discard-percentage-value
The high and low limit percentages and the drop probability are set for different colors of packets.
NOTE
l l l
When no flow-wred objects are set, the system adopts the default tail-drop policy. The high and low limit percentages for red packets can be set to the minimum; those for yellow packets can be greater; those for green packets can be set to the maximum. In the actual configuration, the low limit percentage of WRED is recommended to begin with 50% and be adjusted according to different colors of packets. 100% is recommended for the drop probability.
Through configuring a flow-wred object, users can set high limit percentage, low limit percentage, and drop probability for queues.
l
When the percentage of the actual length of a queue over the length of a CQ is less than the low limit percentage, the system does not drop packets. When the percentage of the actual length of a queue over the length of a CQ is between the low limit percentage and the high limit percentage, the system drops packets through the WRED mechanism. The longer the queue length, the higher the drop probability is. When the percentage of the actual length of a queue over the length of a CQ is greater than the high limit percentage, the system drops all subsequent packets.
You can create multiple flow-wred objects for being referenced by FQs as required. You can configure up to 127 flow-wred objects in the system. ----End
9.2.3 (Optional) Configuring Scheduling Parameters of an FQ

Context
Procedure
Step 1 Run:
system-view

The FQ view is displayed. Step 3 Run:

queue cos-value { [ pq | wfq weight weight-value | lpq ] | [ shaping { shapingvalue | shaping-percentage shaping-percentage-value } ] | flow-wred wred-name } *
A queue scheduling policy for a class is set.
9-14
Issue 03 (2008-09-22)

NOTE
You can configure scheduling parameters in one flow queue template for the eight FQs of a subscriber respectively. If you do not configure a flow queue, the system uses the default flow queue template.
l l l l
By default, the system performs PQ scheduling on the FQs with the priorities of ef, cs6, and cs7. The system defaults the FQs with the priorities of be, af1, af2, af3, and af4 to WFQ. The scheduling weight is 10:10:10:15:15. By default, the system performs no traffic shaping. The default discarding policy is the tail drop.
----End
9.2.4 (Optional) Configuring Mapping from an FQ to a CQ

Context
Procedure
Step 1 Run:
system-view

flow-mapping mapping-name
The flow mapping view is displayed. Step 3 Run:

map flow-queue cos-value to port-queue cos-value
The priority mapping from a flow queue to a CQ is set.

NOTE
You can configure eight mappings from the flow queue to the port queue in one flow queue mapping template. When no mapping from the flow queue to the CQ is set, the system defaults the one-to-one mapping.
Users can create multiple flow-mapping templates for being referenced by SQs as required. You can configure up to 15 flow-mapping templates in the system. ----End
9.2.5 (Optional) Configuring the Traffic Shaping of a GQ

Context
Procedure
Step 1 Run:
system-view

user-group-queue group-name [ slot slot-id ]
The specified GQ view is displayed. Step 3 Run:

shaping shaping-value { inbound | outbound }
The shaping value is set for the GQ.

NOTE
When traffic shaping is not configured for the GQ, the system performs no traffic shaping by default.
GQs fall into two types: board GQs and global GQs.
l l
A board GQ is created if you specify the slot number of the board to which a GQ belongs. A global GQ is created if you do not specify the slot number of a board to which a GQ belongs. This means that you create a GQ on all slots.
----End
9.2.6 Configuring Scheduling Parameters of an SQ

Context
Do as follows on the upstream interface of the router:
Procedure
Step 1 Run:
system-view

interface interface-type interface-number[ sub-interface-number ]
View of the specified interface is displayed. Step 3 Run:

user-queue cir cir-value [ [ pir pir-value ] | [ flow-queue flow-queue-name ] | [ flow-mapping mapping-name ] | [ user-group-queue group-name ] ] *{ inbound | outbound }[ service-template service-template-name ]
Queue scheduling parameters are set for SQ and HQoS is enabled.

NOTE
To set the presion scheduling length for a service template run the command network-header-length in the service-template view.
----End
9.2.7 (Optional) Configuring a CQ WRED Object

Context
Procedure
Step 1 Run:
system-view

A port-wred object is created and the port-wred view is displayed. Step 3 Run:
The low limit percentage, high limit percentage, and drop probability are set.
NOTE
When no port-wred objects are set, the system adopts the default tail-drop policy.
Through configuring a port-wred object, users can set the high limit percentage, low limit percentage, and drop probability for queues.
l
Users can create multiple port-wred objects for being referenced by CQs as required. The system provides one default port-wred object. You can configure a maximum of seven more port-wred objects. ----End
9.2.8 (Optional) Configuring Scheduling Parameters of a CQ
Issue 03 (2008-09-22)
9-17
Context
CAUTION
In upstream HQoS scheduling on an Ethernet interface, CQ adopts the default scheduling setting of the system and is not configured by users. It is recommended that users configure downstream CQ on an Ethernet interface so that the backbone network is not congested. Do as follows on the downstream interface of the router:
Procedure
Step 1 Run:
system-view


A queue scheduling policy for different CQs is set.

NOTE
You can configure eight CQ scheduling parameters respectively on one interface. When no CQ is configured, the system adopts the default CQ template.
l l l l
By default, the system performs PQ on the flow queues with the priorities of ef, cs6, and cs7. By default, the system performs WFQ on the flow queues with the priorities of be, af1, af2, af3, and af4. The scheduling weight is 10:10:10:15:15. By default, the system performs no traffic shaping. The discarding policy defaults to tail drop.
----End

Run the following commands to check the preceding configuration. Action Check the configured parameters of a flow queue mapping object and the referential relations of the object.
9-18
Command display flow-mapping configuration [ verbose [ mapping-name ] ]
Issue 03 (2008-09-22)
Action Check the configuration of a flow queue template. Check the configured parameters of a flow queue WRED object. Check the HQoS configuration on interfaces. Check the configuration of a GQ and the referential relations. Check the configured parameters of a CQ WRED object. Check the detailed configuration of a CQ. Check the statistics of SQs on a specified interface. Check the statistics of a GQ. Check the statistics of a CQ.
Command display flow-queue configuration [ verbose [ flow-queue-name ] ] display flow-wred configuration [ verbose [ flowwred-name ] ] display user-queue configuration interface interface-type interface-number [ inbound | outbound ] display user-group-queue configuration [ verbose [ group-name ] ] display port-wred configuration [ verbose [ port-wred-name ] ] display port-queue configuration interface interface-type interface-number outbound display user-queue statistics interface interfacetype interface-number { inbound | outbound } display user-group-queue group-name statistics [ slot slot-id ] { inbound | outbound } display port-queue statistics interface interfacetype interface-number [ cos-value ] outbound
Running the display user-queue statistics interface interface-type interface-number { inbound | outbound } command, you can view the statistics of an SQ on a specified interface. The statistic information covers that of every service of an SQ. For example:
<Quidway> display user-queue statistics interface gigabitethernet 6/0/0 inbound GigabitEthernet6/0/0 inbound traffic statistics: [be] Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes Last 30 seconds pass rate: 0 pps, 0 bps Last 30 seconds discard rate: 0 pps, 0 bps [af1] Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes Last 30 seconds pass rate: 0 pps, 0 bps Last 30 seconds discard rate: 0 pps, 0 bps [af2] Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes Last 30 seconds pass rate: 0 pps, 0 bps Last 30 seconds discard rate: 0 pps, 0 bps [af3] Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes
Issue 03 (2008-09-22)
9-19
Last 30 seconds pass rate: 0 pps, Last 30 seconds discard rate: 0 pps, [af4] Pass: Discard: Last 30 seconds pass rate: Last 30 seconds discard rate: 0 pps, [ef] Pass: Discard: Last 30 seconds pass rate: Last 30 seconds discard rate: 0 pps, [cs6] Pass: Discard: Last 30 seconds pass rate: Last 30 seconds discard rate: 0 pps, [cs7] Pass: Discard: Last 30 seconds pass rate: Last 30 seconds discard rate: 0 pps, [total] Pass: Discard: Last 30 seconds pass rate: Last 30 seconds discard rate: 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps,
0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps
Running the display user-group-queue group-name statistics [ slot slot-id ] { inbound | outbound } command, you can view the statistics of a GQ. For example:
<Quidway> display user-group-queue test statistics inbound test inbound traffic statistics: [slot 6] total: Pass: 855, 444 packets, 88, 193, 994 bytes Discard: 22, 815, 639 packets, 2, 467, 264, 575 bytes [slot all] total: Pass: 855, 444 packets, 88, 193, 994 bytes Discard: 22, 815, 639 packets, 2, 467, 264, 575 bytes
Running the display port-queue statistics interface interface-type interface-number [ cosvalue ] outbound command, you can view the statistics of a CQ. For example: Display the statistics of the AF1 queue on GE 2/0/1.
<Quidway> display port-queue statistics interface gigabitethernet 2/0/1 af1 outbound [af1] Total pass: 27,697,521 packets, 2,006,796,750 bytes Total discard: 0 packets, 0 bytes --Drop tail discard: 0 packets, 0 bytes --Wred discard: 0 packets, 0 bytes
9-20
Issue 03 (2008-09-22)

Last 30 seconds pass rate: 0 pps, Last 30 seconds discard rate: 0 pps, --Drop tail discard rate: 0 pps, --Wred discard rate: 0 pps,
0 bps 0 bps 0 bps 0 bps
9.3 Configuring HQoS on a QinQ Termination Subinterface

This section describes the HQoS configuration on the QinQ interface. For details of the QinQ principle and configuration, refer to "QinQ Configuration" in the Quidway NetEngine80E/40E Quidway NetEngine80E/40E Configuration Guide LAN Access and MAN Access. 9.3.1 Establishing the Configuration Task 9.3.2 (Optional) Configuring an FQ WRED Object 9.3.3 (Optional) Configuring Scheduling Parameters of an FQ 9.3.4 (Optional) Configuring Mapping from an FQ to a CQ 9.3.5 (Optional) Configuring the Traffic Shaping of a GQ 9.3.6 Enabling QinQ on an Interface 9.3.7 Configuring QinQ on a Sub-interface 9.3.8 Configuring a VLAN Group 9.3.9 Configuring Scheduling Parameters of an SQ 9.3.10 (Optional) Configuring a CQ WRED Object 9.3.11 (Optional) Configuring Scheduling Parameters of a CQ 9.3.12 Checking the Configuration

The QinQ HQoS technology is mostly used on the user side of the edge PE in a backbone network. When packets of multiple VLAN users, after users' two-layer tags being terminated on the QinQ termination sub-interface, enter the ISP network, the ISP network can identify only the service types of packets instead of users. The HQoS function configured on a QinQ termination sub-interface enables the system to identify both services and users in the network when packets of multiple VLAN users enter the ISP network. After this, the system performs priority scheduling and provides bandwidth guarantee for services of high priority.
You need to configure HQoS features of a QinQ termination sub-interface in the vlan-group view of the QinQ termination sub-interface.
l
Configuring the physical parameters and link attributes to ensure normal operation of the interfaces Configuring IP addresses of the interfaces Configuring the IP routes on the router and keeping the link be connected Configuring simple traffic classification
NOTE
l l l
Data Preparation
To configure HQoS on a QinQ termination sub-interface, you need the following data. No. 1 2 3 4 5 6 7 8 9 Data VLAN-group ID QinQ termination sub-interface number (Optional) Parameters of flow-wred (Optional) Algorithms for flow-queue scheduling and related parameters (Optional) Service class mappings for flow-mapping (Optional) A value of user-group-queue shaping Values of CIR, PIR, and network-header-length (Optional) port-wred parameters of port-queue (Optional) Algorithms for port-queue scheduling and related parameters and shaping values

Context
Procedure
Step 1 Run:

system-view

color { green | yellow | red } low-limit low-limitpercentage high-limit highlimit- percentage discard-percentage discard-percentage-value
The high and low limit percentages and drop probability are set for different colors of packets.
NOTE
l l l
l
Users can create multiple flow-wred objects for being referenced by FQs as required. You can configure up to 127 flow-wred objects in the system. When no flow-wred objects are set, the system adopts the default tail-drop policy. ----End

Context
Procedure
Step 1 Run:
system-view

Issue 03 (2008-09-22)
9-23

The queue scheduling policy is set.

NOTE
You can configure scheduling parameters in one flow queue template for the eight FQs of a subscriber respectively. When no FQ is configured, the system adopts the default FQ template.
l l l l
By default, the system performs PQ on the FQs with the priorities of ef, cs6, and cs7. The system defaults the FQs with the priorities of be, af1, af2, af3, and af4 to WFQ. The scheduling weight is 10:10:10:15:15. By default, the system performs no traffic shaping. The discarding policy defaults to tail drop.
----End

Context
Procedure
Step 1 Run:
system-view


The mapping between a service class of FQ and a service class of CQ is set.

NOTE
You can configure eight mappings from flow-queue to port-queue in one flow queue mapping template. When no mapping from the FQ to the CQ is set, the system defaults the one-to-one mapping.

Context
Procedure
Step 1 Run:
system-view



NOTE
l l
----End
9.3.6 Enabling QinQ on an Interface

Context
Do as follows on the upstream interface of the router:
Procedure
Step 1 Run:
system-view

The view of the specified interface is displayed. Step 3 Run:

mode user-termination
The interface is set to work in user termination mode and QinQ is enabled on the master interface. ----End
9.3.7 Configuring QinQ on a Sub-interface

Context
Do as follows on the QinQ sub-interface of the router:
Procedure
Step 1 Run:
system-view

interface interface-type interface-number.sub-interface
A QinQ sub-interface is created and the QinQ sub-interface view is displayed. Step 3 Run:
control-vid vid qinq-termination
The VLAN encapsulation mode is set to QinQ. Step 4 Run:

qinq termination pe-vid pe-vid ce-vid low-ce-vid [ to high-ce-vid ] [ vlan-group group-id ]
The QinQ sub-interface termination is configured. Step 5 Run:

quit
Exit from the QinQ sub-interface view. ----End
9.3.8 Configuring a VLAN Group

Context
Do as follows on the master QinQ interface of the router:
Procedure
Step 1 Run:
system-view

interface interface-type interface-number.sub-interface
The view of the specified QinQ sub-interface is displayed. Step 3 Run:

vlan-group vlan-group-id
9-26
Issue 03 (2008-09-22)
A VLAN group is created and the view of the VLAN group is displayed. Step 4 Run:
quit
Exit from the VLAN group view. ----End

Context
Do as follows on the vlan-group view of the QinQ sub-interface of the router:
Procedure
Step 1 Run:
system-view

interface interface-type interface-number[ sub-interface-number ]
View of the specified sub-interface is displayed. Step 3 Run:

vlan-group vlan-group-id
The view of the specified VLAN group is displayed. Step 4 Run:

The parameters of the SQ scheduling are set and HQoS is enabled on the sub-interface.
NOTE
----End

Context
Procedure
Step 1 Run:
system-view
Issue 03 (2008-09-22)
9-27

A port-wred is created and the port-wred view is displayed. Step 3 Run:

The high and low limit percentages and drop probability are set for different colors of packets.
NOTE
Through configuring a port-wred object, you can set the high limit percentage, low limit percentage, and drop probability for queues. When the percentage of the actual length of a queue over the length of a class queue is less than the low limit percentage, the system does not drop packets. When the percentage of the actual length of a queue over the length of a class queue is between the low limit percentage and the high limit percentage, the system drops packets through the WRED mechanism. The longer the queue length is, the higher the drop probability is. When the percentage of the actual length of a queue over the length of a class queue is greater than the high limit percentage, the system drops all subsequent packets. You can create multiple port-wred objects for being referenced by class queues as required. The system provides a default port-wred object. In addition, you can configure a maximum of seven port-wred objects. ----End

Context
CAUTION
In upstream HQoS scheduling on an Ethernet interface, CQ adopts the default scheduling setting of the system and is not configured by users. It is recommended to configure downstream CQ on an Ethernet interface so that the backbone network is not congested.
Procedure
Step 1 Run:
system-view

9-28
Issue 03 (2008-09-22)

The queue scheduling policy is set.

NOTE
l l
You can configure scheduling parameters for eight CQs respectively on one interface. When no CQ is configured, the system adopts the default CQ template.
----End

Run the following commands to check the previous configuration. Action Check the configured parameters of an FQ mapping object and the referential relations of the object. Check the configuration of an FQ template. Check the configured parameters of an FQ WRED object. Check the configuration of a GQ and the referential relations. Check the SQ statistics on a specified interface. Check the statistics of a GQ. Command display flow-mapping configuration [ verbose [ mapping-name ] ]
display flow-queue configuration [ verbose [ flow-queuename ] ] display flow-wred configuration [ verbose [ flow-wredname ] ] display user-group-queue configuration [ verbose [ group-name ] ] display statistic user-queue qinq-termination interface interface-type interface-number pe-vid pe-vid ce-vid cevid { inbound | outbound } display user-group-queue group-name statistics [ slot slot-id ] { inbound | outbound }
9.4 Configuring HQoS on a CPOS or E3/T3 Interface

This section describes the configuration of HQoS on an E3 or T3 interface. 9.4.1 Establishing the Configuration Task 9.4.2 Configuring HQoS 9.4.3 Checking the Configuration

Two-level HQoS scheduling is implemented on low-rate interfaces such as CPOS, E3, or T3. A fixed total bandwidth is set. You can configure HQoS to divide the total bandwidth to perform priority scheduling and bandwidth guarantee. Level-1 scheduling performs bandwidth guarantee for all users. Level-2 scheduling performs bandwidth guarantee for different services of a user.
Before configuring HQoS on a CPOS or E3/T3 interface, complete the following tasks:
l
Configuring the physical parameters and link attributes to ensure normal operation of the interfaces Configuring the IP addresses for the interface Configuring an IP route and ensuring that the link works normally Configuring simple traffic classification
NOTE
l l l
Data Preparation
To configure HQoS on a CPOS or E3/T3 interface, you need the following data. No. 1 2 3 4 Data Total bandwidth for HQoS Queue scheduling mode for HQoS CIR The ways of processing packets that exceed the configured specifications
9.4.2 Configuring HQoS

Context
NOTE
l l
The configuration of HQoS on a CPOS or E3/T3 interface is valid only in the outbound direction. Before configuring HQoS on CPOS, E3 or T3, you need to configure the simple traffic classification or the complex traffic classification; otherwise, the HQoS configuration does not work.
Do as follows on the outbound interface of the router:

Procedure
Step 1 Run:
system-view

interface serial interface-number
The view of the specified E3/T3 interface is displayed. Step 3 Run:

hqos policy { pq | cbpq | cbfq } bandwidth bandwidth-value
HQoS is enabled; the total bandwidth of the interface and queue scheduling mode are specified.
NOTE
If you set the queue scheduling mode to PQ, queue scheduling is carried out according to the priority of the queues on the interface and the guaranteed bandwidth cannot be set for the queues with the hqos queue command.
Step 4 Run:
hqos queue { af1 | af2 | af3 | af4 | ef | cs6 | cs7 } cir cir [ remark | drop ]
The ensured bandwidth for the HQoS service queue is configured. ----End

Run the following command to check the preceding configuration. Action Check the traffic statistics about the current priority on an interface where HQoS is enabled. Command display hqos queue statistics { mp-group | serial } interface-number { cos-value }
Running the display hqos queue statistics { mp-group | serial } interface-number { cosvalue } command, you can display the traffic statistics about the traffic of a specified service priority on an interface where HQoS is enabled. For example:
<Quidway> display hqos queue statistics serial 5/0/0/0:0 ef Serial5/0/0/0:0 statistics: Forward bits : 188243 ( bits ) Forward pacekts : 23541 ( packets ) Remark bits : 0 ( bits ) Remark packets : 0 ( packets ) Drop bits : 0 ( bits ) Drop packets : 0 ( packets )
9.5 Configuring HQoS Based on the PBB-TE Tunnels

This section describes the procedure of configuring HQoS on a PBB-TE tunnel.
NOTE
For detailed information about the PBB-TE tunnels, refer to the chapter "PBB-TE Configuration" in the Quidway NetEngine80E/40E Quidway NetEngine80E/40E Configuration Guide LAN and MAN Access.
9.5.1 Establishing the Configuration Task 9.5.2 Configuring a Reserved Bandwidth for PBB-TE Services on an Interface 9.5.3 (Optional) Configuring the WRED Object of an FQ 9.5.4 (Optional) Configuring Scheduling Parameters of an FQ 9.5.5 (Optional) Configuring Mappings from an FQ to a CQ 9.5.6 (Optional) Configuring Traffic Shaping of a GQ 9.5.7 Configuring Scheduling Parameters of an SQ 9.5.8 Checking the Configuration

Before configuring HQoS based on PBB-TE services, you need to reserve bandwidth on the specified interface for services according to the demand of the service on the bandwidth resources. Inside a PBB-TE tunnel, PQ and WFQ scheduling algorithms are implemented according to the priorities carried by user packets or the priorities of service instances. WFQ is used for scheduling among multiple PBB-TE tunnels. PBB-TE tunnels of the same type, for example, PBB-TE tunnels accessing a certain area can be converged through B-VLAN and are provided with a guaranteed bandwidth. On one interface, PBB-TE services can share bandwidth resources with non-PBB-TE services.
l l
Configuring a PBB-TE tunnel Configuring service instances
Data Preparation
To configure HQoS, you need the following data. No. 1 2 3 4 5
9-32
Data Bandwidth reserved for PBB-TE services on the interface Low threshold, high threshold, and drop probability of packets Algorithms for the FQ scheduling and parameters Mapping relations between the service of the SQ and the CQ Traffic shaping parameters of the GQ
9.5.2 Configuring a Reserved Bandwidth for PBB-TE Services on an Interface

Context
Procedure
Step 1 Run:
system-view

The view of the interface to which the PBB-TE tunnel is bound is displayed. Step 3 Run:
mac-tunnel reserved-bandwidth cir cir-value [ pir pir-value ]
The bandwidth reserved for PBB-TE services is configured on the interface. ----End
9.5.3 (Optional) Configuring the WRED Object of an FQ

Context
Procedure
Step 1 Run:
system-view

A WRED object of an FQ is created and the WRED view of the FQ is displayed. Step 3 Run:
The high threshold, the low threshold, and the drop probability of the WRED object are set for different colors of packets. ----End

Context
Procedure
Step 1 Run:
system-view

A flow queue template is created and the FQ view is displayed. Step 3 Run:
Scheduling parameters are set for queues of different priorities. ----End
9.5.5 (Optional) Configuring Mappings from an FQ to a CQ

Context
Procedure
Step 1 Run:
system-view

A mapping object is created for an FQ and the FQ mapping view is displayed. Step 3 Run:
The priority for packets of a service of an SQ to enter a CQ is configured. ----End
9.5.6 (Optional) Configuring Traffic Shaping of a GQ

Context
Do as follows on the device:
Procedure
Step 1 Run:
system-view

The GQ view is displayed. Step 3 Run:

shaping shaping-value outbound
The traffic shaping value is set for the GQ. ----End

Context
Do as follows on the device:
Procedure
Step 1 Run:
system-view

mac-tunnel tunnel-name tunnel-name
The PBB-TE tunnel view is displayed. Step 3 Run:

The scheduling parameters of an SQ are configured and HQoS is enabled on the PBB-TE tunnel.
NOTE
----End

Run the following commands to check the previous configuration.
Action Check the configuration of a GQ on a PBB-TE tunnel. Check the statistics of GQs on the PBB-TE tunnel.
Command display user-queue configuration interface mac-tunnel [ tunnel-name ] display user-queue statistics interface mac-tunnel tunnel-name
Run the display user-queue configuration interface mac-tunnel [ tunnel-name ] command. If the correct HQoS configuration on the PBB-TE tunnel is displayed, it means that the configuration succeeds.
<Quidway> display user-queue configuration interface mac-tunnel t1 MacTunnelName: t1 CirValue<kbps>: 60000 PirValue<kbps>: 100000 FlowQueue: fq FlowMapping: fm GroupQueue: gq Network-Header-Length: Default
Run the display user-queue statistics interface mac-tunnel tunnel-name command. If the correct statistics of user queues on the PBB-TE tunnel are displayed, it means that the configuration succeeds.
<Quidway> display user-queue statistics interface mac-tunnel t1 test traffic statistics: [be] Pass: 0 packets, 0 Discard: 0 packets, 0 Pass Rate: 0 packets, 0 Discard Rate: 0 packets, 0 [af1] Pass: 0 packets, 0 Discard: 0 packets, 0 Pass Rate: 0 packets, 0 Discard Rate: 0 packets, 0 [af2] Pass: 0 packets, 0 Discard: 0 packets, 0 Pass Rate: 0 packets, 0 Discard Rate: 0 packets, 0 [af3] Pass: 0 packets, 0 Discard: 0 packets, 0 Pass Rate: 0 packets, 0 Discard Rate: 0 packets, 0 [af4] Pass: 0 packets, 0 Discard: 0 packets, 0 Pass Rate: 0 packets, 0 Discard Rate: 0 packets, 0 [ef] Pass: 0 packets, 0 Discard: 0 packets, 0 Pass Rate: 0 packets, 0 Discard Rate: 0 packets, 0 [cs6] Pass: 0 packets, 0 Discard: 0 packets, 0 Pass Rate: 0 packets, 0 Discard Rate: 0 packets, 0 [cs7] Pass: 0 packets, 0 Discard: 0 packets, 0
bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes bytes
9-36
Issue 03 (2008-09-22)

Pass Rate: Discard Rate: [total] Pass: Discard: Pass Rate: Discard Rate: 0 packets, 0 packets, 0 0 0 0 packets, packets, packets, packets,
0 bytes 0 bytes 0 0 0 0 bytes bytes bytes bytes
9.6 Configuring Class-based HQoS

This section describes the procedure of configuring Class-based HQoS. 9.6.1 Establishing the Configuration Task 9.6.2 Defining a Traffic Classifier 9.6.3 (Optional) Configuring a WRED Object for a Flow Queue 9.6.4 (Optional) Configuring Scheduling Parameters for a Flow Queue 9.6.5 (Optional) Configuring Mappings from a Flow Queue to a Class Queue 9.6.6 (Optional) Configuring Traffic Shaping for a Group Queue 9.6.7 Defining a Traffic Behavior and Configuring Scheduling Parameters for a Subscriber Queue 9.6.8 Defining a Traffic Policy and Applying It to an Interface 9.6.9 (Optional) Configuring a WRED Object for a Class Queue 9.6.10 (Optional) Configuring Scheduling Parameters for a Class Queue 9.6.11 Checking the Configuration

HQoS is mostly used on the user side of:
l l
A PE of a backbone network An access router of an access network
In the case of multiple user access and multiple service access, HQoS can differentiate users (VLAN users) in a network for priority scheduling and bandwidth guarantee. In addition, HQoS can also save the costs in network operation and maintenance. To further divide users on a small number of interfaces and perform hierarchical scheduling over traffic of multiple users, you need to deploy class-based HQoS. Class-based HQoS integrates the classification function of the CTC and the queue scheduling function of HQoS. The system first classifies traffic that needs HQoS scheduling through the CTC; then it configures HQoS parameters by taking all the packets that match a classifying rule as one user.
Before configuring class-based HQoS, complete the following tasks:
l
Configuring physical parameters and link attributes to ensure normal operation of the interfaces Configuring IP addresses for interfaces Configuring IP routes on routers to ensure normal operation of the link Configuring the simple traffic classification
l l l
Data Preparation
To configure class-based HQoS, you need the following data. No. 1 2 3 4 5 6 7 8 Data Matching rule, names of the traffic classifier, traffic behavior, traffic policy, and the interface where the traffic policy is applied (Optional) Parameters for packet drop in flow-wred (Optional) Scheduling algorithms and related parameters in flow-queue (Optional) CoS relations in flow-mapping (Optional) Shaping value in user-group-queue CIR, PIR, and network-header-length of user-queue (Optional) Port-wred parameters used in port-queue (Optional) Scheduling algorithms, related parameters, and shaping values in portqueue
9.6.2 Defining a Traffic Classifier

Context
NOTE
In configuration of class-based HQoS, the purpose of defining a traffic classifier is to single out the packets through the CTC for further HQoS scheduling.
Do as follows on the router to configure class-based HQoS:
Procedure
Step 1 Run:
system-view

A traffic classifier is defined and the traffic classifier view is displayed.

Step 3 Run the following command as required to define a traffic policy.

l l l l
To define an ACL rule, run the if-match acl acl-number command. To define a DSCP rule, run the if-match dscp dscp-value command. To define a TCP flag rule, run the if-match tcp syn-flag tcpflag-value command. To define a matching rule based on IP precedence, run the if-match ip-precedence ipprecedence command. To define a rule for matching all packets, run the if-match any command. To define an 802.1p rule for VLAN packets, run the if-match 8021p 8021p-value command. To define a rule for matching packets based on the source MAC address, run the if-match source-mac mac-address command. To define a rule for matching packets based on the destination MAC address, run the ifmatch destination-mac mac-address command. To define a rule for matching packets based on the MPLS EXP value, run the if-match mplsexp exp-value command.
l l l
If multiple matching rules are configured for one traffic classifier, you can set the relation among the matching rules by specifying the parameter operator in Step 2 with the command traffic classifier classifier-name [ operator { and | or } ], where,
l
and: is an operator indicating that the matching rules are in the logical AND relation. This means that the packets are of the specified class only when all rules are matched. or: is an operator indicating that the matching rules are in the logical OR relation. This means that the packets are of the specified class when any of the rules is matched.
If no operator is not specified, the default relation among matching rules is logical OR. ----End
9.6.3 (Optional) Configuring a WRED Object for a Flow Queue

Context
Procedure
Step 1 Run:
system-view

An flow-wred object is created and the flow-wred view is displayed. Step 3 Run:
The upper limit (in percentage), the lower limit (in percentage), and the discarding probability are set for different colors of packets.
NOTE
If you do not configure a flow-wred object, the system uses the default tail-drop policy. You can create multiple flow-wred objects used by FQs as required. You can configure up to 127 flowwred objects in the system.
----End
9.6.4 (Optional) Configuring Scheduling Parameters for a Flow Queue

Context
Procedure
Step 1 Run:
system-view

An FQ template is created and the FQ view is displayed. Step 3 Run:

Scheduling policies are set for queues of different priorities.

NOTE
You can configure scheduling parameters in one FQ template for the eight FQs of a subscriber respectively. If you do not configure an FQ, the system uses the default FQ template.
l l l l
By default, the system performs PQ on the FQs with the CoSs of ef, cs6, and cs7. WFQ is the default tool of the system for scheduling the FQs with the priorities of be, af1, af2, af3, and af4. The scheduling weight proportion is 10:10:10:15:15. By default, the system does not perform traffic shaping. The default discarding policy is the tail-drop policy.
----End
9.6.5 (Optional) Configuring Mappings from a Flow Queue to a Class Queue

Context
Procedure
Step 1 Run:
system-view

The flow-mapping view is displayed. Step 3 Run:

The priority to enter a CQ is configured for packets of a service in an SQ.

NOTE
You can configure eight mappings from flow-queue to port-queue in one flow-mapping template. If mappings from flow-queue to class-queue are not configured, the system defaults the one-to-one mapping.
You can create multiple flow-mapping templates used by SQs as required. Up to 15 flowmapping templates can be configured in the system. ----End
9.6.6 (Optional) Configuring Traffic Shaping for a Group Queue

Context
Procedure
Step 1 Run:
system-view

user-group-queue group-name
The GQ view is displayed. Step 3 Run:

The shaping value of the GQ is set.

NOTE
If you do not configure any traffic shaping value for a GQ, the system does not perform traffic shaping by default. You can configure only a global GQ for class-based HQoS.
l l
----End
9.6.7 Defining a Traffic Behavior and Configuring Scheduling Parameters for a Subscriber Queue
Context
Procedure
Step 1 Run:
system-view

A traffic behavior is defined and the traffic behavior view is displayed. Step 3 Run:
user-queue cir cir-value [ [ pir pir-value ] | [ flow-queue flow-queue-name ] | [ flow-mapping mapping-name ] | [ user-group-queue group-name ] | [ servicetemplate service-template-name ] ]*
The scheduling parameters of a subscriber queue are configured and HQoS is enabled on the interface.
NOTE
----End
9.6.8 Defining a Traffic Policy and Applying It to an Interface

Context
Procedure
Step 1 Run:
system-view

9-42
Issue 03 (2008-09-22)
A traffic behavior is associated with a specified traffic classifier in the traffic policy. Step 4 Run:
quit
The device returns to the system view. Step 5 Run:


traffic-policy policy-name inbound
The traffic policy is applied to the interface.

NOTE
A traffic policy that contains an associated HQoS scheduling behavior can be applied to only the inbound interface. The attribute of the policy must be shared.
----End
9.6.9 (Optional) Configuring a WRED Object for a Class Queue

Context
Procedure
Step 1 Run:
system-view

The upper limit (in percentage), the lower limit (in percentage), and the discarding probability are set for different colors of packets.
NOTE
If you do not configure a WRED object for a CQ (that is, a port-wred object), the system uses the default tail-drop policy.
----End
9.6.10 (Optional) Configuring Scheduling Parameters for a Class Queue

Context
CAUTION
In the HQoS scheduling for upstream HQoS on an Ethernet interface, the CQ adopts the default scheduling setting of the system and requires no configuration. It is recommended that you configure the CQ on a downstream Ethernet interface so that the backbone network is not congested.
Procedure
Step 1 Run:
system-view


A scheduling policy is set for queues of different priorities.

NOTE
You can configure scheduling parameters for eight CQs respectively on one interface. If you do not configure a CQ, the system uses the default CQ template.
l l l l
By default, the system performs PQ on the FQs with the priorities of ef, cs6, and cs7. WFQ is the default tool of the system for scheduling the FQs with the priorities of be, af1, af2, af3, and af4. The scheduling weight proportion is 10:10:10:15:15. By default, the system does not perform traffic shaping. The default discarding policy is the tail-drop policy.
----End

Run the following commands to check the previous configuration.
Action Check the configured parameters of a flow-mapping object and the referential relations of the object. Check the configuration of an FQ template. Check the configured parameters of a flow-wred object. Check the configuration of a GQ and the referential relations. Check the configured parameters of the WRED object for a CQ. Check the detailed configuration of a CQ. Check the SQ statistics of a specified traffic behavior. Check the statistics of a GQ. Check the statistics of a CQ. Check the configuration of a traffic behavior. Check the configuration of a traffic classifier.
Command display flow-mapping configuration [ verbose [ mapping-name ] ] display flow-queue configuration [ verbose [ flow-queue-name ] ] display flow-wred configuration [ verbose [ flowwred-name ] ] display user-group-queue configuration [ verbose [ group-name ] ] display port-wred configuration [ verbose [ port-wred-name ] ] display port-queue configuration interface interface-type interface-number outbound display user-queue statistics traffic behavior behavior-name inbound display user-group-queue statistics group-name [ slot slot-id ] { inbound | outbound } display port-queue statistics interface interfacetype interface-number [ cos-value ] outbound display traffic behavior user-defined behaviorname display traffic classifier user-defined classifiername
Running the display user-queue statistics traffic behavior behavior-name inbound command, you can view the SQ statistics of a specified traffic behavior. The statistics cover information on every service of an SQ. If the displayed statistics are correct, it means that the configuration succeeds. For example:
<Quidway> display user-queue statistics traffic behavior b1 inbound Traffic behavior b1 inbound traffic statistics: Traffic behavior b1 inbound traffic statistics: [slot 5] [be] Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes Last 5 minutes pass rate: 0 pps, 0 bps Last 5 minutes discard rate: 0 pps, 0 bps [af1] Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes Last 5 minutes pass rate: 0 pps, 0 bps Last 5 minutes discard rate: 0 pps, 0 bps
Issue 03 (2008-09-22)
9-45
[af2] Pass: Discard: Last 5 minutes pass rate: Last 5 minutes discard rate: 0 pps, [af3] Pass: Discard: Last 5 minutes pass rate: Last 5 minutes discard rate: 0 pps, [af4] Pass: Discard: Last 5 minutes pass rate: Last 5 minutes discard rate: 0 pps, [ef] Pass: Discard: Last 5 minutes pass rate: Last 5 minutes discard rate: 0 pps, [cs6] Pass: Discard: Last 5 minutes pass rate: Last 5 minutes discard rate: 0 pps, [cs7] Pass: Discard: Last 5 minutes pass rate: Last 5 minutes discard rate: 0 pps, [total] Pass: Discard: Last 5 minutes pass rate: Last 5 minutes discard rate: 0 pps, [slot all] [be] Pass: Discard: Last 5 minutes pass rate: Last 5 minutes discard rate: 0 pps, [af1] Pass: Discard: Last 5 minutes pass rate: Last 5 minutes discard rate: 0 pps, [af2] Pass: Discard: Last 5 minutes pass rate: 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps,
0 packets, 0 packets, 0 pps,
0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps
9-46
Issue 03 (2008-09-22)

Last 5 minutes discard rate: 0 pps, [af3] Pass: Discard: Last 5 minutes pass rate: Last 5 minutes discard rate: 0 pps, [af4] Pass: Discard: Last 5 minutes pass rate: Last 5 minutes discard rate: 0 pps, [ef] Pass: Discard: Last 5 minutes pass rate: Last 5 minutes discard rate: 0 pps, [cs6] Pass: Discard: Last 5 minutes pass rate: Last 5 minutes discard rate: 0 pps, [cs7] Pass: Discard: Last 5 minutes pass rate: Last 5 minutes discard rate: 0 pps, [total] Pass: Discard: Last 5 minutes pass rate: Last 5 minutes discard rate: 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps, 0 packets, 0 packets, 0 pps,
0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps
9.7 Configuring Template-based HQoS

This section describes how to configure template-based HQoS. 9.7.1 Establishing the Configuration Task 9.7.2 (Optional) Configuring an FQ WRED Object 9.7.3 (Optional) Configuring Scheduling Parameters of an FQ 9.7.4 (Optional) Configuring Mapping from an FQ to a CQ 9.7.5 (Optional) Configuring the Traffic Shaping of a GQ 9.7.6 (Optional) Configuring Packet Loss Compensation Length of Service Templates 9.7.7 Defining a QoS Template and Configuring Scheduling Parameters 9.7.8 Applying a QoS Template 9.7.9 (Optional) Configuring a CQ WRED Object
9.7.10 (Optional) Configuring Scheduling Parameters of a CQ 9.7.11 Checking the Configuration

To achieve uniform scheduling of incoming traffic flows on multiple interfaces, you need to implement traffic management by user levels. Interface-based HQoS only supports classifying traffic flows on one interface into an SQ queue for scheduling. It does not support uniform scheduling of traffic flows on multiple interfaces. Template-based HQoS, by comparison, supports classifying traffic flows on multiple interfaces into an SQ queue for scheduling. It implements uniform scheduling of traffic flows on multiple interfaces by defining QoS scheduling templates and applying the templates to different interfaces. The template-based HQoS technique is used mainly on the access routers deployed at the edge of a MAN.
Before configuring template-based HQoS, complete the following tasks:
l
Configuring the physical parameters and link attributes of interfaces for them to work properly Assigning IP addresses to interfaces Configuring IP routes on the router to make routers on the link reachable
l l
Data Preparation
To configure template-based HQoS, you need the following data. No. 1 2 3 4 5 6 Data (Optional) Parameters for packet drop in flow-wred (Optional) Scheduling algorithms and related parameters in flow-queue (Optional) CoS relations in flow-mapping (Optional) Shaping value in user-group-queue QoS template names
l l
Values of CIR, PIR, and network-header-length in the user-queue command CIR, and CBS of the traffic suppression
7 8 9
Interfaces to which the QoS template is applied (Optional) Port-wred parameters used in port-queue (Optional) Scheduling algorithms, related parameters, and shaping values in portqueue
9-48
Issue 03 (2008-09-22)

Context
Procedure
Step 1 Run:
system-view

The high and low limit percentages and the drop probability are set for different colors of packets.
NOTE
l l l
l
You can create multiple flow-wred objects for being referenced by FQs as required. You can configure up to 127 flow-wred objects in the system. ----End

Context
Procedure
Step 1 Run:
system-view


A queue scheduling policy for a class is set.

NOTE
You can configure scheduling parameters in one flow queue template for the eight FQs of a subscriber respectively. If you do not configure a flow queue, the system uses the default flow queue template.
l l l l
By default, the system performs PQ scheduling on the FQs with the priorities of ef, cs6, and cs7. The system defaults the FQs with the priorities of be, af1, af2, af3, and af4 to WFQ. The scheduling weight is 10:10:10:15:15. By default, the system performs no traffic shaping. The default discarding policy is the tail drop.
----End

Context
Procedure
Step 1 Run:
system-view


The priority mapping from a flow queue to a CQ is set.


NOTE
You can configure eight mappings from the flow queue to the port queue in one flow queue mapping template. When no mapping from the flow queue to the CQ is set, the system defaults the one-to-one mapping.

Context
Procedure
Step 1 Run:
system-view



NOTE
l l
----End
9.7.6 (Optional) Configuring Packet Loss Compensation Length of Service Templates

Context
Do as follows to configure HQoS on the router.
Procedure
Step 1 Run:
system-view

service-template service-template-name [ slot slot-id ]
The service template view is displayed. Step 3 Run:

network-header-length network-header-length { inbound | outbound }
The packet loss compensation length of the service template is specified.

NOTE
After packets enter the router, there is difference between the length of a processed packet and the original packet. Packet loss compensation is a method to achieve precise traffic control by compensating a processed packet with a certain length.
Step 4 Run:
quit
The system view is displayed. ----End
9.7.7 Defining a QoS Template and Configuring Scheduling Parameters

Context
Procedure
Step 1 Run:
system-view

qos-profile qos-profile-name
A QoS template is defined and the qos-profile view is displayed. Step 3 You can choose to configure user queue scheduling parameters or traffic assurance for users according actual needs.
l
To configure user queue scheduling parameters to implement HQoS for user services, run:
user-queue cir cir-value [ [ pir pir-value ] | [ flow-queue flow-queue-name ] | [ flow-mapping mapping-name ] | [ user-group-queue group-name ] | [ servicetemplate service-template-name ] ] *
To limit the rate of broadcast packets in the QoS template, run:

broadcast-suppression cir cir-value [ cbs cbs-value ]
9-52
Issue 03 (2008-09-22)

l
To limit the rate of multicast packets in the QoS template, run:

multicast-suppression cir cir-value [ cbs cbs-value ]
To limit the rate of unknown unicast packets in the QoS template, run:
unknown-unicast-suppression cir cir-value [ cbs cbs-value ]
NOTE
In addition, if you configure the qos-profile command on an interface, you cannot configure the userqueue command, or the car command, or the traffic suppression function on the interface.
----End
9.7.8 Applying a QoS Template

Context
Procedure
Step 1 Run:
system-view

interface interface-type interface-number [ .sub-interface ]

qos-profile qos-profile-name { inbound | outbound } [ identifier group-name ] none | group
Apply the QoS template on the Ethernet interface, GE interface, Ethernet sub-interface, GE subinterface, layer 2 GE interface, and layer 2 Ethernet interface. ----End

Context
Procedure
Step 1 Run:
system-view

Issue 03 (2008-09-22)
9-53
The low limit percentage, high limit percentage, and drop probability are set.
NOTE
Through configuring a port-wred object, users can set the high limit percentage, low limit percentage, and drop probability for queues.
l
Users can create multiple port-wred objects for being referenced by CQs as required. The system provides one default port-wred object. You can configure a maximum of seven more port-wred objects. ----End

Context
CAUTION
In upstream HQoS scheduling on an Ethernet interface, CQ adopts the default scheduling setting of the system and is not configured by users. It is recommended that users configure downstream CQ on an Ethernet interface so that the backbone network is not congested. Do as follows on the downstream interface of the router:
Procedure
Step 1 Run:
system-view

The interface view is displayed.

Step 3 Run:
A queue scheduling policy for different CQs is set.

NOTE
You can configure eight CQ scheduling parameters respectively on one interface. When no CQ is configured, the system adopts the default CQ template.
l l l l
By default, the system performs PQ on the flow queues with the priorities of ef, cs6, and cs7. By default, the system performs WFQ on the flow queues with the priorities of be, af1, af2, af3, and af4. The scheduling weight is 10:10:10:15:15. By default, the system performs no traffic shaping. The discarding policy defaults to tail drop.
----End

Run the following commands to check the previous configuration. Action Check the configurations of a FQ mapping object and the referential relations of the object. Check the configurations of the flow queue template. Check the configurations of a flow queue's WRED object. Check the configurations of a user group queue and its referential relations. Check the configurations of a class queue's WRED object. Check the configurations of a class queue. Check the statistics about a QoS template. Command display flow-mapping configuration [ verbose [ mapping-name ] ]
display flow-queue configuration [ verbose [ flow-queuename ] ] display flow-wred configuration [ verbose [ flow-wredname ] ] display user-group-queue configuration [ verbose [ group-name ] ] display port-wred configuration [ verbose [ port-wredname ] ] display port-queue configuration interface interfacetype interface-number outbound display qos-profile statistics interface interface-type interface-number { inbound | outbound }
Using the display qos-profile statistics interface interface-type interface-number { inbound | outbound } command, you can view the statistical information about a QoS template on an interface.
<Quidway> display qos-profile statistics interface gigabitethernet 4/0/7 outbound
Issue 03 (2008-09-22)
9-55
GigabitEthernet4/0/7 outbound profile statistics: User-queue statistics: [be] Pass: 0 packets, Discard: 0 packets, Last 5 minutes pass rate: 0 pps, Last 5 minutes discard rate: 0 pps, [af1] Pass: 0 packets, Discard: 0 packets, Last 5 minutes pass rate: 0 pps, Last 5 minutes discard rate: 0 pps, [af2] Pass: 0 packets, Discard: 0 packets, Last 5 minutes pass rate: 0 pps, Last 5 minutes discard rate: 0 pps, [af3] Pass: 0 packets, Discard: 0 packets, Last 5 minutes pass rate: 0 pps, Last 5 minutes discard rate: 0 pps, [af4] Pass: 0 packets, Discard: 0 packets, Last 5 minutes pass rate: 0 pps, Last 5 minutes discard rate: 0 pps, [ef] Pass: 0 packets, Discard: 0 packets, Last 5 minutes pass rate: 0 pps, Last 5 minutes discard rate: 0 pps, [cs6] Pass: 0 packets, Discard: 0 packets, Last 5 minutes pass rate: 0 pps, Last 5 minutes discard rate: 0 pps, [cs7] Pass: 0 packets, Discard: 0 packets, Last 5 minutes pass rate: 0 pps, Last 5 minutes discard rate: 0 pps, [total] Pass: 0 packets, Discard: 0 packets, Last 5 minutes pass rate: 0 pps, Last 5 minutes discard rate: 0 pps, Suppression statistics: Broadcast statistics: Passed: 0 bytes, 0 packets Dropped: 0 bytes, 0 packets
0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps 0 bytes 0 bytes 0 bps 0 bps
9-56
Issue 03 (2008-09-22)

Last 30 seconds passed rate: 0 bps, 0 pps Last 30 seconds dropped rate: 0 bps, 0 pps Multicast statistics: Passed: 0 bytes, 0 packets Dropped: 0 bytes, 0 packets Last 30 seconds passed rate: 0 bps, 0 pps Last 30 seconds dropped rate: 0 bps, 0 pps Unknown-unicast statistics: Passed: 0 bytes, 0 packets Dropped: 0 bytes, 0 packets Last 30 seconds passed rate: 0 bps, 0 pps Last 30 seconds dropped rate: 0 bps, 0 pps
9.8 Maintaining HQoS

This section introduces how to clearing queue statistics. 9.8.1 Clearing Queue Statistics
9.8.1 Clearing Queue Statistics
CAUTION
Queue statistics cannot be restored after you clear it. So, confirm the action before you use the command. Make sure that you would clear the queue statistics and run the reset command in the user view to clear the existing queue statistics. Action Clear statistics on a specified GQ. Clear statistics of a specified SQ on a specified interface. Clear statistics of a specified SQ on a specified PBB-TE tunnel. Clear inbound statistics of a specified traffic behavior Command reset user-group-queue group-name statistics slot { slot-id | all } { inbound | outbound } reset user-queue statistics interface interface-type interface-number { inbound | outbound } reset user-queue statistics interface mac-tunnel tunnel-name reset user-queue statistics traffic behavior behavior-name inbound

This section presents the examples for configuring HQoS on the Ethernet interface, QinQ interface, CPOS interface, E3 or T3 interface, and PBB-TE tunnel. 9.9.1 Example for Configuring HQoS on an Ethernet Interface 9.9.2 Example for Configuring QinQ HQoS
9.9.3 Example for Configuring HQoS on an E3 or T3 Interface 9.9.4 Example for Configuring HQoS on a CPOS Interface 9.9.5 Example for Configuring HQoS Based on the PBB-TE Tunnel 9.9.6 Example for Configuring Class-based HQoS 9.9.7 Example for Configuring Template-based HQoS
9.9.1 Example for Configuring HQoS on an Ethernet Interface

To differentiate users and provide hierarchical QoS for them, HQoS divides a GE master interface into multiple sub-interfaces for access by users. For the purpose of better utilization of the bandwidth of the GE interface, each user accesses the network through a GE sub-interface. The packets of all users are then converged to the backbone network by the router. As shown in Figure 9-8, router is an access device to the backbone network. The router connects Layer 2 switches. User1 and User2 access the network through GigabitEthernet1/0/0.1 and GigabitEthernet1/0/0.2 of router. User1 is guaranteed with a bandwidth of 100 Mbit/s; User2, 200 Mbit/s. The bandwidth of the EF flow of User1 is 30 Mbit/s; that of the AF1 flow, 10 Mbit/ s. The bandwidth of the EF flow of User2 is 50 Mbit/s. User1 and User2 are in the same subscriber group. The bandwidth of the group queue is 500 Mbit/s. On the downstream interface of router, the traffic rate of EF flow is no more than 100 Mbit/s.
NOTE
Home users carry out broadband access through home service gateways. A home service gateway adds VLAN tags to service packets of home users to identify the users' VLAN and the 802.1 priorities of services. Home users' packets with VLAN tags are forwarded at Layer 2 through DSLAMs and switches. VLAN tags are terminated on the sub-interface of router and then the packets go to the ISP network.
Figure 9-8 Networking diagram for configuring SQ
9-58
Issue 03 (2008-09-22)
CAUTION
In upstream HQoS scheduling on an Ethernet interface, CQ adopts the default scheduling setting and is not configured by users. It is recommended that users configure downstream CQ on an Ethernet interface so that the backbone network is not congested. The configuration roadmap is as follows: 1. 2. 3. 4. 5. 6. 7. Configuring parameters of packet dropping for the FQ WRED object. Configuring algorithms for flow queue scheduling and related parameters. Configuring service class mappings from FQs to CQs. Configuring values of GQ shaping. Configuring SQs on the upstream interface of the access router. Configuring parameters of packet dropping for a CQ WRED object. Configuring CQs on the downstream interface of the access router.
Data Preparation
l l l l l l l l
VLAN IDs of sub-interfaces Parameters of flow-wred packet dropping Algorithms for flow-queue scheduling and related parameters Service class mappings for flow-mapping Values of user-group-queue shaping Values of user-queue CIR, PIR, and network-header-length Parameters of port-wred referenced by port-queue Algorithms for port-queue scheduling and related parameters and shaping values
NOTE
1.
Configure a WRED object referenced by FQs. # Configure parameters of flow-wred packet dropping.
<Quidway> system view [Quidway] flow-wred test [Quidway-flow-wred-test] color green low-limit 70 high-limit 100 discardpercentage 100 [Quidway-flow-wred-test] color yellow low-limit 60 high-limit 90 discardpercentage 100 [Quidway-flow-wred-test] color red low-limit 50 high-limit 80 discardpercentage 100
Issue 03 (2008-09-22)
9-59
[Quidway-flow-wred-test] return
After the preceding configuration, you can run the display flow-wred configuration verbose command to view the configured parameters of the FQ WRED object.
<Quidway> display flow-wred configuration verbose test flow-wred-name : test --------------------------------------------------color low-limit high-limit discard-percent --------------------------------------------------green 70 100 100 yellow 60 90 100 red 50 80 100 Reference relationships : NULL Total number : 1
2.
Configure algorithms for queue scheduling and related parameters of FQs. # Configure the scheduling algorithms, WRED parameters, and shaping values for FQs.
<Quidway> system view [Quidway] flow-queue test1 [Quidway-flow-queue-template-test1] [Quidway-flow-queue-template-test1] [Quidway-flow-queue-template-test1] [Quidway] flow-queue test2 [Quidway-flow-queue-template-test2] [Quidway-flow-queue-template-test2] queue af1 lpq flow-wred test shaping 10000 queue ef pq flow-wred test shaping 30000 quit queue ef pq flow-wred test shaping 25000 return
After the preceding configuration, you can run the display flow-queue configuration verbose command to view the configuration of the FQ template.
<Quidway> display flow-queue configuration verbose test1 Codes: Arith(Schedule algorithm) U-Weight(Schedule weight configured by users) I-Weight(Inverse schedule weight used by TM) A-Weight(Actual schedule weight obtained by users) Shp(Shaping value, the percentage of subscriber queue's PIR) Drop-Arith(The name of the WRED object used by the flow queue) Flow Queue Template : test1 -----------------------------------------------------------------Cos Arith U-Weight I-Weight A-Weight Shp Pct Drop-Arith -----------------------------------------------------------------be wfq 10 3 10.00 Tail Drop af1 lpq 10000 test af2 wfq 10 3 10.00 Tail Drop af3 wfq 15 2 15.00 Tail Drop af4 wfq 15 2 15.00 Tail Drop ef pq 30000 test cs6 pq Tail Drop cs7 pq Tail Drop Reference relationships : NULL <Quidway> display flow-queue configuration verbose test2 Codes: Arith(Schedule algorithm) U-Weight(Schedule weight configured by users) I-Weight(Inverse schedule weight used by TM) A-Weight(Actual schedule weight obtained by users) Shp(Shaping value, the percentage of subscriber queue's PIR) Drop-Arith(The name of the WRED object used by the flow queue) Flow Queue Template : test2 -----------------------------------------------------------------Cos Arith U-Weight I-Weight A-Weight Shp Pct Drop-Arith -----------------------------------------------------------------be wfq 10 3 10.00 Tail Drop af1 wfq 10 3 10.00 Tail Drop af2 wfq 10 3 10.00 Tail Drop af3 wfq 15 2 15.00 Tail Drop af4 wfq 15 2 15.00 Tail Drop
9-60
Issue 03 (2008-09-22)

ef pq cs6 pq cs7 pq Reference relationships : NULL 25000 -
test Tail Drop Tail Drop
3.
Configure service class mappings from FQs to CQs.

<Quidway> system view [Quidway] flow-mapping test1 [Quidway-flow-mapping-test1] map flow-queue af1 to port-queue ef [Quidway-flow-mapping-test1] return
After the preceding configuration, you can run the display flow-mapping configuration verbose command to view the configured parameters of the FQ mapping object and the referential relations of the object.
<Quidway> display flow-mapping configuration verbose test1 flow-mapping-name : test1 fq-cosvalue to pq-cosvalue be to be af1 to ef af2 to af2 af3 to af3 af4 to af4 ef to ef cs6 to cs6 cs7 to cs7 [reference relationship] NULL
4.
Configure the value for the GQ shaping. # Configure user-group-queue.

<Quidway> system view [Quidway] user-group-queue test [Quidway-user-group-queue-test-slot-all] shaping 500000 inbound [Quidway-user-group-queue-test-slot-all] return
After the preceding configuration, you can run the display user-group-queue configuration verbose command to view the configuration of the GQ and the referential relations.
<Quidway> display user-group-queue configuration verbose test user-group-queue-name : test slot : 3 [current configuration] inbound shaping-value <kbps> : 500000 pbs-value <byte> : 524288 outbound shaping-value <kbps> : NA pbs-value <byte> : NA [reference relationship] NULL
5.
Configure an SQ on the upstream interface of the access router.

<Quidway> system view [Quidway] interface gigabitethernet 1/0/0 [Quidway-GigabitEthernet1/0/0] undo shutdown [Quidway-GigabitEthernet1/0/0] quit [Quidway] interface gigabitethernet 1/0/0.1 [Quidway-GigabitEthernet1/0/0.1] trust upstream default [Quidway-GigabitEthernet1/0/0.1] trust 8021p [Quidway-GigabitEthernet1/0/0.1] vlan-type dot1q 1 [Quidway-GigabitEthernet1/0/0.1] ip address 100.1.1.1 24 [Quidway-GigabitEthernet1/0/0.1] user-queue cir 100000 pir 100000 flow-queue test1 flow-mapping test1 user-group-queue test inbound [Quidway-GigabitEthernet1/0/0.1] return [Quidway] interface gigabitethernet 1/0/0.2 [Quidway-GigabitEthernet1/0/0.2] trust upstream default [Quidway-GigabitEthernet1/0/0.2] trust 8021p
Issue 03 (2008-09-22)
9-61

[Quidway-GigabitEthernet1/0/0.2] vlan-type dot1q 2 [Quidway-GigabitEthernet1/0/0.2] ip address 200.1.2.1 24 [Quidway-GigabitEthernet1/0/0.2] user-queue cir 200000 pir 200000 flow-queue test2 flow-mapping test1 user-group-queue test inbound [Quidway-GigabitEthernet1/0/0.2] return [Quidway]service-template st1 [Quidway-service-template-st1-slot-all] network-header-length 10 inbound
After the preceding configuration, you can run the display user-queue configuration interface command to view the detailed HQoS configuration on the interface.
<Quidway> display user-queue configuration interface gigabitethernet 1/0/0.1 inbound user-queue configuration infomation show : GigabitEthernet1/0/0.1 Inbound: CirValue<kbps>: 100000 PirValue<kbps>: 100000 FlowQueue: test1 FlowMapping: test1 GroupQueue: test service-template: NULL <Quidway> display user-queue configuration interface gigabitethernet 1/0/0.2 inbound user-queue configuration infomation show : GigabitEthernet1/0/0.2 Inbound: CirValue<kbps>: 200000 PirValue<kbps>: 200000 FlowQueue: test2 FlowMapping: test1 GroupQueue: test service-template: NULL
6.
Configure a WRED object referenced by CQs. # Configure the parameters of port-wred packet dropping referenced by CQs.
<Quidway> system view [Quidway] port-wred test [Quidway-port-wred-test] percentage 100 [Quidway-port-wred-test] percentage 100 [Quidway-port-wred-test] percentage 100 [Quidway-port-wred-test] color green low-limit 70 high-limit 100 discardcolor yellow low-limit 60 high-limit 90 discardcolor red low-limit 50 high-limit 80 discardreturn
After the preceding configuration, you can run the display port-wred configuration verbose command to view the configured parameters of the CQ WRED object.
<Quidway> display port-wred configuration verbose test port-wred-name : test color low-limit high-limit discard-percent green 70 100 100 yellow 60 90 100 red 50 80 100 [reference relationship] NULL
7.
Verify the configuration. When packets are available in the network, you can find that packets of User1's AF1 and EF flows and User2's EF flow are forwarded at the guaranteed bandwidth. Running the display port-queue statistics command on the downstream GE 2/0/0 of router, you can see that the packets of the CS7 flow increases rapidly.
<Quidway> display port-queue statistics interface gigabitethernet 2/0/0 ef outbound [ef] Total pass: 104,762,039 packets, 10,251,481,862 bytes Total discard: 0 packets, 0 bytes
9-62
Issue 03 (2008-09-22)

--Drop tail discard: 0 packets, --Wred discard: 0 pps, Last 30 seconds pass rate: 0 pps, Last 30 seconds discard rate: 0 pps, --Drop tail discard rate: 0 pps, --Wred discard rate: 0 pps,
0 bytes 0 bps 0 bps 0 bps 0 bps 0 bps
Configuration Files
Configuration file of router
# sysname Quidway # flow-wred test color green low-limit 70 high-limit 100 discard-percentage 100 color yellow low-limit 60 high-limit 90 discard-percentage 100 color red low-limit 50 high-limit 80 discard-percentage 100 # flow-mapping test1 map flow-queue af1 to port-queue ef # flow-queue test1 queue af1 lpq shaping 10000 flow-wred test queue ef pq shaping 30000 flow-wred test # flow-queue test2 queue ef pq shaping 25000 flow-wred test # user-group-queue test shaping 500000 inbound # service-template st1 network-header-length 10 inbound # interface GigabitEthernet1/0/0 undo shutdown # interface GigabitEthernet1/0/0.1 trust upstream default trust 8021p vlan-type dot1q 1 ip address 100.1.1.1 255.255.255.0 user-queue cir 100000 pir 100000 flow-queue test1 flow-mapping test1 user-groupqueue test inbound # interface GigabitEthernet1/0/0.2 trust upstream default trust 8021p vlan-type dot1q 2 ip address 200.1.2.1 255.255.255.0 user-queue cir 200000 pir 200000 flow-queue test2 flow-mapping test1 user-groupqueue test inbound # port-wred test color green low-limit 70 high-limit 100 discard-percentage 100 color yellow low-limit 60 high-limit 90 discard-percentage 100 color red low-limit 50 high-limit 80 discard-percentage 100 # interface GigabitEthernet2/0/0 undo shutdown ip address 200.1.1.1 255.255.255.0 port-queue ef pq shaping 100 port-wred test outbound
Issue 03 (2008-09-22)
9-63
# osfp 10 area 0.0.0.0 network 200.1.1.0 0.0.0.255 network 200.1.2.0 0.0.0.255 network 100.1.1.0 0.0.0.255 # return
9.9.2 Example for Configuring QinQ HQoS

As shown in Figure 9-9, router is an edge device of the backbone network. The router connects Layer 2 switches. User1 and User2 access the network through the VLAN group of the two QinQ termination sub-interfaces GigabitEthernet1/0/0.1 and GigabitEthernet1/0/0.2of router. User1 is guaranteed with a bandwidth of 100 Mbit/s; User2, 200 Mbit/s. The bandwidth of the EF flow of User1 is 30 Mbit/s; that of the AF1 flow, 10 Mbit/s. The bandwidth of the EF flow of User2 is 50 Mbit/s. User1 and User2 are in the same subscriber group. The bandwidth of the group queue is 500 Mbit/s. On the downstream interface of router, the traffic rate of CS7 flow is no more than 100 Mbit/s.
NOTE
Home users carry out broadband access through home service gateways. A home service gateway adds VLAN tags to service packets of home users to identify the users' VLAN and the 802.1 priorities of services. According to the QinQ technology, DSLAM can also encapsulate an outer tag over a VLAN tag in a home user's packet. This makes it easy to manage internal VLAN users. For example, the inner VLAN tag marks a home user and the outer VLAN tag marks a cell; or the inner VLAN tag marks a cell and the outer VLAN tag marks a service. In this manner, home users' packets with two-layer VLAN tags are forwarded at Layer 2 through DSLAMs and switches. The VLAN tags are terminated on the sub-interface of router and then the packets go to the ISP network.
Figure 9-9 Networking diagram for configuring QinQ HQoS
The configuration roadmap is as follows:
1. 2. 3. 4. 5. 6. 7. 8.
Configuring parameters of packet dropping for flow queue WRED objects. Configuring algorithms for flow queue scheduling and related parameters. Configuring service class mappings from FQs to CQs. Configuring values of GQ shaping. Enabling QinQ on the master interface. Creating and configuring QinQ sub-interfaces. Creating VLAN groups. Configuring SQs on the upstream interface of the PE1.
NOTE
In this procedure, HQoS is configured only on a QinQ termination sub-interface. You do not need to configure upstream HQoS CQs. You can configure HQoS on the downstream interface of a router or configure only CQs according to the actual network traffic to prevent network congestion.
Data Preparation
l l l l l l
QinQ termination sub-interface numbers and vlan-group IDs Parameters of flow-wred packet dropping Algorithms for flow-queue scheduling and related parameters Service class mappings for flow-mapping Value of user-group-queue shaping Values of user-queue CIR and PIR
NOTE
1.
Configure a WRED object referenced by a flow queue. # Configure parameters of flow-wred packet dropping.
<Quidway> system view [Quidway] flow-wred test [Quidway-flow-wred-test] percentage 100 [Quidway-flow-wred-test] percentage 100 [Quidway-flow-wred-test] percentage 100 [Quidway-flow-wred-test] color green low-limit 70 high-limit 100 discardcolor yellow low-limit 60 high-limit 90 discardcolor red low-limit 50 high-limit 80 discardreturn
After the preceding configuration, you can run the display flow-wred configuration verbose command to view the configured parameters of the FQ WRED object.
<Quidway> display flow-wred configuration verbose test flow-wred-name : test --------------------------------------------------color low-limit high-limit discard-percent --------------------------------------------------green 70 100 100 yellow 60 90 100 red 50 80 100
Issue 03 (2008-09-22)
9-65
Reference relationships : NULL Total number : 1
2.
Configure algorithms for flow queue scheduling and related parameters. # Configure the scheduling algorithms, WRED parameters, and shaping values for FQs.
<Quidway> system view [Quidway] flow-queue test1 [Quidway-flow-queue-template-test] [Quidway-flow-queue-template-test] [Quidway-flow-queue-template-test] [Quidway] flow-queue test2 [Quidway-flow-queue-template-test] [Quidway-flow-queue-template-test] queue af1 lpq flow-wred test shaping 10000 queue ef pq flow-wred test shaping 30000 quit queue ef pq flow-wred test shaping 25000 return
After the preceding configuration, you can run the display flow-queue configuration verbose command to view the configuration of the FQ template.
<Quidway> display flow-queue configuration verbose test1 Codes: Arith(Schedule algorithm) U-Weight(Schedule weight configured by users) I-Weight(Inverse schedule weight used by TM) A-Weight(Actual schedule weight obtained by users) Shp(Shaping value, the percentage of subscriber queue's PIR) Drop-Arith(The name of the WRED object used by the flow queue) Flow Queue Template : test1 -----------------------------------------------------------------Cos Arith U-Weight I-Weight A-Weight Shp Pct Drop-Arith -----------------------------------------------------------------be wfq 10 3 10.00 Tail Drop af1 lpq 10000 test af2 wfq 10 3 10.00 Tail Drop af3 wfq 15 2 15.00 Tail Drop af4 wfq 15 2 15.00 Tail Drop ef pq 30000 test cs6 pq Tail Drop cs7 pq Tail Drop Reference relationships : NULL <Quidway> display flow-queue configuration verbose test2 Codes: Arith(Schedule algorithm) U-Weight(Schedule weight configured by users) I-Weight(Inverse schedule weight used by TM) A-Weight(Actual schedule weight obtained by users) Shp(Shaping value, the percentage of subscriber queue's PIR) Drop-Arith(The name of the WRED object used by the flow queue) Flow Queue Template : test2 -----------------------------------------------------------------Cos Arith U-Weight I-Weight A-Weight Shp Pct Drop-Arith -----------------------------------------------------------------be wfq 10 3 10.00 Tail Drop af1 wfq 10 3 10.00 Tail Drop af2 wfq 10 3 10.00 Tail Drop af3 wfq 15 2 15.00 Tail Drop af4 wfq 15 2 15.00 Tail Drop ef pq 25000 test cs6 pq Tail Drop cs7 pq Tail Drop Reference relationships : NULL
3.
Configure service class mappings from FQs to CQs.

<Quidway> system view [Quidway] flow-mapping test1 [Quidway-flow-mapping-test1] map flow-queue af1 to port-queue ef [Quidway-flow-mapping-test1] quit
9-66
Issue 03 (2008-09-22)
After the preceding configuration, you can run the display flow-mapping configuration verbose command to view the configured parameters of the FQ mapping objects and the referential relations of the objects.
<Quidway> display flow-mapping configuration verbose test1 flow-mapping-name : test1 fq-cosvalue to pq-cosvalue be to be af1 to ef af2 to af2 af3 to af3 af4 to af4 ef to ef cs6 to cs6 cs7 to cs7 [reference relationship] NULL
4.
Configure a value of a GQ shaping. # Configure user-group-queue

After the preceding configuration, you can run the display user-group-queue configuration verbose command to view the configuration of the GQ and the referential relations.
<Quidway> display user-group-queue configuration verbose test user-group-queue-name : test slot : 3 [current configuration] inbound shaping-value <kbps> : 500000 pbs-value <byte> : 524288 outbound shaping-value <kbps> : NA pbs-value <byte> : NA [reference relationship] NULL
5.
Configure the master interface to enable the user termination mode. # Configure the user termination mode.
[Quidway] interface gigabitethernet 1/0/0 [Quidway-GigabitEthernet1/0/0] undo shutdown [Quidway-GigabitEthernet1/0/0] mode user-termination [Quidway-GigabitEthernet1/0/0] quit
6.
Create QinQ termination sub-interfaces and configure QinQ termination.

[Quidway] interface gigabitethernet 1/0/0.1 [Quidway-GigabitEthernet1/0/0.1] control-vid 1 qinq-termination [Quidway-GigabitEthernet1/0/0.1] qinq termination pe-vid 100 ce-vid 600 vlangroup 1 [Quidway] interface gigabitethernet 1/0/0.2 [Quidway-GigabitEthernet1/0/0.2] control-vid 2 qinq-termination [Quidway-GigabitEthernet1/0/0.2] qinq termination pe-vid 100 ce-vid 700 vlangroup 1
7.
Create a VLAN group and configure SQs of the VLAN group.

<Quidway> system view [Quidway] interface gigabitethernet 1/0/0.1 [Quidway-GigabitEthernet1/0/0.1] trust upstream default [Quidway-GigabitEthernet1/0/0.1] ip address 100.1.1.1 24 [Quidway-GigabitEthernet1/0/0.1] vlan-group 1 [Quidway-GigabitEthernet1/0/0.1-vlangroup1] user-queue cir 100000 pir 100000 flow-queue test1 flow-mapping test1 user-group-queue test inbound [Quidway-GigabitEthernet1/0/0.1-vlangroup1] quit
Issue 03 (2008-09-22)
9-67

[Quidway-GigabitEthernet1/0/0.1] quit [Quidway] interface gigabitethernet 1/0/0.2 [Quidway-GigabitEthernet1/0/0.2] trust upstream default [Quidway-GigabitEthernet1/0/0.2] ip address 200.1.1.1 24 [Quidway-GigabitEthernet1/0/0.2] vlan-group 1 [Quidway-GigabitEthernet1/0/0.2-vlangroup1] user-queue cir 200000 flow-queue test2 flow-mapping test1 user-group-queue test inbound [Quidway-GigabitEthernet1/0/0.1-vlangroup1] quit [Quidway-GigabitEthernet1/0/0.1] return
pir 200000
8.
Verify the configuration. When packets are available in the network, you can find that packets of User1's AF1 and EF flows and User2's EF flow are forwarded at the guaranteed bandwidth. Running the display port-queue statistics command on the downstream GE 2/0/0 of router, you can see that the packets of the CS7 flow increases rapidly.
<Quidway> display port-queue statistics interface gigabitethernet 2/0/0 ef outbound [ef] Total pass: 104,762,039 packets, 10,251,481,862 bytes Total discard: 0 packets, 0 bytes --Drop tail discard: 0 packets, 0 bytes --Wred discard: 0 pps, 0 bps Last 30 seconds pass rate: 0 pps, 0 bps Last 30 seconds discard rate: 0 pps, 0 bps --Drop tail discard rate: 0 pps, 0 bps --Wred discard rate: 0 pps, 0 bps
Configuration File
Configuration file of router:
# sysname Quidway # flow-wred test color green low-limit 70 high-limit 100 discard-percentage 100 color yellow low-limit 60 high-limit 90 discard-percentage 100 color red low-limit 50 high-limit 80 discard-percentage 100 flow-mapping test1 map flow-queue af1 to port-queue ef # flow-queue test1 queue af1 lpq shaping 10000 flow-wred test queue ef pq shaping 30000 flow-wred test # flow-queue test2 queue ef pq shaping 25000 flow-wred test # user-group-queue test shaping 500000 inbound # interface GigabitEthernet1/0/0 undo shutdown mode user-termination # interface GigabitEthernet1/0/0.1 trust upstream default ip address 100.1.1.1 255.255.255.0 control-vid 1 qinq-termination
9-68
Issue 03 (2008-09-22)
vlan-group 1 user-queue cir 100000 pir 100000 flow-queue test1 flow-mapping test1 user-groupqueue test inbound qinq termination pe-vid 100 ce-vid 600 vlan-group 1 # interface GigabitEthernet1/0/0.2 trust upstream default ip address 200.1.2.1 255.255.255.0 control-vid 2 qinq-termination vlan-group 1 user-queue cir 200000 pir 200000 flow-queue test2 flow-mapping test1 user-groupqueue test inbound qinq termination pe-vid 100 ce-vid 700 vlan-group # interface GigabitEthernet2/0/0 undo shutdown ip address 200.1.1.1 255.255.255.0 # osfp 10 area 0.0.0.0 network 200.1.1.0 0.0.0.255 network 200.1.2.0 0.0.0.255 network 100.1.1.0 0.0.0.255 # return
9.9.3 Example for Configuring HQoS on an E3 or T3 Interface

As shown in Figure 9-10, E3 links are set up between the three routers. IP packets are forwarded with IPv4 between Router A, Router B, and Router C. Packets from Router B go to Router A and Router B through the serial interface channelized from the E3 interface. Guaranteed bandwidth for the packets forwarded by Router B is configured. In addition, the packets sent from Router B must meet the following requirements:
l
The traffic rate of the packets that are sent from Serial 1/1/0/0:0 of Router B is 2 Mbit/s and the scheduling mode is CBPQ. When the actual traffic goes at a rate higher than 2 Mbit/ s, the subsequent excessive packets are discarded. The receiving rate of the AF1 flow is 1 Mbit/s. When the actual traffic goes at a rate higher than the set rate, the subsequent excessive packets are discarded. The traffic rate of the packets that are sent from Serial 2/1/0/0:0 of Router B is 2 Mbit/s and the scheduling mode is CBFQ. When the actual traffic goes at a rate higher than the 2 Mbit/s, the subsequent excessive packets are discarded. The receiving rate of the EF flow is 1 Mbit/s. When the actual traffic rate is greater than 1 Mbit/s but less than 2 Mbit/s, the subsequent excessive packets are sent in a lower priority.
Issue 03 (2008-09-22)
9-69
Figure 9-10 Networking diagram for configuring HQoS on E3 interfaces
NOTE
This example assumes that the serial interfaces have been configured correctly and traffic can be forwarded with IPv4 between Router A and Router B. The configuration of HQoS on a T3 interface is the same as that on an E3 interface.
The configuration roadmap is as follows: 1. 2. Enabling the simple traffic classification on incoming packets. Configuring HQoS on the serial interface channelized from the E3 interface of Router B.
Data Preparation
l
HQoS total bandwidth (2 Mbit/s) and scheduling mode on Serial 1/1/0/0:0 (CBPQ) and on Serial 2/1/0/0:0 (CBFQ) of Router B HQoS bandwidth for AF1 flows (1 Mbit/s) on Serial 1/1/0/0:0 of Router B HQoS bandwidth for EF flows (1 Mbit/s) on Serial 2/1/0/0:0 of Router B
l l
1. 2. Configure IP addresses and routes on the interfaces as shown in the figure (not mentioned here). Enable the simple traffic classification on incoming packets.
<RouterB> system-view [RouterB] interface pos3/0/0 [RouterBPos3/0/0] undo shutdown [RouterBPos3/0/0] trust upstream default [RouterBPos3/0/0] return
3.
Configure HQoS. # Configure Serial 1/1/0/0:0 of Router B.

<RouterB> system-view [RouterB] controller e3 1/0/0 [RouterB-E3 1/0/0] using e3 [RouterB-E3 1/0/0] undo shutdown [RouterB-E3 1/0/0] quit [RouterB] interface serial1/1/0/0:0
9-70
Issue 03 (2008-09-22)

[RouterB-Serial1/1/0/0:0] undo shutdown [RouterB-Serial1/1/0/0:0] hqos policy cbpq bandwidth 2m [RouterB-Serial1/1/0/0:0] hqos queue af1 cir 1m drop
# Configure Serial 2/1/0/0:0 of Router B.

<RouterB> system-view [RouterB] controller e3 2/0/0 [RouterB-E3 2/0/0] using e3 [RouterB-E3 1/0/0] undo shutdown [RouterB-E3 1/0/0] quit [RouterB] interface serial2/1/0/0:0 [RouterB-Serial2/1/0/0:0] undo shutdown [RouterB-Serial2/1/0/0:0] hqos policy cbfq bandwidth 2m [RouterB-Serial2/1/0/0:0] hqos queue ef cir 1m remark
4.
Verify the configuration. When Serial 1/1/0/0:0 and Serial 2/1/0/0:0 of Router B forwards traffic, use the display hqos queue statistics command to check the traffic statistics on the interface.
<RouterB> display hqos queue statistics Serial 1/1/0/0:0 af1 Serial1/1/0/0:0 statistics: Forward bits : 18235840 ( bits ) Forward packets : 23260 ( packets ) Remark bits : 0 ( bits ) Remark packets : 0 ( packets ) Drop bits : 1411460288 ( bits ) Drop packets : 1800331 ( packets ) Forward bits rate : 0 ( bits/sec ) Forward packet rate : 0 ( packets/sec ) <RouterB> display hqos queue statistics Serial 2/1/0/0:0 ef Serial 2/1/0/0:0 statistics: Forward bits : 2050664048 bits Forward packets : 2619677 packets Remark bits : 9112926 bits Remark packets : 11632 packets Drop bits : 82011854896 bits Drop packets : 104762039 packet Forward bits rate : 0 bits/sec Forward packet rate : 0 packet/sec
Configuration Files
l

# sysname RouterA # controller e3 1/0/0 using e3 undo shutdown # interface Serial 1/1/0/0:0 undo shutdown ip address 192.168.0.1 255.255.255.0 # ospf 1 area 0.0.0.0 network 192.168.0.0 0.0.0.255 # return

# sysname RouterB # controller e3 1/0/0 using e3 undo shutdown #
Issue 03 (2008-09-22)
9-71
controller e3 2/0/0 using e3 undo shutdown # interface Serial 1/1/0/0:0 undo shutdown ip address 192.168.0.2 255.255.255.0 hqos policy cbpq bandwidth 2M hqos queue af1 cir 1m drop # interface Serial 2/1/0/0:0 undo shutdown ip address 10.1.1.2 255.255.255.0 hqos policy cbfq bandwidth 2M hqos queue ef cir 1m remark # interface Pos3/0/0 undo shutdown link-protocol ppp ip address 100.1.1.1 255.255.255.0 trust upstream default # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 192.168.0.0 0.0.0.255 network 100.1.1.0 0.0.0.255 # return l

# sysname RouterC # interface Serial 2/1/0/0:0 undo shutdown ip address 10.1.1.1 255.255.255.0 # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 # Return
9.9.4 Example for Configuring HQoS on a CPOS Interface

As shown in Figure 9-11, an E1 link is established between Router A and Router B. IPv4 is applied to Router A and Router B. Packets coming from Router A go through MP-Group 5/0/1, which is channelized from the CPOS, and Serial 5/0/0/1:0, and then reach Router B. MP-Group 5/0/1 consists of five serial interfaces channelized from CPOS 5/0/1. Packets of the two user groups flow out of MP-Group 5/0/1 and Serial 5/0/0/1:0. You are required to provide ensured bandwidth for packets leaving Router A. The configuration data is as follows:
l
The total bandwidth for MP-Group 5/0/1 on Router A is 10 Mbit/s. The scheduling algorithm is CBFQ. If the traffic rate is greater than 10 Mbit/s, the subsequent packets are dropped. The incoming traffic rate of the AF1 flow is 2 Mbit/s. If the traffic rate exceeds the limit, the subsequent excessive packets are remarked and then forwarded through an idle interface. The incoming traffic rate of the AF2 flow is limited to 3 Mbit/s. If the traffic rate exceeds the limit, the subsequent excessive packets are dropped.
9-72

l
The total bandwidth of Serial 5/0/0/1:0 on Router A is 2 Mbit/s and the scheduling algorithm is CBFQ. If the actual traffic goes at a rate higher than 2 Mbit/s, the excessive packets are dropped. The incoming rate of the EF flow is 2 Mbit/s. If the actual traffic goes at a rate higher than the set rate, the excessive packets are dropped.
Figure 9-11 Networking diagram for configuring HQoS on a CPOS interface
NOTE
This configuration example assumes that the MP-Group interface of the two routers has been configured. IPv4 packets can be forwarded between Router A and Router B. In this configuration example, packets are sent from WAN1 to the GE interface on Router A and then are forwarded out from the CPOS interface on Router A. After receiving the packets, the CPOS interface on Router B forwards them to WAN2.
The configuration roadmap is as follows: 1. 2. 3. Enabling simple traffic classification (STC) for incoming packets Configuring HQoS on the serial interface channelized from the CPOS interface of Router A Configuring HQoS on the MP-Group interface created on the basis of the CPOS on Router A
Data Preparation
l
Total bandwidth (10 Mbit/s) and scheduling mode on MP-Group 5/0/1 (CBFQ) of Router A . HQoS bandwidth for AF1 flows (2 Mbit/s) and for AF2 flows (3Mbps). Total bandwidth (2 Mbit/s) and scheduling mode on Serial 5/0/0/1:0 (CBFQ) of Router A . HQoS bandwidth for EF flows (2 Mbps).
1. Configure IP addresses of the interfaces and routes according to the networking diagram. (To be omitted.)
Issue 03 (2008-09-22)
2.
Enable STC on incoming packets.

<RouterA> system-view [RouterA] interface gigabitethernet 1/0/0 [RouterAGigabitEthernet1/0/0] undo shutdown [RouterAGigabitEthernet1/0/0] trust upstream default [RouterAGigabitEthernet1/0/0] return
3.
Configure HQoS. # Configure MP-Group 5/0/1 on Router A.

<RouterA> system-view [RouterA] interface mp-group 5/0/1 [RouterA-Mp-group5/0/1] undo shutdown [RouterA-Mp-group5/0/1] hqos policy cbfq bandwidth 10000k [RouterA-Mp-group5/0/1] hqos queue af1 cir 2000k remark [RouterA-Mp-group5/0/1] hqos queue af2 cir 3000k drop [RouterA-Mp-group5/0/1] return
# Configure Serial 5/0/0/1:0 on Router A.

<RouterA> system-view [RouterA] interface serial 5/0/0/1:0 [RouterA-Serial5/0/0/1:0] undo shutdown [RouterA-Serial5/0/0/1:0] hqos policy cbfq bandwidth 2000k [RouterA-Serial5/0/0/1:0] hqos queue ef cir 1000k remark [RouterA-Serial5/0/0/1:0] return
4.
Verify the configuration. After the preceding configuration, run the display hqos queue statistics command to view the traffic statistics on the interface when packets are flowing through MP-Group 5/0/1 and Serial 5/0/0/1:0 of Router A.
<RouterA> display hqos queue statistics mp-group 5/0/1 af1 Mp-group5/0/1 statistics: Forward bits : 219216688 ( bits ) Forward packets : 27457 ( packets ) Remark bits : 196462288 ( bits ) Remark packets : 24607 ( packets ) Drop bits : 207615936 ( bits ) Drop packets : 26004 ( packets ) <RouterA> display hqos queue statistics serial 5/0/0/1:0 ef Serial5/0/0/1:0 statistics: Forward bits : 2050664048 bits Forward packets : 2619677 packet Remark bits : 9112926 bits Remark packets : 11632 packet Drop bits : 82011854896 bits Drop packets : 104762039 packet
Configuration Files
l

# sysname RouterA # isis 10 network-entity 00.0080.0012.0000.00 # isis 11 network-entity 00.0080.0012.0000.00 # controller Cpos5/0/1 e1 1 unframed e1 2 unframed e1 3 unframed e1 4 unframed e1 5 unframed
9-74
Issue 03 (2008-09-22)

# controller Cpos5/0/0 e1 1 unframed # interface Mp-group5/0/1 undo shutdown shutdown ip address 10.10.10.1 255.255.255.0 isis enable 10 hqos policy cbfq bandwidth 1000k hqos queue af1 cir 200k remark hqos queue af2 cir 300k drop # interface Serial5/0/1/1:0 undo shutdown link-protocol ppp ppp mp Mp-group 5/0/1 # interface Serial5/0/1/2:0 undo shutdown link-protocol ppp ppp mp Mp-group 5/0/1 # interface Serial5/0/1/3:0 undo shutdown link-protocol ppp ppp mp Mp-group 5/0/1 # interface Serial5/0/1/4:0 undo shutdown link-protocol ppp ppp mp Mp-group 5/0/1 # interface Serial5/0/1/5:0 undo shutdown link-protocol ppp ppp mp Mp-group 5/0/1 # interface Serial5/0/0/1:0 undo shutdown ip address 11.11.11.1 255.255.255.0 link-protocol ppp hqos policy cbfq bandwidth 200k hqos queue ef cir 100k remark isis enable 11 # interface GigabitEthernet1/0/0 undo shutdown # interface GigabitEthernet1/0/0.1 vlan-type dot1q 10 ip address 21.21.21.1 255.255.255.0 isis enable 10 trust upstream default # interface GigabitEthernet1/0/0.2 vlan-type dot1q 20 ip address 22.22.22.1 255.255.255.0 isis enable 11 trust upstream default # return l

# sysname RouterB # isis 10 network-entity 00.0080.0013.0000.00 #
Issue 03 (2008-09-22)
9-75
isis 11 network-entity 00.0080.0013.0000.00 # controller Cpos6/0/1 e1 1 unframed e1 2 unframed e1 3 unframed e1 4 unframed e1 5 unframed # controller Cpos6/0/0 e1 1 unframed # interface Mp-group6/0/1 undo shutdown shutdown ip address 10.10.10.2 255.255.255.0 isis enable 10 # interface Serial6/0/1/1:0 undo shutdown link-protocol ppp ppp mp Mp-group 6/0/1 # interface Serial6/0/1/2:0 undo shutdown link-protocol ppp ppp mp Mp-group 6/0/1 # interface Serial6/0/1/3:0 undo shutdown link-protocol ppp ppp mp Mp-group 6/0/1 # interface Serial6/0/1/4:0 undo shutdown link-protocol ppp ppp mp Mp-group 6/0/1 # interface Serial6/0/1/5:0 undo shutdown link-protocol ppp ppp mp Mp-group 6/0/1 # interface Serial6/0/0/1:0 undo shutdown ip address 11.11.11.2 255.255.255.0 link-protocol ppp isis enable 11 # interface GigabitEthernet1/0/0 undo shutdown ip address 30.30.30.1 255.255.255.0 # return
9.9.5 Example for Configuring HQoS Based on the PBB-TE Tunnel

Two tunnels named t1 and t2 are established between Router A and Router B. Service instances si1 to si6 are created on the two routers. The service packets of CE1 are data, video, and voice packets from the users of the company network. These service packets are mapped to the service instances named si1, si2, and si3 in Port+VLAN mode. These service instances are bound to the PBB-TE tunnel named t1. The
service packets of CE2 are data, video, and voice packets of the users of the residential area. These service packets are mapped to the service instances named si4, si5, and si6 in Port+VLAN mode. These service instances are bound to the PBB-TE tunnel named t2. In the two LANs, the priority of voice packets is 5 (EF); the priority of video packets is 3 (AF3); and the priority of data packets is 1 (AF1). On Router A, a bandwidth of 100 Mbit/s is reserved for PBB-TE-based services. Users of the company network are provided with a CIR of 60 Mbit/s and a PIR of 100 Mbit/s. Users of the residential area are provided with a CIR of 40 Mbit/s and a PIR of 100 Mbit/s. Different services of the same user are scheduled according to the priorities carried by the service packets. Figure 9-12 Networking diagram for configuring PBB-TE-based HQoS
The configuration roadmap is as follows: 1. 2. 3. 4. 5.
Issue 03 (2008-09-22)
Configure a PBB-TE tunnel. Configure GigabitEthernet 1/0/0 and GigabitEthernet 1/0/1 of Router A to trust the priorities of the VLAN packets from the upstream device. Configure a reserved bandwidth for PBB-TE services on GigabitEthernet 2/0/0 of Router A. Configure FQ scheduling policies on Router A for different service packets from the users of the company network and the users of the residential area. Configure SQ scheduling algorithms on Router A for PBB-TE tunnels.
Data Preparation
l l l
Bandwidth reserved for PBB-TE services Scheduling algorithms for packets of different priorities Scheduling parameters of different SQs
1. Configure a PBB-TE tunnel. For the configuration details, refer to the Quidway NetEngine80E/40E Quidway NetEngine80E/40E Configuration Guide - LAN and MAN Access. 2. On Router A, configure the interfaces to trust the priorities of packets from the upstream. # Configure GigabitEthernet 1/0/0 on Router A to trust the priorities of the packets coming from the users of the company network.
<RouterA> system-view [RouterA] interface gigabitethernet 1/0/0 [RouterA-GigabitEthernet1/0/0] undo shutdown [RouterA-GigabitEthernet1/0/0] portswitch [RouterA-GigabitEthernet1/0/0] trust upstream default vlan 100 110 120 [RouterA-GigabitEthernet1/0/0] trust 8021p vlan 100 110 120 [RouterA-GigabitEthernet1/0/0] quit
# Configure GigabitEthernet 1/0/1 on Router A to trust the priorities of the packets coming from the users of the residential area.
[RouterA] interface gigabitethernet 1/0/1 [RouterA-GigabitEthernet1/0/1] undo shutdown [RouterA-GigabitEthernet1/0/1] portswitch [RouterA-GigabitEthernet1/0/1] trust upstream default vlan 200 210 220 [RouterA-GigabitEthernet1/0/1] trust 8021p vlan 200 210 220 [RouterA-GigabitEthernet1/0/1] quit
3.
Configure a reserved bandwidth for PBB-TE services. # Configure a reserved bandwidth for PBB-TE services on GigabitEthernet 2/0/0 of Router A.
[RouterA] interface gigabitethernet 2/0/0 [RouterA-GigabitEthernet2/0/0] undo shutdown [RouterA-GigabitEthernet2/0/0] portswitch [RouterA-GigabitEthernet2/0/0] mac-tunnel reserved-bandwidth cir 100000 [RouterA-GigabitEthernet2/0/0] quit
4.
Configure scheduling algorithms for different services. # Define an FQ template named "fq." Configure the PQ scheduling algorithm for voice services from users of the company network and the residential area. Configure the WFQ scheduling algorithm for video services with the scheduling priority of 30 and for data services with the scheduling priority of 20.
[RouterA] flow-queue fq [RouterA-flow-queue-template-fq] [RouterA-flow-queue-template-fq] [RouterA-flow-queue-template-fq] [RouterA-flow-queue-template-fq] queue ef pq queue af3 wfq weight 30 queue af1 wfq weight 20 quit
5.
Configure scheduling parameters on Router A for SQs. # Configure scheduling parameters for SQs of users of the company in the view of the PBBTE tunnel named t1: The CIR is 60 Mbit/s; the PIR is 100 Mbit/s. Then apply the FQ template named "fq" to the interface.
[RouterA] mac-tunnel tunnel-name t1
9-78
Issue 03 (2008-09-22)
[RouterA-mac-tunnel-t1] user-queue cir 60000 pir 100000 flow-queue fq outbound [RouterA-mac-tunnel-t1] quit
# Configure scheduling parameters for SQs of the users of the residential area in the view of the PBB-TE tunnel named t2: The CIR is 40 Mbit/s; the PIR is 100 Mbit/s. Then apply the FQ template named "fq" to the interface.
[RouterA] mac-tunnel tunnel-name t2 [RouterA-mac-tunnel-t2] user-queue cir 40000 pir 100000 flow-queue fq outbound [RouterA-mac-tunnel-t2] quit
6.
Verify the configuration. # Run the display user-queue configuration interface mac-tunnel command to check the HQoS configuration on the PBB-TE tunnels.
[RouterA] display user-queue configuration interface mac-tunnel t1 MacTunnelName: t1 CirValue<kbps>: 60000 PirValue<kbps>: 100000 FlowQueue: fq FlowMapping: Default GroupQueue: NA Network-Header-Length: Default [RouterA] display user-queue configuration interface mac-tunnel t2 MacTunnelName: t2 CirValue<kbps>: 40000 PirValue<kbps>: 100000 FlowQueue: fq FlowMapping: Default GroupQueue: NA Network-Header-Length: Default
Configuration Files
l

# sysname RouterA # vlan batch 1 2 100 110 120 200 210 220 # virtual-mac 0003-0003-0003 # mac-tunnel vlan-pool 1 2 # interface GigabitEthernet2/0/0 undo shutdown portswitch port trunk allow-pass vlan 1 2 mac-tunnel reserved-bandwidth cir 100000 # interface GigabitEthernet1/0/0 undo shutdown portswitch trust upstream default vlan 100 110 120 trust 8021p vlan 100 110 120 # interface GigabitEthernet1/0/1 undo shutdown portswitch trust upstream default vlan 200 210 220 trust 8021p vlan 200 210 220 # mac-tunnel tunnel-name t1 destination-mac 0002-0002-0002 vlan 1 tunnel-interface GigabitEthernet2/0/0 user-queue cir 60000 pir 100000 flow-queue fq outbound undo shutdown #
Issue 03 (2008-09-22)
9-79

mac-tunnel tunnel-name t2 destination-mac 0002-0002-0002 vlan 2 tunnel-interface GigabitEthernet2/0/1 user-queue cir 40000 pir 100000 flow-queue fq outbound undo shutdown # service-instance si1 service-id 1 priority trust-8021p mapping-type s-tagged one-to-one mac-tunnel t1 mapping interface GigabitEthernet1/0/0 vlan 100 undo shutdown # service-instance si2 service-id 2 priority trust-8021p mapping-type s-tagged one-to-one mac-tunnel t1 mapping interface GigabitEthernet1/0/0 vlan 110 undo shutdown # service-instance si3 service-id 3 priority trust-8021p mapping-type s-tagged one-to-one mac-tunnel t1 mapping interface GigabitEthernet1/0/0 vlan 120 undo shutdown # service-instance si4 service-id 4 priority trust-8021p mapping-type s-tagged one-to-one mac-tunnel t2 mapping interface GigabitEthernet1/0/1 vlan 200 undo shutdown # service-instance si5 service-id 5 priority trust-8021p mapping-type s-tagged one-to-one mac-tunnel t2 mapping interface GigabitEthernet1/0/1 vlan 210 undo shutdown # service-instance si6 service-id 6 priority trust-8021p mapping-type s-tagged one-to-one mac-tunnel t2 mapping interface GigabitEthernet1/0/1 vlan 220 undo shutdown # return

# sysname RouterB # vlan batch 1 2 100 110 120 200 210 220 # virtual-mac 0002-0002-0002 # mac-tunnel vlan-pool 1 2 # interface GigabitEthernet3/0/0 undo shutdown portswitch
9-80
Issue 03 (2008-09-22)

port trunk allow-pass vlan 1 2 # interface GigabitEthernet4/0/0 undo shutdown portswitch port trunk allow-pass vlan 100 110 120 # mac-tunnel tunnel-name t1 destination-mac 0003-0003-0003 vlan 1 tunnel-interface GigabitEthernet3/0/0 undo shutdown # mac-tunnel tunnel-name t2 destination-mac 0003-0003-0003 vlan 2 tunnel-interface GigabitEthernet3/0/0 undo shutdown # service-instance si1 service-id 1 priority trust-8021p mapping-type s-tagged one-to-one mac-tunnel t1 mapping interface GigabitEthernet4/0/0 undo shutdown # service-instance si2 service-id 2 priority trust-8021p mapping-type s-tagged one-to-one mac-tunnel t1 mapping interface GigabitEthernet4/0/0 undo shutdown # service-instance si3 service-id 3 priority trust-8021p mapping-type s-tagged one-to-one mac-tunnel t1 mapping interface GigabitEthernet4/0/0 undo shutdown # service-instance si4 service-id 4 priority trust-8021p mapping-type s-tagged one-to-one mac-tunnel t2 mapping interface GigabitEthernet4/0/0 undo shutdown # service-instance si5 service-id 5 priority trust-8021p mapping-type s-tagged one-to-one mac-tunnel t2 mapping interface GigabitEthernet4/0/0 undo shutdown # service-instance si6 service-id 6 priority trust-8021p mapping-type s-tagged one-to-one mac-tunnel t2 mapping interface GigabitEthernet4/0/0 undo shutdown # return
200 210 220
vlan 100
vlan 110
vlan 120
vlan 200
vlan 210
vlan 220
Issue 03 (2008-09-22)
9-81
9.9.6 Example for Configuring Class-based HQoS

As shown in Figure 9-13, packets of multiple VLANs are converged on the converging switch. GE 1/0/1 admits packets of VLANs 1 to 1000. Configure the sub-interface for dot1q termination and class-based HQoS on GE 1/0/0.1. Packets are identified according to their source IP addresses. Totally 10 users are available; the Committed Information Rate (CIR) of each user is 10 Mbit/s and the Peak Information Rate (PIR), 100 Mbit/s. The 10 users share the total bandwidth of 100 Mbit/s.
NOTE
The following example is about the configuration of the NE40E only.
Figure 9-13 Networking diagram for configuring class-based HQoS
The configuration roadmap is as follows: 1. 2. 3. 4. 5. 6. 7. 8. 9. Configure Dot1q termination sub-interfaces on GE 1/0/0.1 of the router. Configure traffic classifiers. Configure packet drop parameters for flow-wred objects. Configure scheduling algorithms and parameters for FQs. Configure CoS mappings between FQs and CQs. Configure shaping values for GQs. Configure SQs in traffic behaviors. Configure traffic policies and apply them to GE 1/0/0.1. Configure packet drop parameters for port-wred objects.
10. Configure CQs on downstream GE 2/0/0 of the router.
Data Preparation
l l
IP addresses of the 10 users: from 10.110.1.0/24 to 10.110.10.0/24 Control VLAN ID of the Dot1q termination sub-interface
9-82

l l l l l l l
Flow-wred drop parameters Algorithms of flow-queue scheduling and related parameters Flow-mapping of CoS Shaping values of user-group-queue Values of user-queue CIR, and PIR. CIR and PIR of each user: 10 Mbit/s and 100 Mbit/s Port-wred parameters used in port-queue Algorithms of port-queue scheduling and related parameters, and shaping values
1. Configure the sub-interface for dot1q termination.
<Quidway> system-view [Quidway] interface gigabitethernet 1/0/0 [Quidway-GigabitEthernet1/0/0] undo shutdown [Quidway-GigabitEthernet1/0/0] mode user-termination [Quidway-GigabitEthernet1/0/0] quit [Quidway] interface gigabitethernet 1/0/0.1 [Quidway-GigabitEthernet1/0/0.1] control-vid 1 dot1q-termination [Quidway-GigabitEthernet1/0/0.1] dot1q termination vid 1 to 1000 [Quidway-GigabitEthernet1/0/0.1] ip address 100.1.1.1 24 [Quidway-GigabitEthernet1/0/0.1] trust upstream defaut [Quidway-GigabitEthernet1/0/0.1] trust 8021p [Quidway-GigabitEthernet1/0/0.1] quit
2.
Configure classifiers to identify the 10 users to be applied with class-based HQoS. # Configure the classifier c1.
[Quidway] acl 3000 [Quidway-acl-adv-3000] rule permit ip source 10.110.1.0 0.0.0.255 [Quidway-acl-adv-3000] quit [Quidway] traffic classifier c1 [Quidway-classifier-c1] if-match acl 3000 [Quidway-classifier-c1] quit
# Configure the classifier c2.

[Quidway] acl 3001 [Quidway-acl-adv-3001] rule permit ip source 10.110.2.0 0.0.0.255 [Quidway-acl-adv-3001] quit [Quidway] traffic classifier c2 [Quidway-classifier-c2] if-match acl 3001 [Quidway-classifier-c2] quit
The configurations of the classifiers c3 to c10 are similar to that of c1, and therefore, are not mentioned. 3. Configure a flow-wred object.
[Quidway] flow-wred test [Quidway-flow-wred-test] percentage 100 [Quidway-flow-wred-test] percentage 100 [Quidway-flow-wred-test] percentage 100 [Quidway-flow-wred-test] color green low-limit 70 high-limit 100 discardcolor yellow low-limit 60 high-limit 90 discardcolor red low-limit 50 high-limit 80 discardquit
4.
Configure scheduling algorithms and parameters for FQs.

[Quidway] flow-queue test [Quidway-flow-queue-template-test] queue af1 lpq flow-wred test shaping 1000 [Quidway-flow-queue-template-test] queue ef pq flow-wred test shaping 3000 [Quidway-flow-queue-template-test] quit
5.
Configure CoS mappings from FQs to CQs.

[Quidway] flow-mapping test
Issue 03 (2008-09-22)
9-83

[Quidway-flow-mapping-test] map flow-queue af1 to port-queue ef [Quidway-flow-mapping-test] quit
6.
Configure shaping values for GQs.

[Quidway] user-group-queue test [Quidway-user-group-queue-test-slot-all] shaping 100000 inbound [Quidway-user-group-queue-test-slot-all] quit
7.
Configure traffic behaviors, that is, the SQ scheduling parameters of the 10 users. # Configure the behavior b1.
[Quidway] traffic behavior b1 [Quidway-behavior-b1] user-queue cir 10000 pir 100000 flow-queue test flowmapping test user-group-queue test [Quidway-behavior-b1] quit
# Configure the behavior b2.

[Quidway] traffic behavior b2 [Quidway-behavior-b2] user-queue cir 10000 pir 100000 flow-queue test flowmapping test user-group-queue test [Quidway-behavior-b2] quit
The configurations of the behaviors b3 to b10 are similar to that of b1, and therefore are not mentioned.
NOTE
You need to configure traffic behaviors one by one for the 10 users even though the HQoS scheduling parameters of the 10 users are the same. Otherwise, the system considers that all packets that match any of the 10 traffic classifiers correspond to one user, by default.
8.
Configure a traffic policy and apply it to GE 1/0/0.1.

[Quidway] traffic policy p [Quidway-trafficpolicy-p] share-mode [Quidway-trafficpolicy-p] classifier c1 behavior b1 [Quidway-trafficpolicy-p] classifier c2 behavior b2 [Quidway-trafficpolicy-p] classifier c3 behavior b3 [Quidway-trafficpolicy-p] classifier c4 behavior b4 [Quidway-trafficpolicy-p] classifier c5 behavior b5 [Quidway-trafficpolicy-p] classifier c6 behavior b6 [Quidway-trafficpolicy-p] classifier c7 behavior b7 [Quidway-trafficpolicy-p] classifier c8 behavior b8 [Quidway-trafficpolicy-p] classifier c9 behavior b9 [Quidway-trafficpolicy-p] classifier c10 behavior b10 [Quidway-trafficpolicy-p] quit [Quidway] interface gigabitethernet 1/0/0.1 [Quidway-GigabitEthernet1/0/0.1] traffic-policy P inbound [Quidway-GigabitEthernet1/0/0.1] quit
9.
Configure CQs. # Configure a port-wred object.

[Quidway] port-wred test [Quidway-port-wred-test] percentage 100 [Quidway-port-wred-test] percentage 100 [Quidway-port-wred-test] percentage 100 [Quidway-port-wred-test] color green low-limit 70 high-limit 100 discardcolor yellow low-limit 60 high-limit 90 discardcolor red low-limit 50 high-limit 80 discardquit
# Configure the scheduling algorithms, WRED parameters, and shaping values for CQs.
[Quidway] interface gigabitethernet 2/0/0 [Quidway-GigabitEthernet2/0/0] undo shutdown [Quidway-GigabitEthernet2/0/0] port-queue ef pq shaping 100 port-wred test outbound [Quidway-GigabitEthernet2/0/0] return
10. Verify the configuration.

Run the display traffic classifier user-defined classifier-name command. You can view the configuration of a classifier.
<Quidway> display traffic classifier user-defined c1 User Defined Classifier Information: Classifier: c1 Operator: OR Rule(s) : if-match acl 3000
Run the display traffic behavior user-defined behavior-name command. You can view the configuration of a traffic behavior.
<Quidway> display traffic behavior user-defined b1 User Defined Behavior Information: Behavior: b1 User-queue: user-queue cir 10000 pir 100000 flow-queue test flow-mapping test network-header-length default user-group-queue test
Run the display user-queue statistics traffic behavior behavior-name inbound command. You can view the statistics of an SQ. The following are the statistics of the traffic behavior b1.
<Quidway> display user-queue statistics traffic behavior b1 inbound Traffic behavior b1 inbound traffic statistics: [slot 1] be: Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes af1: Pass: 193385 packets, 18951730 bytes Discard: 3876689 packets, 399298967 bytes af2: Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes af3: Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes af4: Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes ef: Pass: 581216 packets, 56959168 bytes Discard: 3490089 packets, 359479167 bytes cs6: Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes cs7: Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes total: Pass: 774601 packets, 75910898 bytes Discard: 7366778 packets, 758778134 bytes [slot all] be: Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes af1: Pass: 193385 packets, 18951730 bytes Discard: 3876689 packets, 399298967 bytes af2: Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes af3: Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes af4: Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes ef: Pass: 581216 packets, 56959168 bytes
Issue 03 (2008-09-22)
9-85
Discard: cs6: Pass: Discard: cs7: Pass: Discard: total: Pass: Discard: 3490089 packets, 0 packets, 0 packets, 0 packets, 0 packets, 774601 packets, 7366778 packets,

359479167 bytes 0 bytes 0 bytes 0 bytes 0 bytes 75910898 bytes 758778134 bytes
Run the display port-queue statistics command on GE 2/0/0. You can view the port-queue statistics. Because the CoS AF1 is mapped to EF, no packets with the CoS AF1 are in the CQ on the interface; meanwhile, the number of EF packets increases greatly.
<Quidway> display port-queue statistics interface gigabitethernet 2/0/0 outbound GigabitEthernet2/0/2 outbound traffic statistics: [be] Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes Last 30 seconds pass rate: 0 pps, 0 bps Last 30 seconds discard rate: 0 pps, 0 bps [af1] Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes Last 30 seconds pass rate: 0 pps, 0 bps Last 30 seconds discard rate: 0 pps, 0 bps [af2] Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes Last 30 seconds pass rate: 0 pps, 0 bps Last 30 seconds discard rate: 0 pps, 0 bps [af3] Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes Last 30 seconds pass rate: 0 pps, 0 bps Last 30 seconds discard rate: 0 pps, 0 bps [af4] Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes Last 30 seconds pass rate: 0 pps, 0 bps Last 30 seconds discard rate: 0 pps, 0 bps [ef] Pass: 60,716,995 packets, 5,707,379,530 bytes Discard: 0 packets, 0 bytes Last 30 seconds pass rate: 99,534 pps, 93,561,596 bps Last 30 seconds discard rate: 0 pps, 0 bps [cs6] Pass: 257 packets, 18,504 bytes Discard: 0 packets, 0 bytes Last 30 seconds pass rate: 0 pps, 0 bps Last 30 seconds discard rate: 0 pps, 0 bps [cs7] Pass: 0 packets, 0 bytes Discard: 0 packets, 0 bytes
9-86
Issue 03 (2008-09-22)

Last 30 seconds pass rate: 0 pps, Last 30 seconds discard rate: 0 pps,
0 bps 0 bps
Configuration Files
# Sysname Quidway # acl number 3000 rule 5 permit ip source 10.110.1.0 0.0.0.255 # acl number 3001 rule 5 permit ip source 10.110.2.0 0.0.0.255 # acl number 3002 rule 5 permit ip source 10.110.3.0 0.0.0.255 # acl number 3003 rule 5 permit ip source 10.110.4.0 0.0.0.255 # acl number 3004 rule 5 permit ip source 10.110.5.0 0.0.0.255 # acl number 3005 rule 5 permit ip source 10.110.6.0 0.0.0.255 # acl number 3006 rule 5 permit ip source 10.110.7.0 0.0.0.255 # acl number 3007 rule 5 permit ip source 10.110.8.0 0.0.0.255 # acl number 3008 rule 5 permit ip source 10.110.9.0 0.0.0.255 # acl number 3009 rule 5 permit ip source 10.110.10.0 0.0.0.255 # port-wred test color green low-limit 70 high-limit 100 discard-percentage 100 color yellow low-limit 60 high-limit 90 discard-percentage 100 color red low-limit 50 high-limit 80 discard-percentage 100 # flow-wred test color green low-limit 70 high-limit 100 discard-percentage 100 color yellow low-limit 60 high-limit 90 discard-percentage 100 color red low-limit 50 high-limit 80 discard-percentage 100 # flow-mapping test1 map flow-queue af1 to port-queue ef # flow-queue test1 queue af1 lpq shaping 1000 flow-wred test queue ef pq shaping 3000 flow-wred test # user-group-queue group shaping 100000 inbound # traffic classifier c1 operator or if-match acl 3000 traffic classifier c2 operator or if-match acl 3001 traffic classifier c3 operator or if-match acl 3002 traffic classifier c4 operator or if-match acl 3003 traffic classifier c5 operator or
Issue 03 (2008-09-22)
9-87
if-match acl 3004 traffic classifier c6 operator or if-match acl 3005 traffic classifier c7 operator or if-match acl 3006 traffic classifier c8 operator or if-match acl 3007 traffic classifier c9 operator or if-match acl 3008 traffic classifier c10 operator or if-match acl 3009 # traffic behavior b1 user-queue cir 10000 pir 100000 flow-queue test traffic behavior b2 user-queue cir 10000 pir 100000 flow-queue test traffic behavior b3 user-queue cir 10000 pir 100000 flow-queue test traffic behavior b4 user-queue cir 10000 pir 100000 flow-queue test traffic behavior b5 user-queue cir 10000 pir 100000 flow-queue test traffic behavior b6 user-queue cir 10000 pir 100000 flow-queue test traffic behavior b7 user-queue cir 10000 pir 100000 flow-queue test traffic behavior b8 user-queue cir 10000 pir 100000 flow-queue test traffic behavior b9 user-queue cir 10000 pir 100000 flow-queue test traffic behavior b10 user-queue cir 10000 pir 100000 flow-queue test # traffic policy p share-mode classifier c1 behavior b1 classifier c2 behavior b2 classifier c3 behavior b3 classifier c4 behavior b4 classifier c5 behavior b5 classifier c6 behavior b6 classifier c7 behavior b7 classifier c8 behavior b8 classifier c9 behavior b9 classifier c10 behavior b10 # diffserv domain default # interface GigabitEthernet1/0/0 undo shutdown mode user-termination # interface GigabitEthernet1/0/0.1 control-vid 1 dot1q-termination dot1q termination vid 1 to 1000 ip address 100.1.1.1 24 traffic-policy P inbound trust upstream defaut trust 8021p
test flow-mapping test user-group-queue test flow-mapping test user-group-queue test flow-mapping test user-group-queue test flow-mapping test user-group-queue test flow-mapping test user-group-queue test flow-mapping test user-group-queue test flow-mapping test user-group-queue test flow-mapping test user-group-queue test flow-mapping test user-group-queue test flow-mapping test user-group-queue
9-88
Issue 03 (2008-09-22)

# interface GigabitEthernet2/0/0 undo shutdown ip address 200.1.1.1 255.255.255.0 port-queue ef pq shaping 100 port-wred test outbound # Ospf 10 area 0.0.0.0 network 200.1.1.0 0.0.0.255 network 100.1.1.0 0.0.0.255 # return
9.9.7 Example for Configuring Template-based HQoS

As shown in Figure 9-14, users need to access the router through switch. The router functions as the access device of the backbone network. The traffic flows of User1 and User2 access the router through sub-interfaces GE 1/0/0.1, and GE 1/0/0.2 respectively. Uniform scheduling of user traffic needs to be implemented with 100 Mbit/s assured bandwidth. The bandwidth for EF flows should be 20 Mbit/s, and the bandwidth for AF1 flows should be 10 Mbit/s. The rate of broadcast packets, multicast packets, and unknown unicast packets is to be restricted to 2 Mbit/s. The bandwidth for the user group to which the users belong should be 500 Mbit/s. On the downstream interface of the router, the traffic rate of EF flows should not be higher than 120 Mbit/s. Figure 9-14 Networking diagram of template-based HQoS
The configuration roadmap is as follows: 1. 2.
Issue 03 (2008-09-22)
Configure packet drop parameters for flow WRED objects. Configure scheduling algorithms and parameters for the flow queues.
3. 4. 5. 6. 7. 8.
Configure CoS mapping between flow queues and class queues. Configure the shaping value for the user group queues. Configure the length for packet loss compensation of the service template. Configure scheduling parameters and the CIR value of the user queues. Configure packet drop parameters for class WRED objects. Configure class queues on the downstream interface of the access router.
Data Preparation
l l l l l
Packet drop parameters for flow-wred Algorithms of flow-queue scheduling and related parameters Flow-mapping of CoS Shaping value for user group queues The values of CIR, PIR, and network-header-length in the user-queue command in the QoS template Interface to which the QoS template is applied Port-wred parameters that are referenced by port-queue Algorithms, related parameters, and shaping values for port-queue scheduling
l l l
NOTE
Configure simple traffic classification before configuring HQoS. Otherwise, all FQ traffic is treated as BE traffic during the scheduling.
1.
Configure a WRED object referenced by a flow queue. # Configure packet dropping parameters of flow-wred.
<Quidway> system view [Quidway] flow-wred test [Quidway-flow-wred-test] percentage 100 [Quidway-flow-wred-test] percentage 100 [Quidway-flow-wred-test] percentage 100 [Quidway-flow-wred-test] color green low-limit 70 high-limit 100 discardcolor yellow low-limit 60 high-limit 90 discardcolor red low-limit 50 high-limit 80 discardreturn
After the preceding configuration, you can run the display flow-wred configuration verbose command to view the configured parameters of the flow WRED object.
<Quidway> display flow-wred configuration verbose test flow-wred-name : test --------------------------------------------------color low-limit high-limit discard-percent --------------------------------------------------green 70 100 100 yellow 60 90 100 red 50 80 100 Reference relationships : NULL Total number : 1
2.
Configure scheduling algorithms and parameters for flow queues. # Configure the scheduling algorithms, WRED parameters, and shaping values for flow queues.
9-90
Issue 03 (2008-09-22)
<Quidway> system view [Quidway] flow-queue test [Quidway-flow-queue-template-test] queue af1 lpq flow-wred test shaping 10000 [Quidway-flow-queue-template-test] queue ef pq flow-wred test shaping 30000
After the preceding configuration, you can run the display flow-queue configuration verbose command to view the configurations of the flow queue template.
<Quidway> display flow-queue configuration verbose test Codes: Arith(Schedule algorithm) U-Weight(Schedule weight configured by users) I-Weight(Inverse schedule weight used by TM) A-Weight(Actual schedule weight obtained by users) Shp(Shaping value, the percentage of subscriber queue's PIR) Drop-Arith(The name of the WRED object used by the flow queue) Flow Queue Template : test -----------------------------------------------------------------Cos Arith U-Weight I-Weight A-Weight Shp Pct Drop-Arith -----------------------------------------------------------------be wfq 10 3 10.00 Tail Drop af1 lpq 10000 test af2 wfq 10 3 10.00 Tail Drop af3 wfq 15 2 15.00 Tail Drop af4 wfq 15 2 15.00 Tail Drop ef pq 30000 test cs6 pq Tail Drop cs7 pq Tail Drop Reference relationships : NULL
3.
Configure the CoS mapping between flow queues and class queues.
<Quidway> system view [Quidway] flow-mapping test [Quidway-flow-mapping-test] map flow-queue af1 to port-queue ef [Quidway-flow-mapping-test] return
After the preceding configuration, run the display flow-mapping configuration verbose command to view the configured parameters of the flow queue mapping object and the referential relations of the object.
<Quidway> display flow-mapping configuration verbose test flow-mapping-name : test fq-cosvalue to pq-cosvalue be to be af1 to ef af2 to af2 af3 to af3 af4 to af4 ef to ef cs6 to cs6 cs7 to cs7 [reference relationship] NULL
4.
Configure the shaping value for user group queues.

After the preceding configuration, run the display user-group-queue configuration verbose command to view the configurations and the referential relations of the user group queue.
<Quidway> display user-group-queue configuration verbose test user-group-queue-name : test slot : all [current configuration] inbound shaping-value <kbps> : 500000
Issue 03 (2008-09-22)
9-91
pbs-value <byte> : 524288 outbound shaping-value <kbps> : NA pbs-value <byte> : NA [reference relationship] NULL
5.
Configure the length for packet loss compensation of the service template. # Configure service-template and network-header-length.
<Quidway> system view [Quidway] service-template test [Quidway-service-template-test-slot-all] network-header-length 12 inbound [Quidway-service-template-test-slot-all] quit
After the preceding configuration, you can run the display service-template configuration verbose command to view the configurations of the service template, the value of networkheader-length, and the referential relations of the service template.
<Quidway> display service-template configuration verbose [service-template detail information] total number : 1 slot all : 1 service-template-name : test slot : all [current configuration] inbound network-header-length: 12 outbound network-header-length: NA [reference relationship] NULL
6.
Configure scheduling parameters in the QoS template and apply the parameters to interfaces. # Configure scheduling parameters for user-queue and suppression rate of broadcast packets in the QoS template.
<Quidway> system view [Quidway] qos-profile test [Quidway-qos-profile-test] test user-group-queue test [Quidway-qos-profile-test] [Quidway-qos-profile-test] [Quidway-qos-profile-test] user-queue cir 100000 flow-queue test flow-mapping service-template test broadcast-suppression cir 2000 multicast-suppression cir 2000 unknown-unicast-suppression cir 2000
# Apply the QoS template to GE 1/0/0.1, and GE 1/0/0.2.

<Quidway> system-view [Quidway] interface gigabitethernet 1/0/0.1 [Quidway-GigabitEthernet1/0/0.1] vlan-type dot1q 1 [Quidway-GigabitEthernet1/0/0.1] ip address 100.1.1.1 24 [Quidway-GigabitEthernet1/0/0.1] qos-profile test inbound [Quidway-GigabitEthernet1/0/0.1] quit [Quidway] interface gigabitethernet 1/0/0.2 [Quidway-GigabitEthernet1/0/0.2] vlan-type dot1q 2 [Quidway-GigabitEthernet1/0/0.2] ip address 200.1.2.1 24 [Quidway-GigabitEthernet1/0/0.2] qos-profile test inbound [Quidway-GigabitEthernet1/0/0.2] quit
7.
Configure a WRED object referenced by the class queue. # Configure the port-wred packet dropping parameters referenced by the class queue.
<Quidway> system view [Quidway] port-wred test [Quidway-port-wred-test] color green low-limit 70 high-limit 100 discardpercentage 100 [Quidway-port-wred-test] color yellow low-limit 60 high-limit 90 discardpercentage 100 [Quidway-port-wred-test] color red low-limit 50 high-limit 80 discardpercentage 100
9-92
Issue 03 (2008-09-22)

[Quidway-port-wred-test] return
After the preceding configuration, you can run the display port-wred configuration verbose command to view the configurations of the class WRED object.
<Quidway> display port-wred configuration verbose test port-wred-name : test color low-limit high-limit discard-percent green 70 100 100 yellow 60 90 100 red 50 80 100 Reference relationship: NULL
8.
Configure a class queue. # Configure the scheduling algorithms, WRED parameters, and shaping values for portqueue.
<Quidway> system view [Quidway] interface gigabitethernet 2/0/0 [Quidway-GigabitEthernet2/0/0] undo shutdown [Quidway-GigabitEthernet2/0/0] port-queue ef pq shaping 100 port-wred test outbound [Quidway-GigabitEthernet2/0/0] return
After the preceding configuration, you can run the display port-queue configuration interface command to view the configurations of the class queue.
<Quidway> display port-queue configuration interface gigabitethernet 2/0/0 outbound GigabitEthernet2/0/0 be current configuration: Arithmetic: wfq weight: 10 tm weight: 3 fact weight: 10.00 shaping(mbps): NA port-wred name: NA af1 current configuration: Arithmetic: wfq weight: 10 tm weight: 3 fact weight: 10.00 shaping(mbps): NA port-wred name: NA af2 current configuration: Arithmetic: wfq weight: 10 tm weight: 3 fact weight: 10.00 shaping(mbps): NA port-wred name: NA af3 current configuration: Arithmetic: wfq weight: 15 tm weight: 2 fact weight: 15.00 shaping(mbps): NA port-wred name: NA af4 current configuration: Arithmetic: wfq weight: 15 tm weight: 2 fact weight: 15.00 shaping(mbps): NA port-wred name: NA ef current configuration: Arithmetic: pq weight: NA tm weight: NA fact weight: NA shaping(mbps): 100
Issue 03 (2008-09-22)
9-93
port-wred name: test cs6 current configuration: Arithmetic: pq weight: NA tm weight: NA fact weight: NA shaping(mbps): NA port-wred name: NA cs7 current configuration: Arithmetic: pq weight: NA tm weight: NA fact weight: NA shaping(mbps): NA port-wred name: NA
9.
Check the configuration. When there are flows in the network, you can observe that packets of User1's AF1 and EF flows and User2's EF flows are forwarded at the assured bandwidth. Running the display port-queue statistics command on the downstream interface GE 2/0/0 of the router, you can see that EF packets increase rapidly.
<Quidway> display port-queue statistics interface gigabitethernet 2/0/0 ef outbound [ef] Total pass: 104,762,039 packets, 10,251,481,862 bytes Total discard: 0 packets, 0 bytes --Drop tail discard: 0 packets, 0 bytes --Wred discard: 0 pps, 0 bps Last 30 seconds pass rate: 0 pps, 0 bps Last 30 seconds discard rate: 0 pps, 0 bps --Drop tail discard rate: 0 pps, 0 bps --Wred discard rate: 0 pps, 0 bps
Configuration Files
Configuration file of the router.
# sysname Quidway # flow-wred test color green low-limit 70 high-limit 100 discard-percentage 100 color yellow low-limit 60 high-limit 90 discard-percentage 100 color red low-limit 50 high-limit 80 discard-percentage 100 # flow-mapping test map flow-queue af1 to port-queue ef # flow-queue test queue af1 lpq shaping 10000 flow-wred test queue ef pq shaping 30000 flow-wred test # user-group-queue test shaping 500000 inbound # service-template test network-header-length 12 inbound # qos-profile test
9-94
Issue 03 (2008-09-22)
user-queue cir 100000 pir 100000 flow-queue test flow-mapping test user-group queue test service-template test broadcast-suppression cir 2000 cbs 2000 multicast-suppression cir 2000 cbs 2000 unknown-unicast-suppression cir 2000 cbs 2000 # port-wred test color green low-limit 70 high-limit 100 discard-percentage 100 color yellow low-limit 60 high-limit 90 discard-percentage 100 color red low-limit 50 high-limit 80 discard-percentage 100 # interface GigabitEthernet1/0/0.1 vlan-type dot1q 1 ip address 100.1.1.1 255.255.255.0 qos-profile test inbound # interface GigabitEthernet1/0/0.2 vlan-type dot1q 2 ip address 200.1.2.1 255.255.255.0 qos-profile test inbound # interface GigabitEthernet2/0/0 undo shutdown ip address 200.1.1.1 255.255.255.0 port-queue ef pq shaping 100 port-wred test outbound # osfp 10 area 0.0.0.0 network 200.1.1.0 0.0.0.255 network 200.1.2.0 0.0.0.255 network 100.1.1.0 0.0.0.255 # return
Issue 03 (2008-09-22)
9-95
A Glossary
A
This appendix collates frequently used glossaries in this document. A AAA Access Control List Assured Service
Glossary
Authentication, Authorization and Accounting. A list composed of multiple sequential permit/deny statements. In firewall, after ACL is applied to an interface on the router, the router decides which packet can be forwarded and which packet should be denied. In QoS, ACL is used to classify traffic. A kind of service that enables the user to obtain more service amount than what has subscribed. As with the case that the ensured service amount that is less than what has subscribed, good forwarding quality is ensured; as with the excess service, they are forwarded with a lower forwarding quality but not be discarded directly. An asynchronous Transfer Mode. It is a data transmission technology in which data (files, voice and video) is transferred in cells with a fixed length (53 Bytes). The fixed length makes the cell be processed by the hardware. The object of ATM is to make good use of high-speed transmission medium such as E3, SONET and T3.
ATM
B Bandwidth Best-Effort An average transmission rate of data during a specified period. It is in bit/s. A traditional packet posting service. It features processing packets based on the sequence they reach the router (First In First Out rule). Packets from all users share the network resource and the bandwidth. The amount of the resource the packet gets depending on the time they reach the router. Best-Effort does not take effect on posting delay, jitter delay, packet loss ratio and reliability. An exterior gateway protocol. The function of this protocol is to exchange routing information (without loop) between autonomous systems.
Border Gateway Protocol
Issue 03 (2008-09-22)
A-1
A Glossary
C Class-Based Queuing To allocate a single First In First Out queue for each user-defined traffic class to cache the data of the same class. When the network congestion occurs, CBQ matches the output packet with the userdefined rule and places it in the corresponding queue. Before being placed in the queue, congestion avoidance mechanism such as TailDrop or WRED and bandwidth restriction check should be performed. When the packet is to be sent out from the queue, packets in corresponding queues are equally scheduled. An instance of traffic policing. Three parameters can be defined in CAR: Committed Information Rate (CIR), Committed Burst Size (CBS) and Excess Burst Size (EBS). These parameters can be used to estimate the traffic. CAR also can be used in traffic classification and traffic policing behavior definition. A maximum size of the burst traffic. It indicates the capacity of the token bucket. The maximum burst size should be larger than the packet length. A rate of placing tokens to the token bucket. It is in bit/s. Commonly, the traffic rate should be slower than the committed information rate. A phenomenon of degraded service. It is because the capacity of the network is exceeded by the data rate of the input to the network. Congestion affects the quality of service. A traffic control mechanism in which packets are automatically discarded when network congestion occurs and becomes intensive. This mechanism can adjust the network traffic by monitoring the network resource occupancy so as to prevent the network overload. A traffic control measure used to cache the packet when the network congestion occurs. It adopts some scheduling policy to define the forwarding order of each packet. A terminator at one end of a layer connection within a Service Access Point. It is used in the MPLS VPN network. CE can be a router, a switch or a host. A queuing policy allocating resources based on the user-defined bandwidth proportion.
Committed Access Rate
Committed Burst Size
Committed Information Rate Congestion
Congestion Avoidance
Congestion Management Custom Edge
Custom Queue
D Data CircuitAn equipment providing interfaces for the communication between terminating Equipment DTE and the network. Delay An average time taken by the service data to transmit across the network.
A-2
Issue 03 (2008-09-22)
A Glossary
Differentiated Service
A QoS model that classifies the service level according the packet precedence field (IP Precedence and DSCP), the source IP address and the destination IP address. Packets with different levels can be provided with different service levels. It is commonly used to provide end-to-end QoS for specified application programs.
Differentiated Services A basis of traffic classification. It marks the priorities of packets Code Point through specifying ToS filed. Data terminal Equipment E Expedited Forwarding A mechanism in which messages from any DS node should be sent at an equal or more rate than what has specified. This can ensure little delay and enough bandwidth. A device working as a data sender or a data receiver. It connects with network through a Data Circuit-terminating Equipment (DCE).
F Fair Queue A mechanism for queue scheduling in which network resource is allocated equally and delay and jitter time of all traffic are optimized. An application layer protocol based on TCP/IP. It is used to transfer large amounts of data reliably between the user and the remote host. FTP is implemented based on corresponding file system. A queuing policy that features that the packet reaching earlier can be allocated resource firstly.
File Transfer Protocol
First In First Out Queuing G Generic Traffic Shaping I Integrated Service
A kind of traffic shaping measure. It adopts the queuing policy WFQ.
An integrated service model that needs to reserve the network resource. It ensures the bandwidth, limits the delay and provides service and payload control for the packet as defined by traffic parameters. A basis of traffic classification. It is three bits long carried in the ToS filed of the IP packet.
IP-Precedence
J Jitter Refers to the interval for sending two adjacent packets minus the interval for receiving the two packets.
Issue 03 (2008-09-22)
A-3
A Glossary
Limit Rate
A traffic management technology used to limit the total rate of packet sending on a physical interface or a Tunnel interface. LR is directly enabled on the interface to control the traffic passing the interface. To fragment large-size frames to small-size frames and send them with other small fragments so that the delay and jitter time of the frames transmitted across the low-speed link is decreased. The fragmented frames are reassembled when reaching the destination. A network intended to serve a small geographic area, (few square kilometers or less), a single office or building, or a small defined group of users. It features high speed and little errors. Ethernet, FDDI and Toke Ring are three technologies implemented in LAN. A rate of the lost packet during packet transmission.
Link Fragmentation and Interleaving
Local Area Network
Loss Rate M Maximum Transmission Unit Media Access Control MultiLink PPP Multiprotocol Label Switching
A maximum size of packets that an interface can process. It is in bytes. It is in the data link layer in OSI and is next to the physical layer. A link generated by binding multiple PPP links for increasing bandwidth. It is derived from IPv4 and its core technology can be extended to multiple network protocols. Packet is marked with a short and predetermined label. Based on routing protocol and control protocol, it provides a connection-oriented data exchange. MPLS enhances the network performance, optimizes the network extensibility, and provides more flexible routing.
O Open Shortest Path First P Permanent Virtual Circuit Point to Point Protocol Priority Queue Provider Edge A permanent communication circuit that can be generated though no data is transmitted. PVC applies to stable communication systems or communication systems with frequent data exchange. A transport serial link between two devices. A queuing policy based on packet priorities. It features that the packet with a higher priority is allocated resource firstly. In an MPLS VPN network, PE is in the backbone network, engaged in managing VPN users, setting up LSPs and route designating for users in the same VPN. An interior gateway protocol developed by IETF. It is based on Link-State.
A-4
Issue 03 (2008-09-22)
A Glossary
QoS
An estimation of the ability of service providers to meet the requirements of the user. It focuses on estimating the delay, jitter delay and packet loss ratio.
R Real-Time Protocol Random Early Detection A host-to-host protocol that is used in multi-media services such as Voice over IP and video. A packet loss algorithm used in congestion avoidance. It discards the packet according to the specified higher limit and lower limit of a queue so that global TCP synchronization resulted in traditional Tail-Drop can be prevented. A protocol that prearranges the network resource for an application. In the Intserv model, the application program should inform the router to apply QoS before sending out packets to reserve the network resource.
Resource Reservation Protocol
S Service Level Agreement An agreement between the user and the network carrier in which the treatment of the user's traffic that needs to be transmitted across the network is defined. The agreement covers the information of technology and commercial. Commonly, SLA is used to indicate a certain QoS.
T Tail-Drop A mechanism for queue discarding. When the length of the queue reaches the maximum, the subsequently received packets are all discarded. A traffic control measure that dynamically monitors the network traffic and load of each network entity. It adjusts the traffic management parameters, routes parameters, and resource restriction parameters in real time to optimize the network operation status and the resource occupancy. In this way, congestion that is resulted from unbalanced load can be prevented. A basis and precondition to provide differentiated service. It identifies packets according to certain matching rules. A traffic control measure that monitors the size of the traffic that reach the router. If the traffic size exceeds the maximum, some restriction measures so as to protect the benefits of the carrier and the network resource. A traffic control measure that auto adjusts the output rate of traffic. It aims at making the traffic adapt the network resource that the downstream can provide and avoiding packet loss and congestion. Supposing that no packet is discarded, it indicates the number of packets that passed in a specified time.
Traffic Engineering
Traffic Classifier Traffic policing
Traffic Shaping
Throughput
Issue 03 (2008-09-22)
A-5
A Glossary
Tunnel
In VPN, it is a transport tunnel set up between two entities to prevent interior users from interrupting and ensure security.
V Versatile Routing Platform Virtual Local Area Network Versatile Routing Platform. It is a versatile operation system platform developed by Huawei. Virtual LAN. A LAN is divided into several logical LANs. Each virtual LAN is a broadcast area. Communication between hosts in a virtual is just like the host communication is a LAN. VLANs can be divided according to the function, department and application despite of device location. Provision of an apparent single private network (as seen by the user), over a number of separate public and private networks. It is a newly developed technology as the Internet becomes widely used. "Virtual" indicates the network is logical.
Virtual Private Network
W Weighted Fair Queue It features automatic traffic classification and balances the delay and jitter time of each traffic. Compared with Fair Queue (FQ), it benefits the high-priority packet. A packet loss algorithm used on congestion avoidance. It can prevent the global synchronization resulted in traditional Tail-Drop and features benefiting the high-priority packet with high-quality service during calculating the packet loss rate.
Weighted Random Early Detection
A-6
Issue 03 (2008-09-22)
B Acronyms and Abbreviations
B
Numerics 3G 3GPP2 A ACL AF ATM B BE BW C CAR CBQ CBS CE CIR CoS CQ D DCE
Acronyms and Abbreviations
This appendix collates frequently used acronyms and abbreviations in this document.
The Third Generation 3rd Generation Partnership Project 2
Access Control List Assured Forwarding Asynchronous Transfer Mode
Best-Effort Band Width
Committed Access List Class-based Queue Committed Burst Size Customer Edge Committed information Rate Class of Service Custom Queue
Data Circuit-terminating Equipment
Issue 03 (2008-09-22)
B-1
Diff-Serv DSCP DTE E EBS EF F FECN FIFO FQ FR FTP G GTS H HDLC HTTP I ILM IP IPX ISDN L LAN LFI LR LSP M MIC
Different-service Differentiated Services Codepoint Data Terminal Equipment
Excess Buret Size Expedited Forwarding
Forwarding Explicit Congestion Notification First In First Out Fair Queue Frame Relay File Transfer Protocol
Generic Traffic Shaping
High Level Data Link Control Hyper Text Transport Protocol
Incoming Label Map Internet Protocol Internet Packet Exchange Integrated Services Digital Network
Local Area Network Link Fragmentation and Interleaving Limit Rate Label Switch Path
Media Access Control
B-2
Issue 03 (2008-09-22)
MP MPLS MTU O OSPF P P2P PE PPP PQ PVC Q QoS R RED RSVP RTP T TCP TE ToS TP TS U UDP V VLAN VoIP VPN
Multilink PPP Multi-Protocol Label Switching Maximum Transmission Unit
Open Shortest Path First
Point to Point Provider Edge Point-to-Point Protocol Priority Queue Permanent Virtual Circuit
Quality of Service
Random Early Detection Resource Reservation Protocol Real-time Transport Protocol
Transmission Control Protocol Traffic Engineering Type of Service Traffic Policing Traffic Shaping
User Datagram Protocol
Virtual Local Area Network Voice over IP Virtual Private Network
Issue 03 (2008-09-22)
B-3
VRP W WFQ WRED WWW
Versatile Routing Platform
Weighted Fair Queue Weighted Random Early Detection World Wide Web
B-4
Issue 03 (2008-09-22)
Index
Index
Symbols/Numerics
(Optional) Configuring a Class Queue, 6-20, 6-29 (Optional) Configuring a CQ WRED Object, 9-17, 9-27, 9-53 (Optional) Configuring a WRED Object for a Class Queue, 9-43 (Optional) Configuring a WRED Object for a Flow Queue, 9-39 (Optional) Configuring an FQ WRED Object, 9-13, 9-22, 9-49 (Optional) Configuring Mapping from an FQ to a CQ, 9-15, 9-24, 9-50 (Optional) Configuring Mappings from a Flow Queue to a Class Queue, 9-40 (Optional) Configuring Mappings from an FQ to a CQ, 9-34 (Optional) Configuring Packet Loss Compensation Lengths of Service Templates, 9-51 (Optional) Configuring Scheduling Parameters for a Class Queue, 9-44 (Optional) Configuring Scheduling Parameters for a Flow Queue, 9-40 (Optional) Configuring Scheduling Parameters of a CQ, 9-17, 9-28, 9-54 (Optional) Configuring Scheduling Parameters of an FQ, 9-14, 9-23, 9-34, 9-49 (Optional) Configuring the Traffic Shaping of a GQ, 9-15, 9-24, 9-51 (Optional) Configuring the WRED Object of an FQ, 9-33 (Optional) Configuring Traffic Shaping for a Group Queue, 9-41 (Optional) Configuring Traffic Shaping of a GQ, 9-34 (Optional) Enabling an L2VPN to Support DiffServ Models, 6-28 (Optional) Enabling an L3VPN to Support DiffServ Models, 6-19 Applying a QoS Template, 9-53 Applying a Routing Policy on the Route Receiver, 6-14 Applying a Routing Policy to the Route Receiver, 5-7 Applying a Traffic Policy, 4-12 Applying an MPLS TE Tunnel Policy to an MPLS L2VPN, 6-31 Applying ATM Traffic Shaping Parameters, 7-19 Applying FR Fragmentation to a Virtual Circuit, 8-20 Applying FRTP Parameters to the Interface, 8-8 Applying FRTS Parameters to the Interface, 8-5 Applying QPPB on the Interface, 6-15 Applying QPPB to the Interface, 5-8 Applying the Statistic Function of a Traffic Policy, 4-14 Applying the Traffic Policy, 2-13 Applying Traffic Policies, 7-15 Applying Traffic Policy Based on Simple Traffic Classification to an Interface, 4-24 Applying Universal Queues to an Frame Relay Interface, 8-11 Applying Universal Queues to Frame Relay Virtual Circuits, 8-12 Applying WRED, 3-5 Applying WRED Parameters on the Frame Relay Interface, 8-18 Associating an MPLS TE Tunnel with an L2VPN and Specifying a QoS Policy, 6-32 ATM QoS Features Supported by the NE80E/40E, 7-2
B
BECN, 8-4 Best-Effort Service Model, 1-3 Binding an MPLS TE Tunnel to a VPN Instance and Specifying a QoS Policy, 6-23
A
Acronyms and Abbreviations, B-1 Advertising a Routing Policy on the Route Sender, 6-11 Advertising Routing Policy on the Route Sender, 5-5
C
Class-based QoS Supported by the NE80E/40E, 4-4 Clearing Queue Statistics, 9-57 Clearing Statistics, 2-18 Clearing the Statistics About Traffic Policies, 4-27 configure QoS at the PVC level to offer users, 8-3
i-1
Issue 03 (2008-09-22)
Index
Configuring a Bandwidth for an MPLS TE Tunnel, 6-22 Configuring a Flow Queue, 6-18, 6-26 Configuring a Reserved Bandwidth for PBB-TE Services on an Interface, 9-33 Configuring a Routing Policy on the BGP Route Sender, 6-10 Configuring a Routing Policy on the Route Receiver, 6-13 Configuring a Routing Policy to the Route Receiver, 5-6 Configuring a Traffic Behavior on the Route Receiver, 6-12 Configuring a Traffic Policy, 2-13 Configuring a Traffic Policy Based on the Complex Traffic Classification, 4-4 Configuring a Tunnel Policy, 6-30 Configuring a Tunnel Policy and Apply It to a VPN Instance, 6-22 Configuring a VLAN Group, 9-26 Configuring ATM Complex Traffic Classification, 7-12 Configuring ATM Services, 7-10 Configuring ATM Simple Traffic Classification, 7-5 Configuring ATM Traffic Shaping Parameters, 7-18 Configuring CAR on a Layer 2 Interface, 2-8 Configuring CAR on a Layer 3 Interface, 2-7 Configuring Class-based HQoS, 9-37 Configuring Congestion Management of the ATM PVC, 7-21 Configuring CTC-based Traffic Policing, 2-9 Configuring Forced ATM Traffic Classification, 7-8, 7-11 Configuring Frame Relay Congestion Avoidance, 8-15 Configuring Frame Relay Fragmentation, 8-19, 8-20 Configuring Frame Relay Traffic Policing, 8-7 Configuring Frame Relay Traffic Shaping, 8-3 Configuring FRTP Parameters, 8-7 Configuring FRTS Parameters, 8-4 Configuring Hierarchical Resource Reserved L2VPNs, 6-24 Configuring Hierarchical Resource Reserved L3VPNs, 6-16 Configuring HQoS, 9-30 Configuring HQoS Based on the PBB-TE Tunnels, 9-31 Configuring HQoS on a CPOS or E3/T3 Interface, 9-29 Configuring HQoS on a QinQ Termination Subinterface, 9-21 Configuring HQoS on an Ethernet Interface, 9-11 Configuring Interface-based Traffic Policing, 2-6 Configuring Mapping Rules for ATM QoS, 7-7 Configuring Precedence Mapping Based on the Simple Traffic Classification, 4-16 Configuring PVC PQ of Frame Relay, 8-13 Configuring PVC PQ on an FR Interface, 8-13 Configuring QinQ on a Sub-interface, 9-26
i-2
Configuring QPPB, 5-2 Configuring QPPB in L3VPNs, 6-8 Configuring Scheduling Parameters of an SQ, 9-16, 9-27, 9-35 Configuring Template-based HQoS, 9-47 Configuring the ATM Traffic Shaping, 7-17 Configuring the Bandwidth of an MPLS TE Tunnel, 6-32 Configuring the FR PVC PQ Precedence, 8-14 Configuring the Priority of an ATM PVC, 7-20, 7-21 Configuring the Queue Scheduling of an ATM PVC, 7-22 Configuring the Routing Policy on the BGP Route Sender, 5-4 Configuring the Traffic Behavior on the Route Receiver, 5-5 Configuring Traffic Shaping, 2-16, 2-17 Configuring Universal Frame Relay Queues, 8-9, 8-10 Configuring WRED, 3-3 Configuring WRED Parameters, 3-4, 8-17 Congestion Avoidance Configuration, 1-11 Congestion Avoidance Supported by NE80E/40E, 3-3 Creating a Frame Relay Class, 8-16
D
Debugging Frame Relay QoS, 8-21 Defining a Behavior and Configuring Traffic Policing Actions, 2-12 Defining a Policy and Specifying a Behavior for the Classifier, 4-12 Defining a QoS Template and Configuring Scheduling Parameters, 9-52 Defining a Traffic Behavior and Configuring Scheduling Parameters for a Subscriber Queue, 9-42 Defining a Traffic Behavior and Configuring Traffic Actions, 4-8 Defining a Traffic Classifier, 4-5, 9-38 Defining a Traffic Policy and Applying It to an Interface, 9-42 Defining the DiffServ Domain and Configuring a Traffic Policy, 4-17 Defining Traffic Behaviors, 7-14 Defining Traffic Classes, 2-10 Defining Traffic Classifiers, 7-13 Defining Traffic Policies, 7-15 Differentiated Service Model, 1-4
E
Enabling ATM Simple Traffic Classification, 7-7 Enabling FRTP, 8-9 Enabling FRTS, 8-6 Enabling QinQ on an Interface, 9-25 End-to-End QoS Model, 1-3 Example for Applying a Routing Policy with QoS Parameters in VPNv4, 6-35
Issue 03 (2008-09-22)
Index
Example for Applying Routing Policies with QoS Parameters to a VPN Instance, 6-45 Example for Configuring 1483B-Based ATM Simple Traffic Classificaiton, 7-46 Example for Configuring a Hierarchical Resource Reserved L2VPN (VLL), 6-71 Example for Configuring a Hierarchical Resource Reserved L2VPN (VPLS), 6-85 Example for Configuring a Hierarchical Resource Reserved L3VPN, 6-55 Example for Configuring a Traffic Policy Based on Complex Traffic Classification, 4-28 Example for Configuring an MPLS DiffServ Model on the VPLS over TE, 6-114 Example for Configuring Class-based HQoS, 9-82 Example for Configuring Complex Traffic Classification on QinQ Termination Sub-interface, 4-36 Example for Configuring Congestion Avoidance, 3-7 Example for Configuring Forced ATM Traffic Classification, 7-50 Example for Configuring Frame Relay Fragmentation, 8-24 Example for Configuring Frame Relay Traffic Shaping, 8-22 Example for Configuring Hierarchical Resource Reserved VPNs (with Both L3VPNs and L2VPNs Deployed), 6-95 Example for Configuring HQoS Based on the PBB-TE Tunnel, 9-76 Example for Configuring HQoS on a CPOS Interface, 9-72 Example for Configuring HQoS on an E3 or T3 Interface, 9-69 Example for Configuring HQoS on an Ethernet Interface, 9-58 Example for Configuring Priority Mapping Based on the Simple Traffic Classification (MPLS), 4-44 Example for Configuring Priority Mapping Based on the Simple Traffic Classification (VLAN), 4-39 Example for Configuring QinQ HQoS, 9-64 Example for Configuring Queue Scheduling for an ATM PVC, 7-59 Example for Configuring Simple Traffic Classification for 1-to-1 VCC ATM Transparent Transmission, 7-25 Example for Configuring Simple Traffic Classification for 1-to-1 VPC ATM Transparent Transmission, 7-31 Example for Configuring Simple Traffic Classification for AAL5 SDU ATM Transparent Transmission, 7-37 Example for Configuring Template-based HQoS, 9-89 Example for Configuring the ATM Complex Traffic Classification, 7-54 Example for Configuring Traffic Policing and Traffic Shaping, 2-19 Example for QPPB Configuration, 5-9 Example of Configuring for 1483R-based ATM Simple Traffic Classification, 7-43
F
frame relay also has its own QoS mechanisms, 8-3 Frame Relay QoS Supported by the NE80E/40E, 8-3
G
Glossary, A-1
H
HQoS Supported by the NE80E/40E, 9-3
I
Integrated Service Model, 1-3 Interface congestion, 8-4 Introduction to ATM QoS, 7-2 Introduction to Class-based QoS, 4-2 Introduction to Congestion Avoidance, 3-2 Introduction to Frame Relay QoS, 8-3 Introduction to HQoS, 9-2
M
Maintaining QPPB Configuration, 5-14 Maintaining VPN QoS Configuration, 6-122
N
New Application Requirements, 1-2
P
PVC PQ contians four sub-queues, 8-14
Q
QoS Supported by the NE80E/40E, 1-13 QPPB Overview, 5-2 QPPB Supported by the NE80E/40E, 5-2
R
Related Concepts, 9-2 RSVP, 1-13
T
Techniques Used for the QoS Application, 1-9 Traditional Packet Transmission Application, 1-2 Traffic Classification, 1-10 Traffic Policing, 2-2 Traffic Policing and Shaping, 1-11 Traffic Policing and Shaping Supported by NE80E/ 40E, 2-5 Traffic Shaping, 2-4
Issue 03 (2008-09-22)
i-3
Index
V
virtual circuits on the interface inherit QoS parameters of the frame relay class, 8-3 VPN QoS Features Supported by the NE80E/40E, 6-2 VPN QoS Overview, 6-2
i-4
Issue 03 (2008-09-22)

00399154-Configuration Guide - QoS (V300R003 - 03) PDF

Caricato da

Informazioni sul documento

Descrizione originale:

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

00399154-Configuration Guide - QoS (V300R003 - 03) PDF

Caricato da

Copyright:

Formati disponibili

Quidway NetEngine80E/40E Core Router V300R003

Configuration Guide - QoS

Issue Date Part Number

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Huawei Technologies Co., Ltd.

Trademarks and Permissions

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

2 Traffic Policing and Shaping Configuration........................................................................2-1

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

3 Congestion Avoidance Configuration................................................................................... 3-1

4 Class-based QoS Configuration..............................................................................................4-1

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

6 VPN QoS Configuration...........................................................................................................6-1

7 ATM QoS Configuration..........................................................................................................7-1

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

8 Frame Relay QoS Configuration.............................................................................................8-1

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

About This Document

About This Document

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

About This Document

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

Chapter 1 QoS Overview

9 HQoS Configuration A Glossary B Acronyms and Abbreviations

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

About This Document

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

About This Document

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

About This Document

Action Double-click Drag

Updates in Issue 03 (2008-09-22)

Updates in Issue 02 (2008-05-08)

Updates in Issue 01 (2008-02-22)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

1.1.1 Traditional Packet Transmission Application

1.1.2 New Application Requirements

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

1.2 End-to-End QoS Model

Best-Effort service model Integrated service model Differentiated service model

1.2.1 Best-Effort Service Model

1.2.2 Integrated Service Model

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

1.2.3 Differentiated Service Model

Diff-Serv Model in IP Network

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Quidway NetEngine80E/40E Core Router Configuration Guide - QoS

Figure 1-1 Diff-Serv networking diagram