Configuration Guide - QoS (V200R001C01 - 04) PDF

Huawei AR1200-S Series Enterprise Routers
V200R001C01
Configuration Guide - QoS
Issue 04
Date 2012-01-06
HUAWEI TECHNOLOGIES CO., LTD.

Copyright © Huawei Technologies Co., Ltd. 2012. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior written
consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or representations
of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China
Website: http://www.huawei.com
Email: support@huawei.com
Issue 04 (2012-01-06) Huawei Proprietary and Confidential i

Copyright © Huawei Technologies Co., Ltd.
Configuration Guide - QoS About This Document
About This Document
Intended Audience
This document describes the concepts and configuration procedures of QoS features on the
AR1200-S, and provides the configuration examples.
This document provides guidance for configuring QoS features.
This document is intended for:
l Data configuration engineers
l Commissioning engineers
l Network monitoring engineers
l System maintenance engineers
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol Description
Indicates a hazard with a high level of risk, which if not

avoided, will result in death or serious injury.
DANGER
Indicates a hazard with a medium or low level of risk, which

if not avoided, could result in minor or moderate injury.
WARNING
Indicates a potentially hazardous situation, which if not

avoided, could result in equipment damage, data loss,
CAUTION
performance degradation, or unexpected results.
TIP Indicates a tip that may help you solve a problem or save
time.
NOTE Provides additional information to emphasize or supplement

important points of the main text.
Issue 04 (2012-01-06) Huawei Proprietary and Confidential ii

Command Conventions
The command conventions that may be found in this document are defined as follows.
Convention Description
Boldface The keywords of a command line are in boldface.
Italic Command arguments are in italics.
[] Items (keywords or arguments) in brackets [ ] are optional.
{ x | y | ... } Optional items are grouped in braces and separated by

vertical bars. One item is selected.
[ x | y | ... ] Optional items are grouped in brackets and separated by

vertical bars. One item is selected or no item is selected.
{ x | y | ... }* Optional items are grouped in braces and separated by

vertical bars. A minimum of one item or a maximum of all
items can be selected.
[ x | y | ... ]* Optional items are grouped in brackets and separated by

vertical bars. Several items or no item can be selected.
&<1-n> The parameter before the & sign can be repeated 1 to n times.
# A line starting with the # sign is comments.
Interface Numbering Conventions

Interface numbers used in this manual are examples. In device configuration, use the existing
interface numbers on devices.
Change History
Updates between document issues are cumulative. Therefore, the latest document issue contains
all updates made in previous issues.
Changes in Issue 04 (2012-01-06)

Based on issue 03 (2011-11-27), the document is updated as follows:
The following information is modified:
l 2.4.4 Configuring Re-marking

Issue 04 (2012-01-06) Huawei Proprietary and Confidential iii

l 2.4.5 Configuring Traffic Policing

l 1.3.3 Setting the Default 802.1p Priority of an Interface
l 1.6.2 Configuring Queue-based Congestion Management

Initial commercial release.
Issue 04 (2012-01-06) Huawei Proprietary and Confidential iv

Configuration Guide - QoS Contents
Contents
About This Document.....................................................................................................................ii

1 QoS Configuration........................................................................................................................1
1.1 QoS Overview....................................................................................................................................................3
1.2 QoS Features Supported by the AR1200-S........................................................................................................3
1.3 Configuring Priority Mapping..........................................................................................................................12
1.3.1 Establishing the Configuration Task.......................................................................................................12
1.3.2 Configuring the Packet Priority Trusted by an Interface.........................................................................13
1.3.3 Setting the Default 802.1p Priority of an Interface..................................................................................13
1.3.4 Configuring a Priority Mapping Table....................................................................................................15
1.3.5 Checking the Configuration.....................................................................................................................15
1.4 Configuring Traffic Policing............................................................................................................................16
1.4.2 Configuring Traffic Policing on an Interface..........................................................................................17
1.4.3 Configuring Flow-based Traffic Policing................................................................................................18
1.5 Configuring Traffic Shaping............................................................................................................................19
1.5.2 Configuring Interface-based Traffic Shaping..........................................................................................21
1.5.3 Configuring Queue-based Traffic Shaping..............................................................................................21
1.5.4 Configuring Flow-based Traffic Shaping................................................................................................22
1.6 Configuring Congestion Management..............................................................................................................24
1.6.2 Configuring Queue-based Congestion Management...............................................................................26
1.6.3 Configuring Class-based Congestion Management................................................................................28
1.7 Configuring Congestion Avoidance.................................................................................................................30
1.7.2 Configuring Queue-based WRED...........................................................................................................32
1.7.3 Configuring Flow-based WRED.............................................................................................................33
1.8 Configuring HQoS............................................................................................................................................36
Issue 04 (2012-01-06) Huawei Proprietary and Confidential v

Configuration Guide - QoS Contents
1.8.2 Configuring a Traffic Policy....................................................................................................................38

1.8.2.1 Configuring a Sub Traffic Policy...................................................................................................38
1.8.2.2 Configuring a Traffic Policy...........................................................................................................39
1.8.2.3 Applying the Traffic Policy to an Interface....................................................................................40
1.8.3 (Optional) Configuring Traffic Policing on an Interface.........................................................................40
1.8.4 (Optional) Configuring Traffic Shaping on an Interface.........................................................................41
1.9 Maintaining QoS...............................................................................................................................................42
1.9.1 Displaying the Queue-based Traffic Statistics........................................................................................42
1.9.2 Clearing the Queue-based Traffic Statistics............................................................................................42
1.10 Configuration Examples.................................................................................................................................43
1.10.1 Example for Configuring Priority Mapping..........................................................................................43
1.10.2 Example for Configuring Traffic Policing............................................................................................46
1.10.3 Example for Configuring Traffic Shaping.............................................................................................52
1.10.4 Example for Configuring Congestion Avoidance and Congestion Management.................................55
1.10.5 Example for Configuring HQoS............................................................................................................62
2 Traffic Policy Configuration.....................................................................................................72

2.1 Traffic Policy Overview...................................................................................................................................73
2.2 Traffic Policy Features Supported by the AR1200-S.......................................................................................73
2.3 Configuring a Traffic Classifier.......................................................................................................................76
2.4 Configuring a Traffic Behavior........................................................................................................................78
2.4.2 Configuring a Permit or Deny Action.....................................................................................................79
2.4.3 Configuring Redirection..........................................................................................................................80
2.4.4 Configuring Re-marking..........................................................................................................................81
2.4.5 Configuring Traffic Policing...................................................................................................................82
2.4.6 Configuring Traffic Shaping...................................................................................................................83
2.4.7 Configuring Congestion Management.....................................................................................................83
2.4.8 Configuring Congestion Avoidance........................................................................................................85
2.4.9 Binding a Sub Traffic Policy...................................................................................................................86
2.4.10 Configuring Traffic Statistics................................................................................................................88
2.4.11 Checking the Configuration...................................................................................................................88
2.5 Configuring a Traffic Policy.............................................................................................................................89
2.6 Maintaining a Traffic Policy.............................................................................................................................90
2.6.1 Displaying the Flow-based Traffic Statistics...........................................................................................90
2.6.2 Clearing the Flow-based Traffic Statistics..............................................................................................90
2.7 Configuration Examples...................................................................................................................................91
2.7.1 Example for Configuring Re-marking.....................................................................................................91
2.7.2 Example for Configuring Traffic Statistics.............................................................................................95
2.7.3 Example for Configuring Association Between NQA and Redirection..................................................98
Issue 04 (2012-01-06) Huawei Proprietary and Confidential vi

Configuration Guide - QoS 1 QoS Configuration
1 QoS Configuration
About This Chapter
This chapter describes common QoS functions on interfaces of the AR1200-S: priority mapping,
traffic policing, traffic shaping, congestion management, congestion avoidance, and
Hierarchical Quality of Service (HQoS). It also provides configuration methods and examples.
1.1 QoS Overview

QoS is designed to provide differentiated services based on networking requirements.
1.2 QoS Features Supported by the AR1200-S
This section describes QoS features supported by the AR1200-S.
1.3 Configuring Priority Mapping
After priority mapping is configured, the AR1200-S determines the queues and output priorities
of the received packets based on packet priorities or the default 802.1p priority of the interface.
By doing this, the AR1200-S provides differentiated services.
1.4 Configuring Traffic Policing
The AR1200-S supports interface-based traffic policing and flow-based traffic policing.
1.5 Configuring Traffic Shaping
Traffic shaping enables outgoing traffic to be sent out at an even rate and reduces the number
of discarded packets whose rate exceeds the rate limit.
1.6 Configuring Congestion Management
If congestion occurs on a network after congestion management is configured, the AR1200-S
determines the sequence at which packets are forwarded according to the defined scheduling
policy.
1.7 Configuring Congestion Avoidance
After congestion avoidance is complete, the AR1200-S discards the packets whose rate exceeds
the rate limit based on the WRED configuration.
1.8 Configuring HQoS
To provide differentiated QoS services, configure HQoS on the AR1200-S.
1.9 Maintaining QoS
This section describes how to maintain QoS.
Issue 04 (2012-01-06) Huawei Proprietary and Confidential 1

1.10 Configuration Examples

This section provides several configuration examples of traffic policing, traffic shaping,
congestion avoidance, and congestion management.

1.1 QoS Overview

QoS is designed to provide differentiated services based on networking requirements.
QoS evaluates the capabilities of the service supplied to meet customer requirements. On the
Internet, QoS is used to evaluate capabilities of a network to transmit packets. The network
provides various services, and QoS evaluates services from different aspects. Generally, QoS
evaluates core items, including the delay, jitter, and packet loss ratio during packet transmission.
QoS uses the following models:

l Best-Effort (BE) model: The BE model is a service model that handles all packets equally.
In the BE model, a network attempts to send packets, but cannot ensure performance such
as delay and reliability. The BE model can be applied to various network applications, such
as FTP and email. The BE model can be implemented using the First in First out (FIFO)
queue.
l IntServ model: The IntServ model is an integrated service model. A device must submit a
request to a network before sending packets. Combined with multicast, the IntServ model
can be used in real-time multimedia applications that require high bandwidth and low delay,
such as video conference and video on demand (VoD).
l DiffServ model: The DiffServ model is a multi-service model and can meet different QoS
requirements, which ensures that applications are provided with differentiated QoS levels.
QoS can be specified based on various information, such as the IP precedence, source
address, and destination address of packets. Network devices perform traffic classification,
traffic shaping, traffic policing, and queue scheduling based on the information.
1.2 QoS Features Supported by the AR1200-S

This section describes QoS features supported by the AR1200-S.
The AR1200-S supports the following functions:

l Priority Mapping
l Traffic Policing
l Traffic Shaping
l Congestion Avoidance
l Congestion Management
l HQoS
Table 1-1 Implementation of QoS features
Feature Implementation
Traffic policing Interface-based traffic policing can be

applied to inbound and outbound WAN-side
interfaces, but can only be applied to inbound
LAN-side interfaces.
Flow-based traffic policing can be applied to
inbound and outbound interfaces.

Feature Implementation
Traffic shaping Interface-based traffic shaping can only be

applied to outbound interfaces.
Queue-based traffic shaping can only be
applied to outbound interfaces.
Flow-based traffic shaping can only be
applied to outbound WAN-side interfaces.
Congestion avoidance Queue-based congestion avoidance can only

be applied to outbound WAN-side interfaces.
Flow-based congestion avoidance can only
be applied to outbound WAN-side interfaces.
Congestion management Queue-based congestion management can

only be applied to outbound interfaces.
Class-based congestion management can
only be applied to outbound WAN-side
interfaces.
HQoS Flow-based hierarchical QoS (HQoS) can

only be applied to outbound WAN-side
interfaces.
Priority Mapping
Different packets carry different precedence fields. For example, VLAN packets carry the 802.1p
field, IP packets carry the DSCP field. The mappings between priority fields must be configured
on gateways to retain priorities of packets when the packets traverse different networks.
To ensure QoS for different packets, the AR1200-S determines the queues that received packets
enter based on 802.1p priorities or DSCP priorities in packets or the default 802.1p priority of
an interface. The AR1200-S can re-mark packet priorities so that the connected device can
provide differentiated QoS based on precedence fields of the packets.
The AR1200-S sends packets to different interface queues based on the 802.1p priority, and
performs traffic shaping, congestion avoidance, and queue scheduling for the queues. FE
interfaces on the SRU of the AR1200-S support only four queues, whereas other interfaces
support eight queues. The mappings between local priorities and queues on FE interfaces on the
SRU of the AR1200-S are different. Table 1-2 lists the mappings between 802.1p priorities and
queues on FE interfaces of the SRU on the AR1200-S. Table 1-3 lists the mappings between
802.1p priorities and queues on other interfaces.
Table 1-2 Mappings between 802.1p priorities and queues
802.1p Priority Queue Index
0 0
1 0
2 1

3 1
4 2
5 2
6 3
7 3
Table 1-3 Mappings between 802.1p priorities and queues

0 0
1 1
2 2
3 3
4 4
5 5
6 6
7 7
Traffic Policing
Traffic policing limits the traffic and resource usage by monitoring the rate limit.
Traffic policing discards the excess traffic to limit traffic within a proper range and to protect
network resources.
Traffic policing limits the traffic entering the Internet Service Provider (ISP).
l Token bucket and traffic measurement
The AR1200-S needs to determine whether the traffic rate exceeds the rate limit before
performing traffic policing. Token buckets are usually used to measure traffic.
With a certain capacity, a token bucket stores tokens. The system places tokens into a token
bucket at the configured rate (one token occupies one bit). If the token bucket is full, excess
tokens overflow and no token is added.
When measuring traffic, a token bucket forwards packets based on the number of tokens
in the token bucket. If there are enough tokens in the token bucket for forwarding packets,
the traffic rate is within the rate limit. Otherwise, the traffic rate is not within the rate limit.

Figure 1-1 Measuring traffic using token buckets
Put tokens into the bucket at the

specified rate
Packets sent by the
interface Continue to send
packets
Classification
Token
bucket
Drop
The AR1200-S supports dual token bucket technology:

The dual token bucket technology uses the following parameters:
– Committed Burst Size (CBS): capacity of bucket C, that is, the maximum volume of
burst traffic (in bytes) allowed by bucket C each time.
– Committed Information Rate (CIR): rate at which tokens are put into bucket C, that is,
the average rate of traffic (in kbit/s) allowed by bucket C.
– Peak Burst Size (PBS): capacity of bucket P, that is, the maximum volume of burst
traffic (in bytes) allowed by bucket P each time.
– Peak Information Rate (PIR): rate at which tokens are put into bucket P, that is, the
average rate of traffic (in kbit/s) allowed by bucket P.
When dual token buckets are used, the packets whose rate is less than the CIR value are
colored green, the packets whose rate is greater than the PIR value are colored red, and the
packets whose rate is greater than the CIR value, but less than the PIR value are colored
yellow.
Traffic policing actions include permit, deny, and forward after a priority change. By
default, green packets and yellow packets are allowed to pass through, and red packets are
discarded.
l Traffic policing features supported by the AR1200-S
The AR1200-S supports the following traffic policing features:
– Interface-based traffic policing limits all the incoming or outgoing service traffic on an
interface.
– Flow-based traffic policing limits incoming or outgoing service traffic matching traffic
classification rules.

Traffic Shaping
Traffic shaping also limits traffic and resource usage by monitoring the rate limit. It also uses
the token bucket technology to measure traffic.
Traffic shaping adjusts the speed of outgoing traffic so that the downstream device has
capabilities to process traffic.
l Differences between traffic shaping and traffic policing
Traffic policing directly discards the excess packets. Traffic shaping buffers the packets
whose rate is greater than the traffic shaping rate in queues; therefore, traffic shaping
reduces the number of discarded packets. As shown in Figure 1-2, when there are sufficient
tokens in the token bucket, the buffered packets are forwarded at an even rate. If the tokens
are insufficient, packets are buffered continuously. If the number of packets to be buffered
is greater than the queue length, excess packets are discarded.
Figure 1-2 Traffic shaping

Packets sent by the
interface
Packets that do
not need to be Flows
shaped
Token Put tokens into

Simple traffic Packets that token bucket at
classification need to be specified rate
shaped
Packets
within the
Token
rate limit
bucket
Packets not
within the rate
limit
Buffer
packets in
queues
Discarded
packets when
the token bucket
is full
Traffic shaping increases the delay because it buffers packets in queues, whereas traffic
policing does not.
l Traffic shaping features supported by the AR1200-S
The AR1200-S supports the following traffic shaping features:
– Traffic shaping on an interface or a sub-interface
Traffic shaping is performed for all the packets that pass through an interface or a sub-
interface.
– Queue-based traffic shaping

Traffic shaping is performed for packets in a specified queue on an interface so that

packets are shaped based on priorities.
– Flow-based traffic shaping
Traffic shaping is performed for packets of a specified type that pass through an interface
so that packets matching traffic classification rules can be shaped.
Congestion Avoidance
Congestion avoidance is a flow control mechanism. A system configured with congestion
avoidance monitors network resources such as queues and memory buffers. When congestion
occurs or aggravates, the system discards packets.
Congestion avoidance policies include tail drop, Random Early Detection (RED), and Weighted
Random Early Detection (WRED):
l Tail drop
The traditional packet loss policy uses the tail drop method. This method processes all
packets equally without classifying the packets into different types. When congestion
occurs, packets at the end of a queue are discarded until the congestion problem is solved.
This policy leads to global TCP synchronization. When packets of multiple TCP
connections are discarded simultaneously, these TCP connections enter the congestion
avoidance and slow start state. After a while, the peak of these TCP connections occurs.
The volume of traffic varies greatly, affecting link usage.
l RED
The RED technique randomly discards packets to prevent the transmission speed of
multiple TCP connections from being reduced simultaneously.
As specified by the RED algorithm, the upper drop threshold and lower drop threshold are
set. RED processes packets as follows:
– When the queue length is shorter than the lower drop threshold, no packet is discarded.
– When the queue length is longer than the upper drop threshold, all packets are discarded.
– When the queue length is between the lower drop threshold and the upper drop threshold,
incoming packets are discarded randomly. RED generates a random number for each
incoming packet and compares it with the drop probability of the current queue. If the
random number is greater than the drop probability, the packet is discarded. A longer
queue indicates a higher drop probability.
l WRED
WRED also discards packets randomly to prevent global TCP synchronization. WRED,
however, generates random numbers of packets based on packet priorities. WRED discards
packets based on packet priorities, so the drop probability of packets with higher priorities
is low.
By default, the AR1200-S uses tail drop. The AR1200-S supports queue-based WRED and flow-
based RED.
Congestion Management
If a network transmitting both delay-sensitive and delay-insensitive services is congested
intermittently, congestion management is required. However, if a network is always congested,
bandwidth needs to be increased.
Generally, the AR1200-S uses the following queue scheduling mechanisms:

l PQ scheduling
l WRR scheduling
l DRR scheduling
l WFQ scheduling
l PQ+WRR/PQ+DRR/PQ+WFQ scheduling
l CBQ scheduling
l PQ scheduling
Priority queuing (PQ) schedules packets in descending order of priorities. Queues with
lower priories are processed only after all the queues with higher priorities have been
processed.
By using PQ scheduling, the AR1200-S puts packets of delay-sensitive services into queues
with higher priorities and packets of other services into queues with lower priorities. In this
manner, packets of key services can be transmitted first.
PQ scheduling has a disadvantage. If a lot of packets exist in queues with higher priorities
when congestion occurs, packets in queues with lower priorities cannot be transmitted for
a long time.
l WRR scheduling
Weighted Round Robin (WRR) scheduling ensures that packets in all the queues are
scheduled in turn.
For example, eight queues are configured on an interface. Each queue is configured with
a weight: w7, w6, w5, w4, w3, w2, w1, and w0. The weight value represents the percentage
of obtaining resources. The following scenario assumes that the weights of queues on the
100M interface are 50, 50, 30, 30, 10, 10, 10, and 10, which match w7, w6, w5, w4, w3,
w2, w1, and w0. Therefore, the queue with the lowest priority can obtain at least 5 Mbit/s
bandwidth. This ensures that packets in all the queues can be scheduled.
In addition, WRR can dynamically change the time of scheduling packets in queues. For
example, if a queue is empty, WRR ignores this queue and starts to schedule the next queue.
This ensures efficient use of bandwidth.
WRR scheduling has two disadvantages:
– WRR schedules packets based on the number of packets. When the average packet
length in each queue is the same or known, you can obtain the required bandwidth by
setting WRR weight values. When the average packet length in each queue is variable,
you cannot obtain the required bandwidth by setting WRR weight values.
– Delay-sensitive services, such as voice services, cannot be scheduled in a timely
manner.
l DRR scheduling
Implementation of Deficit Round Robin (DRR) is similar to that of WRR.
The difference between DRR and WRR is as follows: WRR schedules packets based on
the number of packets, whereas DRR schedules packets based on the packet length. If the
packet length is too long, DRR allows the negative weight value so that long packets can
be scheduled. In the next round, the queue with the negative weight value is not scheduled
until its weight value becomes positive.
DRR offsets the disadvantages of PQ scheduling and WRR scheduling. That is, in PQ
scheduling, packets in queues with lower priorities cannot be scheduled for a long time; in
WRR scheduling, bandwidth is allocated improperly when the packet length of each queue
is different or variable.

DRR cannot schedule delay-sensitive services such as voice services in time.

l WFQ scheduling
Fair Queue (FQ) ensures that network resources are allocated evenly to optimize the delay
and jitter of all flows. Weighted FQ (WFQ) schedules packets based on priorities, and
schedules more packets with higher priorities than packets with lower priorities.
WFQ can automatically classify flows based on the session information, including the
protocol type, source and destination TCP or UDP port numbers, source and destination IP
addresses, and precedence field in the ToS field. In addition, WFQ provides a large number
of queues and evenly puts flows into queues to smooth out the delay. When flows leave
queues, WFQ allocates the bandwidth on the outbound interface for each flow based on
the precedence of each flow. Flows with the lowest priorities obtain the least bandwidth.
l PQ+WRR/PQ+DRR/PQ+WFQ scheduling
PQ, WRR, DRR, and WFQ have their own advantages and disadvantages. If only PQ
scheduling is used, packets in queues with lower priorities cannot obtain bandwidth. If only
WRR, DRR, or WFQ scheduling is used, delay-sensitive services cannot be scheduled in
time. PQ+WRR, PQ+DRR, or PQ+WFQ scheduling integrates the advantages of PQ
scheduling and WRR or DWRR scheduling and offsets their disadvantages.
By using PQ+WRR, PQ+DRR, or PQ+WFQ scheduling, the AR1200-S puts important
packets, such as protocol packets and packets of delay-sensitive services to the PQ queue,
and allocates bandwidth to the PQ queue. Then the AR1200-S can put other packets into
WRR, DRR, or WFQ queues based on the packet priority. Packets in WRR, DRR, or WFQ
queues can be scheduled in turn.
l CBQ scheduling
Class-based queueing (CBQ) is an extension of WFQ and matches packets with traffic
classifiers. CBQ classifies packets based on the IP precedence or DSCP priority, inbound
interface, or 5-tuple (protocol type, source IP address and mask, destination IP address and
mask, source port range, and destination port range). Then CBQ puts packets into different
queues. If packets do not match any configured traffic classifiers, CBQ matches packets
with the default traffic classifier.
CBQ provides the following types of queues:
– Expedited Forwarding (EF) queues are applied to short-delay services.
An EF queue has the highest priority. You can put one or more types of packets into EF
queues and set different bandwidth for different types of packets. During scheduling, if
EF queues have packets, packets in EF queues are sent first. Packets in other queues are
sent only after EF queues are empty or the maximum reservable bandwidth of EF queues
is exceeded.
UDP packets of VoIP services often exist in EF queues; therefore, use the tail drop
method but not WRED.
– Assured Forwarding (AF) queues are applied to key data services that require assured
bandwidth.
Each AF queue corresponds to one type of packets. You can set bandwidth for each
type of packets. During scheduling, the system sends packets based on the configured
bandwidth. AF implements fair scheduling. If an interface has remaining bandwidth,
packets in AF queues obtain the remaining bandwidth based on weights. When
congestion occurs, each type of packets can obtain the minimum bandwidth.
If the length of an AF queue reaches the maximum value, the tail drop method is used
by default. You can choose to use WRED.
– Best-Effort (BE) queues are applied to best-effort services that require no strict QoS
assurance.

If packets do not match any configured traffic classifiers, packets match the default
traffic classifier defined by the system. You are allowed to configure AF queues and
bandwidth for the default traffic classifier, whereas BE queues are configured in most
situations. BE uses WFQ scheduling so that the system schedules packets matching the
default traffic classifier based on flows.
If the length of a BE queue reaches the maximum value, the tail drop method is used
by default. You can choose to use WRED.
HQoS
The traditional QoS technology schedules packets based on interfaces. An interface, however,
can identify only priorities of different services but cannot identify services of different users.
Packets of the same priority are placed into the same queue on an interface, and compete for the
same queue resource. Therefore, the traditional QoS technology is unable to provide
differentiated services based on types of traffic and users.
As the number of users increases continuously and services develop, users require differentiated
services to have better QoS and gain more profits. Hierarchical QoS (HQoS) implements
hierarchical scheduling based on queues and differentiates services and users. It provides QoS
guarantee and saves network operation and maintenance costs.
l Queues supported by HQoS
The AR1200-S supports three levels of queues, that is, level-3 flow queue (FQ), level-2
subscriber queue (SQ), and level-1 port queue (PQ). The HQoS hierarchy is a tree structure.
The flow queue is taken as the leaf node and the port queue is taken as the root node. When
packets pass through an interface using HQoS, the packets are classified so that they
traverse the branches of the tree. Packets arrive at the top of the tree and are classified on
one of the leaves. Packets then traverse down the tree until they are transmitted out the
interface at the root.
l HQoS implementation
HQoS is implemented by traffic policy nesting supported by the AR1200-S.
A traffic policy can be nested into another traffic policy. That is, the traffic behavior or
action in a traffic policy is a sub traffic policy. When a sub traffic policy is bound to a traffic
policy, the traffic behavior in the traffic policy is taken for packets matching the traffic
classifier associated with the traffic behavior. Then the packets are classified by the sub
traffic policy and the traffic behavior in the sub traffic policy is taken for the classified
packets.
A traffic classifier in the traffic policy differentiates users by using VLAN IDs, PVC
information, and DLCI numbers. That is, the packets that match the traffic classifier in the
traffic policy enter the same subscriber queue.
The traffic classifier in a sub traffic policy differentiates services. That is, the packets that
match the traffic classifier in the sub traffic policy enter the same flow queue.
l HQoS scheduling
HQoS implements hierarchical scheduling and provides good service support. Scheduler
levels are relevant to the topology.
The AR1200-S provides three levels of schedulers, that is, flow queue scheduler, subscriber
queue scheduler, and port queue scheduler. The flow queue scheduler and subscriber queue
scheduler support PQ scheduling, WFQ scheduling, and PQ+WFQ scheduling. The port
queue scheduler uses RR scheduling.
HQoS deployment for enterprise users is used as an example. Enterprise users have VoIP
services, video conference (VC) services, and data services. Each subscriber queue

corresponds to one enterprise user and each flow queue corresponds to a type of services.
By deploying HQoS, the AR1200-S implements the following functions:
– Controlling traffic scheduling among the three types of services of a single enterprise
user
– Controlling total bandwidth of the three types of services of a single enterprise user
– Controlling bandwidth allocation between multiple enterprise users
– Controlling total bandwidth of multiple enterprise users
1.3 Configuring Priority Mapping

After priority mapping is configured, the AR1200-S determines the queues and output priorities
of the received packets based on packet priorities or the default 802.1p priority of the interface.
By doing this, the AR1200-S provides differentiated services.
1.3.1 Establishing the Configuration Task

Before configuring priority mapping, familiarize yourself with the applicable environment,
complete the pre-configuration tasks, and obtain the data required for the configuration. This
will help you complete the configuration task quickly and accurately.
Applicable Environment
The AR1200-S can determine the queues that packets enter based on packet priorities (802.1p/
DSCP priorities) or the priority of an interface. The AR1200-S can re-mark packet priorities so
that the connected device can provide differentiated QoS based on precedence fields of the
packets.
l When the AR1200-S is configured to trust DSCP priorities of packets, it maps DSCP
priorities to 802.1p priorities based on priority mapping. The AR1200-S also determines
the queues that packets enter, and re-marks packet priorities.
l When the AR1200-S is configured to trust 802.1p priorities of packets or uses the priority
of an interface, it determines the queues that packets enter based on the 802.1p priority and
re-marks packet priorities.
Pre-configuration Tasks
Before configuring priority mapping, complete the following tasks:
l Configuring link layer attributes of interfaces to ensure that these interfaces work properly
l Configuring IP addresses and routing protocols for interfaces to ensure connectivity
Data Preparation
To configure priority mapping, you need the following data.
No. Data
1 Types and numbers of interfaces
2 Priority of an interface

No. Data
3 Packet priority trusted by an interface
4 Input priority and output priority
1.3.2 Configuring the Packet Priority Trusted by an Interface

After an interface is configured to trust the priority of packets, the AR1200-S performs mapping
based on the specified priority.
Context
The AR1200-S trusts the following priorities:
l 802.1p priority
– The AR1200-S determines the queues that tagged packets enter based on 802.1p
priorities in the tagged packets and modifies packet priorities.
– The AR1200-S determines the queues that untagged packets enter based on the default
802.1p priority of an interface and modifies packet priorities.
l DSCP priority
The AR1200-S maps DSCP priorities of packets to 802.1p priorities, determines the queues
that packets enter, and modifies packet priorities based on the priority mapping table.
l Priority of an interface
The AR1200-S determines the queues that packets enter based on the priority of the
interface, and modifies packet priorities based on the priority mapping table.
Procedure
Step 1 Run:
system-view
The system view is displayed.

Step 2 Run:
interface interface-type interface-number[.subinterface-number]
The interface view or sub-interface view is displayed.

Step 3 Run:
trust { 8021p | dscp } [ override ]
The packet priority trusted by the interface is configured.

By default, the priority of an interface is used.
----End
1.3.3 Setting the Default 802.1p Priority of an Interface

The default 802.1p priority of an interface can be set. By default, the default 802.1p priority of
an interface is 0.

Context
The 802.1p priority is determined by the 3-bit priority field contained in a VLAN tag. The 802.1p
priority is used to provide differentiated services.
The default 802.1p priority of an interface is used in the following situations presented in the
following table.
Interface Configuration Whether a Received Processing Method
Packet Carries a VLAN
Tag
Default configuration (the No The AR1200-S searches for

priority of an interface is the mapping table between
used) 802.1p priorities and other
priorities based on the
priority of an interface,
modifies the packet priority,
and send the packet to a
queue based on the modified
802.1p priority.
Default configuration (the Yes The AR1200-S searches for

priority of an interface is the mapping table between
used) 802.1p priorities and other
and sends the packet to a
queue based on the modified
802.1p priority.
trust 8021p override No The AR1200-S searches for

the mapping table between
802.1p priorities and other
queue based on the 802.1p
priority.
trust 8021p No The AR1200-S searches for

the mapping table between
802.1p priorities and other
queue based on the 802.1p
priority.

Procedure
Step 1 Run:
system-view
Step 2 Run:
interface interface-type interface-number
The interface view is displayed.
Step 3 Run:
port priority priority-value
The priority of the interface is set.
By default, the priority of an interface is 0.
----End
1.3.4 Configuring a Priority Mapping Table

A priority mapping table includes mappings between 802.1p priorities, DSCP priorities.
Context
The AR1200-S performs priority mapping based on packet priorities or the default priority of
an interface. Mappings between priorities can be configured in the priority mapping table.
Procedure
Step 1 Run:
system-view
Step 2 Run:
qos map-table { dot1p-dot1p | dot1p-dscp | dscp-dot1p | dscp-dscp }
The priority mapping table view is displayed.
Step 3 Run:
input { input-value1 [ to input-value2 ] } &<1-10> output output-value
Mappings are configured in the priority mapping table.
----End
1.3.5 Checking the Configuration

After priority mapping is configured, you can view global priority mapping.
Prerequisite
All the priority mapping configurations are complete.

Procedure
l Run the display qos map-table [ dot1p-dot1p | dot1p-dscp | dscp-dot1p | dscp-dscp ]
command to view the priority mapping.
----End
1.4 Configuring Traffic Policing

The AR1200-S supports interface-based traffic policing and flow-based traffic policing.

Before configuring traffic policing, familiarize yourself with the applicable environment,
A network is congested if traffic sent by users is not limited. To make use of limited network
resources, limit the user traffic.
l Interface-based traffic policing limits all the incoming or outgoing service traffic on an
interface.
l Flow-based traffic policing limits incoming or outgoing service traffic matching traffic
Before configuring traffic policing, complete the following tasks:
Data Preparation
To configure interface-based traffic policing, you need the following data.
No. Data
1 Interface and direction to which the traffic policy is applied
2 CIR value and optional parameters including the PIR value, CBS value, PBS value,
color, and coloring mode
To configure flow-based traffic policing, you need the following data.
No. Data
1 Traffic classifier name and related parameters

No. Data
2 Traffic behavior name and committed access rate (CAR) parameters: CIR value and
optional parameters including the PIR value, CBS value, PBS value, color, and
coloring mode
3 Traffic policy name and interface and direction to which the traffic policy is applied
1.4.2 Configuring Traffic Policing on an Interface

You can configure CAR on an interface in the inbound or outbound direction to limit the rate
of incoming or outgoing traffic on the interface.
Context
To limit all the incoming or outgoing traffic on an interface, configure traffic policing on the
interface. If the rate of received or sent packets exceeds the rate limit, packets are discarded.
Procedure
Step 1 Run:
system-view

Step 2 Run:

Step 3 Run the following commands as required.
l On the WAN side, run:
qos car { inbound | outbound } cir cir-value [ pir pir-value ] [ cbs cbs-value
pbs pbs-value ] [ green { discard | pass [ remark-8021p 8021p-value | remark-
dscp dscp-value ] } ] [ yellow { discard | pass [ remark-8021p 8021p-value |
remark-dscp dscp-value ] } ] [ red { discard | pass [ remark-8021p 8021p-value
| remark-dscp dscp-value ] } ]
Traffic policing is configured on the WAN-side interface.

By default, traffic policing is not performed on an interface.
NOTE
If the CBS and PBS values are not specified, their values are determined as follows:
l If the PIR value is not set or the PIR and CIR values are the same, the CBS value is 188 times the
CIR value and the PBS value is 313 times the CIR value.
l If the PIR value is set and the PIR and CIR values are different, the CBS value is 125 times the
CIR value and the PBS value is 125 times the PIR value.
When the CBS value is less than the number of bytes in a single packet of a service, packets of the
service are discarded.
l On the LAN side, run:
qos car inbound cir cir-value
Traffic policing is configured on the LAN-side interface.

By default, traffic policing is not performed on an interface.

NOTE
LAN-side interfaces on the AR1200-S support only traffic policing in the inbound direction.
----End
1.4.3 Configuring Flow-based Traffic Policing

After traffic policing is configured in a traffic policy, the traffic policy can be applied to multiple
interfaces to limit the rate of incoming or outgoing traffic on the interfaces.
Context
To limit the rate of incoming or outgoing traffic matching traffic classification rules, configure
flow-based traffic policing. A traffic policy can be applied to multiple interfaces. When the
traffic rate exceeds the rate limit, traffic is discarded. Flow-based traffic policing can implement
differentiated services using complex traffic classification.
Procedure
Step 1 Configure a traffic classifier.
The AR1200-S can classify traffic according to the ACL, Layer 2 information in packets, and
Layer 3 information in packets. Configure a traffic classifier by selecting appropriate traffic
classification rules. For details, see 2.3 Configuring a Traffic Classifier.
Step 2 Configure a traffic behavior.
Create a traffic behavior and configure the CAR action in the traffic behavior. For details, see
2.4.5 Configuring Traffic Policing.
Step 3 Configure a traffic policy.
Create a traffic policy, associate the traffic classifier and traffic behavior with the traffic policy,
and apply the traffic policy to an interface. For details, see 2.5 Configuring a Traffic Policy.
----End

After traffic policing is configured, you can view the rate limit.
Prerequisite
All the traffic policing configurations are complete.
Procedure
l Checking the interface-based traffic policing configuration
Run the display this command in the interface view to check the traffic policing
configuration on the interface.
l Checking the flow-based traffic policing configuration
– Run the display traffic behavior { system-defined | user-defined } [ behavior-
name ] command to check the traffic behavior configuration.

– Run the display traffic classifier { system-defined | user-defined } [ classifier-

name ] command to check the traffic classifier configuration.
– Run the display traffic policy user-defined [ policy-name [ classifier classifier-
name ] ] command to check the traffic policy configuration.
– Run the display traffic-policy policy-name applied-record command to check the
specified traffic policy record.
----End
Example
l Checking the interface-based traffic policing configuration
Run the display this command to check the traffic policing configuration on the interface.
[Huawei-Ethernet0/0/0] display
this
#
interface Ethernet0/0/0
qos car inbound cir
2000
#
return
l Checking the flow-based traffic policing configuration

For details, see 2.3 Configuring a Traffic Classifier, 2.4.11 Checking the
Configuration, and 2.5 Configuring a Traffic Policy.
1.5 Configuring Traffic Shaping

Traffic shaping enables outgoing traffic to be sent out at an even rate and reduces the number
of discarded packets whose rate exceeds the rate limit.

Before configuring traffic shaping, familiarize yourself with the applicable environment,
If the bandwidth on the upstream network is different from the bandwidth on the downstream
network, configure traffic shaping on the outbound interface that connects the upstream network
to the downstream network. Traffic shaping ensures that the rate of packets destined for the
downstream network does not exceed the bandwidth of the downstream network, reducing
congestion and packet loss. The AR1200-S supports the following types of traffic shaping:
l Interface-based traffic shaping: shapes all the service traffic on an interface so that the
service traffic can be sent out at an even rate.
l Queue-based traffic shaping: sets different rate limits for queues with different priorities
on an interface.
l Flow-based traffic shaping: sets different rate limits for different types of traffic matching
traffic configuration rules on an interface.
You can configure one or two types of traffic shaping on an interface, but queue-based traffic
shaping and flow-based traffic shaping cannot be configured on the same interface.

NOTE
Queue-based traffic shaping and flow-based traffic shaping cannot be configured simultaneously.
If both interface-based traffic shaping and queue-based traffic shaping are configured on an interface, the
CIR value of interface-based traffic shaping cannot be less than the sum of CIR values of all the queues
on the interface; otherwise, the traffic shaping result may be incorrect. For example, packets in queues with
higher priorities are not scheduled in a timely manner.
If both interface-based traffic shaping and flow-based traffic shaping are configured on an interface, the
CIR value of interface-based traffic shaping cannot be less than the sum of CIR values of all the flows on
the interface; otherwise, the traffic shaping result may be incorrect. For example, packets in queues with
higher priorities are not scheduled in a timely manner.
Traffic shaping can be configured on the logical interface, including the dialer interface, MP-Group
interface, virtual template interface, virtual Ethernet interface, tunnel interface, or the physical interface
corresponding to the virtual interface. If traffic shaping, congestion management, congestion avoidance,
or a combination of them is configured on the virtual interface, the configuration on the virtual interface
takes effect. The configuration on the physical interface, however, does not take effect.
Before configuring traffic shaping, complete the following tasks:
Data Preparation
To configure interface-based traffic shaping, you need the following data.
No. Data
1 Interface to which traffic shaping is applied
2 CIR value and (optional) CBS value
To configure queue-based traffic shaping, you need the following data.
No. Data
1 Number of the interface and index of the queue to which traffic shaping is applied
2 Queue profile name
3 CIR value and (optional) CBS value
4 Number of the interface to which a queue profile is applied
To configure flow-based traffic policing, you need the following data.
No. Data

No. Data
2 Traffic behavior name, and CIR value and optional parameters including the PIR
value, PBS value, and queue length
3 Traffic policy name and interface to which the traffic policy is applied
1.5.2 Configuring Interface-based Traffic Shaping

You can configure traffic shaping on an interface to limit the rate of data sent by the interface.
Context
To limit all the outgoing traffic on an interface, configure traffic shaping on the interface. Traffic
shaping buffers the packets whose rate is greater than the traffic shaping rate. When there are
sufficient tokens in the token bucket, the buffered packets are forwarded at an even rate. If queues
are full, packets are discarded.
Procedure
Step 1 Run:
system-view
Step 2 Run:
Step 3 Run:
qos gts cir cir-value [ cbs cbs-value ]
Traffic shaping is configured.
By default, traffic shaping is not performed on an interface. When you configure traffic shaping
on an interface without specifying the CBS value, the CBS value is 25 times the CIR value.
----End
1.5.3 Configuring Queue-based Traffic Shaping

This section describes how to configure a queue profile, set traffic shaping parameters, and apply
a traffic shaping profile to an interface.
Context
To shape packets in each queue on an interface, configure a queue profile and apply it to the
interface. The received packets enter different queues based on priority mapping. Differentiated
services are provided by setting different traffic shaping parameters for queues with different
priorities.

Procedure
Step 1 Run:
system-view

Step 2 Run:
qos queue-profile queue-profile-name
A queue profile is created and the queue profile view is displayed.

Step 3 Run:
queue { start-queue-index [ to end-queue-index ] } &<1-10> length { bytes bytes-
value | packets packets-value }*
The length of each queue is set.

By default, the length of a queue using PQ on the WAN side is 40960 bytes; the length of a
queue using WFQ on the WAN side is 131072 bytes; the length of a queue using PQ, DRR, or
WRR on the LAN side is 5120 bytes.
NOTE
The FE interface on the AR1200-S SRU does not support the queue length command.
Step 4 Run:
queue { start-queue-index [ to end-queue-index ] } &<1-10> gts cir cir-value [ cbs
cbs-value ]
Queue-based traffic shaping is configured.

By default, traffic shaping is not performed for queues. When you configure traffic shaping on
an interface without specifying the CBS value, the CBS value is 25 times the CIR value.
Step 5 Run:
quit
Exit from the queue profile view.

Step 6 Run:

Step 7 Run:
The queue profile is applied to the interface or sub-interface.
----End
1.5.4 Configuring Flow-based Traffic Shaping

After traffic shaping is configured in a traffic policy, the traffic policy can be applied to multiple
interfaces to limit the rate of traffic of a specified type on the interfaces.
Context
To limit all the outgoing traffic of a specified type on an interface, configure flow-based traffic
shaping. A traffic policy can be applied to different interfaces. When the rate of packets matching

the traffic policy exceeds the rate limit, traffic shaping buffers the excess packets. When there
are sufficient tokens in the token bucket, the buffered packets are forwarded at an even rate.
When the token bucket is full, the packets are discarded. Flow-based traffic shaping can
implement differentiated services using complex traffic classification.
Procedure
Create a traffic behavior and configure the GTS action in the traffic behavior. For details, see
2.4.6 Configuring Traffic Shaping.
----End

After traffic shaping is configured, you can view the traffic shaping rate.
Prerequisite
All the traffic shaping configurations are complete.
Procedure
l Checking the interface-based traffic shaping configuration
Run the display this command in the interface view to check the traffic shaping
configuration on the interface.
l Checking the queue-based traffic shaping configuration
– Run the display this command in the interface view to check the queue profile bound
to the interface.
– Run the display qos queue-profile [ queue-profile-name ] command to check the queue
profile configuration.
l Checking the flow-based traffic shaping configuration

l Checking the packet statistics on the interface configured with traffic policing
– Run the display qos car statistics interface interface-type interface-number
{ inbound | outbound }or display qos car statistics interface { virtual-template vt-
number | dialer number } virtual-access va-number { inbound | outbound } command
to check the statistics on forwarded and discarded packets on the interface.
----End
Example
l Checking the interface-based traffic shaping configuration
Run the display this command to check the interface-based traffic shaping configuration.
this
#
interface
Ethernet0/0/0
qos gts cir 2000 cbs
375000
#
return
l Checking the queue-based traffic shaping configuration

Run the display this command to check the queue profile bound to the interface.
this
#
interface
Ethernet0/0/0
qos queue-profile qp1
#
return
Run the display qos queue-profile command to check the queue profile configuration.
<Huawei> display qos queue-profile qp1
Queue-profile:qp1
Queue Schedule Weight Length(Bytes/Packets) GTS(CIR/CBS)
------------------------------------------------------------------------------
--------------------
0 DRR 10 2048/4 -/-
1 DRR 10 2048/4 -/-
2 DRR 10 2048/4 -/-
3 DRR 10 2048/4 -/-
4 DRR 10 2048/4 -/-
5 PQ - 512/1 -/-
6 PQ - 512/1 -/-
7 PQ - 512/1 64/10000
l Checking the flow-based traffic shaping configuration

1.6 Configuring Congestion Management

If congestion occurs on a network after congestion management is configured, the AR1200-S
determines the sequence at which packets are forwarded according to the defined scheduling
policy.


Before configuring congestion management, familiarize yourself with the applicable
environment, complete the pre-configuration tasks, and obtain the data required for the
configuration. This will help you complete the configuration task quickly and accurately.
When congestion occurs on a network, configure congestion management to implement the
following functions:
l Smooth out the delay and jitter.
l Preferentially process packets of delay-sensitive services, such as video services and voice
services.
l Process packets with the same priority uniformly and process packets with different
priorities based on packet priorities among delay-insensitive services, for example, email
services.
The AR1200-S supports queue-based congestion management and class-based congestion
management:
l Queue-based congestion management: When packets enter queues on an interface based
on packet priorities, configure different scheduling modes for queues using a queue profile
so that differentiated services are provided.
l Class-based congestion management: The AR1200-S provides EF, AF, and BE queues and
different scheduling modes for packets matching traffic classifiers so that differentiated
services can be provided.
NOTE
Queue-based congestion management and class-based congestion management cannot be configured

simultaneously.
Class-based congestion management can only be configured on the AR1200-S WAN-side interfaces but
not on the LAN-side interfaces.
Congestion management can be configured on the logical interface, including the dialer interface, MP-
Group interface, virtual template interface, virtual Ethernet interface, tunnel interface, or the physical
interface corresponding to the virtual interface. If traffic shaping, congestion management, congestion
avoidance, or a combination of them is configured on the virtual interface, the configuration on the virtual
interface takes effect. The configuration on the physical interface, however, does not take effect.
Before configuring congestion management, complete the following tasks:
l Configuring priority mapping
l Configuring priority re-marking based on traffic classification
Data Preparation
To configure queue-based congestion management, you need the following data.
No. Data
1 Interface and queue to which congestion management is applied

No. Data
3 Queue scheduling mode
4 (Optional) Queue length
5 (Optional) Queue weight
To configure class-based congestion management, you need the following data.
No. Data
2 Traffic behavior name and scheduling mode
1.6.2 Configuring Queue-based Congestion Management

The AR1200-S supports the following scheduling modes: PQ, DRR, WFQ, WRR, PQ+DRR,
PQ+WFQ, and PQ+WRR.
Context
After packets enter queues on an interface based on priority mapping, they are scheduled
according to rules. Interfaces on the AR1200-S support different scheduling modes. PQ queues
are scheduled first, and multiple queues are scheduled in descending order of priorities. After
all the PQ queues are scheduled, the AR1200-S schedules DRR, WFQ, or WRR queues in turn.
Table 1-4 Scheduling mode supported by each interface

Interface Scheduling Mode
LAN-side interface l PQ
l DRR
l WRR
l PQ+DRR
l PQ+WRR
NOTE
FE interfaces of the SRU on theAR1200-S do not
support DRR scheduling. They support the
following scheduling modes:
l PQ
l WRR
l PQ+WRR

Interface Scheduling Mode
WAN-side interface l PQ
l WFQ
l PQ+WFQ
Procedure
Step 1 Run:
system-view
Step 2 Run:
A queue profile is created and the queue profile view is displayed.

l On the WAN-side interface, run:
schedule { { pq start-queue-index [ to end-queue-index ] } | { wfq start-queue-
index [ to end-queue-index ] } }*
A scheduling mode is configured for each queue on the WAN-side interface.

l On the LAN-side interface, run:
schedule { { pq start-queue-index [ to end-queue-index ] } | { drr start-queue-
index [ to end-queue-index ] } | { wrr start-queue-index [ to end-queue-
index ] } }*
A scheduling mode is configured for each queue on the LAN-side interface.

By default, all the queues on the LAN side use WRR and all the queues on the WAN use
WFQ.
Step 4 (Optional) Run:

queue { start-queue-index [ to end-queue-index ] } &<1-10> length { bytes bytes-
value | packets packets-value }*
The length of each queue is set on the interface.
By default, the length of a queue using PQ, DRR, or WRR on the LAN side is 5120 bytes; the
length of a queue using PQ on the WAN side is 40960 bytes; the length of a queue using WFQ
on the WAN side is 131072 bytes.
NOTE
The FE interface on the AR1200-S SRU does not support the queue length command.
Step 5 (Optional) Run:

queue { start-queue-index [ to end-queue-index ] } &<1-10> weight weight-value
The weight value of each queue is set on the interface.
By default, the weight value of a queue is 10.

NOTE
The FE interface on the AR1200-S SRU does not support the queue weight command.
Step 6 Run:
quit
Step 7 Run:
Step 8 Run:
----End
1.6.3 Configuring Class-based Congestion Management

After a traffic policy is configured, it can be applied to multiple interfaces so that the same
scheduling mode can be applied to traffic of a specified type on multiple interfaces.
Context
The AR1200-S provides the following queues for data packets matching traffic classification
rules:
l AF: ensures low drop probability of packets when the rate of outgoing service traffic does
not exceed the minimum bandwidth. It is applied to services of heavy traffic that need to
be ensured.
l EF: is applied to services requiring a low delay, low drop probability, and assured
bandwidth. EF is also applied to services occupying low bandwidth, for example, voice
packets. After packets matching traffic classification rules enter EF queues, they are
scheduled in Strict Priority (SP) mode. Packets in other queues are scheduled only after all
the packets in EF queues are scheduled.
l BE: is used with the default traffic classifier. The remaining packets that do not enter AF
or EF queues enter BE queues. BE queues use WFQ scheduling. When a greater number
of queues are configured, WFQ allocates bandwidth more evenly but more resources are
occupied. WFQ is applied to the services insensitive to the delay and packet loss, for
example, Internet access services.
Class-based congestion management, also called CBQ, on the main interface or sub-interface is
exclusive with the queue profile or traffic shaping on the same main interface or sub-interface.
CBQ Configuration Whether the Queue Whether Traffic Shaping

Profile Can Be Can Be Configured (qos
Configured (qos queue- gts)
profile (interface view))
Main interface Main interface: No Main interface: Yes
Sub-interface: No Sub-interface: No

CBQ Configuration Whether the Queue Whether Traffic Shaping

Profile Can Be Can Be Configured (qos
Configured (qos queue- gts)
profile (interface view))
Sub-interface Main interface: Yes Main interface: Yes
Sub-interface: No Sub-interface: Yes
Procedure
Create a traffic behavior and configure flow-based queue scheduling in the traffic behavior. For
details, see 2.4.7 Configuring Congestion Management.
----End

After congestion management is configured, you can view scheduling parameters of each queue
on a specified interface.
Prerequisite
All the congestion management configurations are complete.
Procedure
l Checking the queue-based congestion management configuration
to the interface.
– Run the display qos queue-profile [ queue-profile-name ] command to check the queue
profile configuration.
l Checking the class-based congestion management configuration


----End
Example
l Checking the queue-based congestion management configuration
this
#
#
return
Run the display qos queue-profile command to check the queue profile configuration.
<Huawei> display qos queue-profile qp1
Queue-profile:qp1
------------------------------------------------------------------------------
--------------------
0 DRR 10 2048/4 -/-
1 DRR 10 2048/4 -/-
2 DRR 10 2048/4 -/-
3 DRR 10 2048/4 -/-
4 DRR 10 2048/4 -/-
5 PQ - 512/1 -/-
6 PQ - 512/1 -/-
7 PQ - 512/1 64/10000
l Checking the class-based congestion management configuration

1.7 Configuring Congestion Avoidance

After congestion avoidance is complete, the AR1200-S discards the packets whose rate exceeds
the rate limit based on the WRED configuration.

Before configuring congestion avoidance, familiarize yourself with the applicable environment,
By default, the AR1200-S uses the tail drop method and discards data packets at the end of a
queue when congestion occurs. The tail drop method may cause global Transmission Control
Protocol (TCP) synchronization, and it reduces link usage. The Weighted Random Early
Detection (WRED) can solve these problems.
The AR1200-S supports queue-based congestion avoidance and flow-based congestion
avoidance:

l Queue-based congestion avoidance: In a queue profile, different drop profiles are bound
to queues. Different WRED parameters in drop profiles take effect for queues with different
priorities so that differentiated services are provided.
l Flow-based congestion avoidance: The AR1200-S provides EF, AF, and BE queues for
packets matching traffic classification rules. EF queues can use only tail drop, and AF and
BE queues can bind drop profiles to traffic behaviors so that differentiated services are
provided.
NOTE
Queue-based congestion avoidance and flow-based congestion avoidance are exclusive.

Congestion avoidance can only be configured on the AR1200-S WAN-side interfaces but not on the LAN-
side interfaces.
Congestion avoidance can be configured on the logical interface, including the dialer interface, MP-Group
interface, virtual template interface, virtual Ethernet interface, tunnel interface, or the physical interface
corresponding to the virtual interface. If traffic shaping, congestion management, congestion avoidance,
or a combination of them is configured on the virtual interface, the configuration on the virtual interface
takes effect. The configuration on the physical interface, however, does not take effect.
Before configuring congestion avoidance, complete the following tasks:
l Configuring priority re-marking based on traffic classification
l Configuring congestion management
Data Preparation
To configure queue-based congestion avoidance, you need the following data.
No. Data
1 Drop profile name and WRED parameters
3 Interface and queue to which congestion avoidance is applied
To configure flow-based congestion avoidance, you need the following data.
No. Data
1 Drop profile name and WRED parameters
3 Traffic behavior name

1.7.2 Configuring Queue-based WRED

To reduce congestion on a WAN-side interface, apply a drop profile to the interface.
Context
A drop profile defines WRED parameters and is used to implement congestion avoidance for
queues bound to the drop profile.
After a drop profile is bound to a queue profile, bind the queue profile to an interface so that
WRED parameters in the drop profile take effect on the interface.
The AR1200-S supports WRED based on DSCP priorities or IP priorities:
l The value of an IP precedence ranges from 0 to 7.
l The value of a DSCP priority ranges from 0 to 63.
l Eight DSCP priorities correspond to one IP precedence.
WRED based on DSCP priorities differentiates services in a more refined manner.
NOTE
Drop profiles can be bound to only queues using WFQ on the AR1200-S WAN interfaces.
Procedure
Step 1 Configuring a drop profile
1. Run:
system-view

2. Run:
drop-profile drop-profile-name
A drop profile is created and the drop profile view is displayed.

3. (Optional) Run:
wred { dscp | ip-precedence }
A WRED drop profile based on DSCP or IP priorities is configured.

4. Run the following commands as required.
l Run:
dscp { dscp-value1 [ to dscp-value2 ] } &<1-10> low-limit low-limit-
percentage high-limit high-limit-percentage discard-percentage discard-
percentage
WRED parameters based on DSCP priorities are set.

l Run:
ip-precedence { ip-precedence-value1 [ to ip-precedence-value2 ] } &<1-10>
low-limit low-limit-percentage high-limit high-limit-percentage discard-
percentage discard-percentage
WRED parameters based on IP priorities are set.

5. Run:
quit
Exit from the drop profile view.

Step 2 Applying the drop profile

1. Run:
The queue profile view is displayed.
The drop profile can be an existing drop profile or a new drop profile. You can set the
scheduling mode, queue weight, queue length, and queue shaping in the queue profile.
2. Run:
schedule wfq start-queue-index [ to end-queue-index ]
WFQ is specified for the specified queue in the queue profile.

3. Run:
queue { start-queue-index [ to end-queue-index ] } &<1-10> drop-profile drop-
profile-name
A drop profile is bound to a queue in a queue profile.
By default, no queue is bound to a drop profile. All queues use tail drop.
4. Run:
quit

5. Run:

6. Run:
----End
1.7.3 Configuring Flow-based WRED

To reduce congestion in AF and BE queues, bind a drop profile to a traffic behavior of a traffic
policy.
Prerequisite
Class-based congestion management has been configured.
Context
After a drop profile is bound to a traffic behavior, bind the traffic behavior and traffic classifier
to a traffic policy and apply the traffic policy to an interface so that WRED parameters in the
drop profile take effect on the interface.
The AR1200-S supports WRED based on DSCP priorities or IP priorities:

l The value of an IP precedence ranges from 0 to 7.

l The value of a DSCP priority ranges from 0 to 63.

l Eight DSCP priorities correspond to one IP precedence.
WRED based on DSCP priorities differentiates services in a more refined manner.
NOTE
Congestion avoidance can only be configured on the AR1200-S WAN-side interfaces but not on the LAN-
side interfaces.
A drop profile takes effect for only AF and BE queues; therefore, class-based congestion management must
have been configured before you configure flow-based congestion avoidance.
Procedure
Step 1 Configuring a drop profile
1. Run:
system-view

2. Run:
A drop profile is created and the drop profile view is displayed.

3. (Optional) Run:
wred { dscp | ip-precedence }
A WRED drop profile based on DSCP or IP priorities is configured.

4. Run the following commands as required.
l Run:
dscp { dscp-value1 [ to dscp-value2 ] } &<1-10> low-limit low-limit-
percentage high-limit high-limit-percentage discard-percentage discard-
percentage
WRED parameters based on DSCP priorities are set.

l Run:
ip-precedence { ip-precedence-value1 [ to ip-precedence-value2 ] } &<1-10>
low-limit low-limit-percentage high-limit high-limit-percentage discard-
percentage discard-percentage
WRED parameters based on IP priorities are set.

5. Run:
quit
Exit from the drop profile view.

Step 2 Applying the drop profile
1. Configure a traffic classifier.
The AR1200-S can classify traffic according to the ACL, Layer 2 information in packets,
and Layer 3 information in packets. Configure a traffic classifier by selecting appropriate
traffic classification rules. For details, see 2.3 Configuring a Traffic Classifier.
2. Configure a traffic behavior.
Create a traffic behavior and configure flow-based congestion avoidance in the traffic
behavior. For details, see 2.4.8 Configuring Congestion Avoidance.
3. Configure a traffic policy.

Create a traffic policy, associate the traffic classifier and traffic behavior with the traffic
policy, and apply the traffic policy to an interface. For details, see 2.5 Configuring a
Traffic Policy.
----End

After congestion avoidance is configured, you can view WRED parameters in a drop profile.
Prerequisite
All the congestion avoidance configurations are complete.
Procedure
l Checking the queue-based congestion avoidance configuration
to the interface.
– Run the display this command in the queue profile view to check the drop profile bound
to the queue profile.
– Run the display drop-profile [ drop-profile-name ] command to check the drop profile
configuration.
l Checking the flow-based congestion avoidance configuration
----End
Example
l Checking the queue-based congestion avoidance configuration
this
#
interface
Ethernet0/0/0
#
return
Run the display this command in the queue profile view to check the drop profile bound
to the queue profile qp1.
[Huawei-Ethernet0/0/0] quit
[Huawei] qos queue-profile qp1
[Huawei-qos-queue-profile-qp1] display this
#

qos queue-profile
qp1
queue 2 drop-profile drop-
profile1
schedule wfq 2
#
return
Run the display drop-profile command to check the drop profile configuration.
[Huawei-qos-queue-profile-qp1] quit
[Huawei] quit
<Huawei> display drop-profile drop-profile1
Drop-profile[1]: drop-
profile1
IP-Precedence Low-limit High-limit Discard-
percentage
-----------------------------------------------------------------
0(routine) 30 100
10
1(priority) 30 100
10
2(immediate) 30 100
10
3(flash) 50 80
30
4(flash-override) 30 100
10
5(critical) 30 100
10
6(internet) 30 100
10
7(network) 30 100
10
-----------------------------------------------------------------
l Checking the flow-based congestion avoidance configuration

1.8 Configuring HQoS

To provide differentiated QoS services, configure HQoS on the AR1200-S.

Before configuring Hierarchical QoS (HQoS), familiarize yourself with the applicable
environment, complete the pre-configuration tasks, and obtain the data required for the
configuration. This will help you complete the configuration task quickly and accurately.
The traditional QoS technology schedules packets based on interfaces. An interface, however,
can identify only priorities of different services, but cannot identify services of different users.
Packets of the same priority are placed into the same queue on an interface and compete for the
same queue resource. Therefore, the traditional QoS technology is unable to provide
differentiated service based on the type of traffic and the identity of a user.
As the number of users increases continuously and services develop, users require differentiated
services to have better QoS and gain more profits. HQoS implements hierarchical scheduling
based on queues and differentiates services and users. It provides QoS guarantee and saves
network operation and maintenance costs.

The AR1200-S uses traffic policy nesting to implement HQoS. A traffic policy can be nested
into another traffic policy. That is, the traffic behavior or action in a traffic policy is a sub traffic
policy. Table 1-5 lists the traffic classifiers and traffic behaviors allowed in traffic policies when
traffic policy nesting is used.
Table 1-5 Traffic classifiers and traffic behaviors allowed in traffic policies
Traffic Policy Traffic Classifier Traffic Behavior
Traffic policy (Optional) Traffic (Mandatory) Flow-based

classification based on the traffic shaping
VLAN ID in packets (Mandatory) Sub traffic
(Optional) Traffic policy binding
classification based on PVC
information in packets
(Optional) Traffic
classification based on the
data link connection
identifier (DLCI) in packets
Sub traffic policy All traffic classifiers The following traffic

supported behaviors cannot be
configured simultaneously:
l Flow-based traffic
shaping
l Class-based congestion
management and
congestion avoidance
– (Mandatory) Class-
based congestion
management
– (Optional) Flow-
based congestion
avoidance
NOTE
HQoS can only be configured for outgoing traffic on AR1200-S WAN-side interfaces.
Before configuring HQoS, complete the following tasks:
l Configuring an ACL if necessary

Data Preparation
To configure HQoS, you need the following data.
No. Data
1 Names of the traffic classifier, traffic behavior, and traffic policy, and related
parameters
2 Names of the traffic classifier, traffic behavior, and sub traffic policy, and related
parameters
3 Interface to which the traffic policy is applied
4 (Optional) Interface-based traffic policing and traffic shaping parameters
1.8.2 Configuring a Traffic Policy

A traffic policy can be nested into another traffic policy to differentiate users and services.
1.8.2.1 Configuring a Sub Traffic Policy

A sub traffic policy differentiates user services.
Context
The following actions cannot be configured simultaneously in a traffic behavior of a sub traffic
policy because they are exclusive:
l Flow-based traffic shaping
l Class-based congestion management and congestion avoidance
Procedure
Create a traffic behavior and configure a proper action in the traffic behavior. For details, see
2.4 Configuring a Traffic Behavior.
Step 3 Associate the traffic classifier and the traffic behavior with the traffic policy.
Create a sub traffic policy, and associate the traffic classifier and traffic behavior with the sub
traffic policy. For details, see 2.5 Configuring a Traffic Policy.
----End

1.8.2.2 Configuring a Traffic Policy

A traffic policy differentiates users by using VLAN IDs, PVC information, and DLCI
numbers and shapes user traffic.
Prerequisite
The task of 1.8.2.1 Configuring a Sub Traffic Policy has been complete.
Context
A traffic classifier in the traffic policy can classify traffic only based on VLAN IDs (if-match
vlan-id), PVC information (if-match pvc), and DLCI numbers (if-match dlci).
Traffic shaping must have been configured in the traffic behavior of the traffic policy before
you configure a sub traffic policy. Only traffic shaping and sub traffic policy binding can be
configured in the traffic behavior of the traffic policy.
Procedure
Configure a traffic classifier by selecting appropriate traffic classification rules. For details, see
2.3 Configuring a Traffic Classifier.

1. Run:
system-view

2. Run:
traffic behavior behavior-name
A traffic behavior is created and the traffic behavior view is displayed.

3. Run:
gts cir cir-value [ cbs cbs-value [ pbs pbs-value [ queue-length queue-
length ] ] ]
The GTS action is configured.

4. Run:
traffic-policy policy-name
A sub traffic policy is bound to a traffic behavior.

5. Run:
quit
Exit from the traffic behavior view.
Step 3 Associate the traffic classifier and the traffic behavior with the traffic policy.
Create a traffic policy, and associate the traffic classifier and traffic behavior with the traffic
policy. For details, see 2.5 Configuring a Traffic Policy.

NOTE
Each traffic policy or sub traffic policy supports a maximum of 1024 pairs of traffic classifiers and traffic
behaviors.
Each traffic behavior in the traffic policy can be bound to only one sub traffic policy, whereas different traffic
behaviors can be bound to different sub traffic policies.
If a traffic policy is bound to multiple pairs of traffic classifiers and traffic behaviors, matching rules in the traffic
classifiers must be different. If matching rules are the same, packets of the same type are processed incorrectly
because different actions are taken for these packets.
----End
1.8.2.3 Applying the Traffic Policy to an Interface

A traffic policy takes effect only after it is applied to an interface.
Context
NOTE
Traffic policy nesting can only be configured for outgoing traffic on AR1200-S WAN-side interfaces.
Procedure
Step 1 Run:
system-view
Step 2 Run:
Step 3 Run:
traffic-policy policy-name outbound
A traffic policy is applied to the interface or sub-interface in the outbound direction.
----End
1.8.3 (Optional) Configuring Traffic Policing on an Interface

After CAR is configured on an interface in the outbound direction, the AR1200-S limits the rate
of outgoing packets on the interface. Traffic policing does not increase the delay.
Context
Set traffic policing parameters based on site requirements. For details, see 1.4.2 Configuring
Traffic Policing on an Interface.
The AR1200-S supports traffic policing for flow queues and interface queues.
l The car (traffic behavior view) command configured in a sub traffic policy limits the
traffic rate of flow queues. That is, different rates are set for different services of a user.
l The qos car command configured on an interface only limits the rate of total traffic on the
interface, but does not distinguish users or services.

1.8.4 (Optional) Configuring Traffic Shaping on an Interface

After GTS is configured on an interface, the AR1200-S limits the rate of outgoing data on the
interface. Traffic shaping may increase the delay.
Context
Set the traffic shaping rate based on site requirements. For details, see 1.5.2 Configuring
Interface-based Traffic Shaping.
The AR1200-S supports three levels of shapers, that is, flow queue shaper, subscriber queue
shaper, and port queue shaper.
l The gts (traffic behavior view) command configured in a sub traffic policy limits the rate
of traffic of flow queues. That is, different rates are set for different services of a user.
l The gts (traffic behavior view) command configured in a traffic policy limits the rate of
traffic of subscriber queues. That is, different rates are set for different services of different
users.
l The qos gts command configured on an interface only limits the rate of total traffic on the
interface, but does not distinguish users or services.
NOTE
If three levels of traffic shaping are configured on an interface, the CIR value of traffic shaping on the
interface must be greater than or equal to the CIR values of all traffic behaviors in the traffic policy on the
interface and its sub-interfaces, and the CIR value of each traffic policy must be greater than or equal to
the CIR values of all traffic behaviors in the sub traffic policy.

After HQoS is configured, you can view queue scheduling modes.
Prerequisite
All the HQoS configurations are complete.
Procedure
l Run the display traffic behavior { system-defined | user-defined } [ behavior-name ]
command to check the traffic behavior configuration.
l Run the display traffic classifier { system-defined | user-defined } [ classifier-name ]
command to check the traffic classifier configuration.
l Run the display traffic policy user-defined [ policy-name [ classifier classifier-name ] ]
command to check the traffic policy configuration.
l Run the display traffic-policy policy-name applied-record command to check the
l Run the display this command in the interface view to check the configuration of traffic
policing and traffic shaping on the interface.
----End

Example
l For details on how to check the traffic policing configuration on an interface, see 1.4.4
Checking the Configuration.
l For details on how to check the traffic shaping configuration on an interface, see 1.5.5
Checking the Configuration.
l For details on how to check the flow-based congestion avoidance configuration, see 2.3
Configuring a Traffic Classifier, 2.4.11 Checking the Configuration, and 2.5
Configuring a Traffic Policy.
1.9 Maintaining QoS

This section describes how to maintain QoS.
1.9.1 Displaying the Queue-based Traffic Statistics

The queue-based traffic statistics include the numbers of forwarded and discarded packets.
Context
To check whether packets in each queue on an interface are forwarded or discarded because of
congestion, view the statistics on each queue on the interface.
Procedure
l Run the display qos queue statistics interface interface-type interface-number [ queue
queue-index ] or display qos queue statistics interface { virtual-template vt-number |
dialer number } virtual-access va-number [ queue queue-index ] command to view the
queue-based traffic statistics on the interface.
----End
1.9.2 Clearing the Queue-based Traffic Statistics

You can use the reset command to clear the queue-based traffic statistics.
Context
Before recollecting the queue-based traffic statistics on an interface, run the following command
in the user view to clear the existing statistics.
CAUTION
The cleared queue-based traffic statistics cannot be restored. Exercise caution when you run the
command.
Procedure
l Run the reset qos queue statistics interface interface-type interface-number [ queue
queue-index ] or reset qos queue statistics interface { virtual-template vt-number |

dialer number } virtual-access va-number [ queue queue-index ] command to clear the

queue-based traffic statistics on the interface.
----End

This section provides several configuration examples of traffic policing, traffic shaping,
congestion avoidance, and congestion management.
1.10.1 Example for Configuring Priority Mapping

After the packet priority trusted by an interface is set and the priority mapping table is configured,
the AR1200-S determines the queues that packets enter based on the specified priory and can
modify packet priorities to provide differentiated services.
Networking Requirements
As shown in Figure 1-3, voice, video, and data services on the LAN side of the enterprise are
connected to Eth0/0/0 and Eth0/0/1 of RouterA through SwitchA and SwitchB, and are sent to
the WAN-side network through GE0/0/1 of RouterA.
RouterA identifies and processes service packets on the LAN side based on 802.1p priorities in
packets. When packets reach the WAN- side network from GE0/0/1, RouterA needs to provide
differentiated services based on DSCP priorities in the packets. A priority mapping table is
configured so that RouterA can re-marks 802.1p priorities with DSCP priorities.
Figure 1-3 Networking diagram of priority mapping configurations
Video
802.1p=5
Data
802.1p=2
Video SwitchA GE0/0/1

802.1p=6 Eth0/0/0
LAN WAN
Eth0/0/1
Video SwitchB
802.1p=5 RouterA RouterB
Data
802.1p=2 Video
802.1p=6
Configuration Roadmap
The configuration roadmap is as follows:

1. Create VLANs and VLANIF interfaces and configure interfaces so that enterprise users
can access the WAN-side network through RouterA.
2. Configure interfaces to trust 802.1p priorities in packets on RouterA.
3. Configure a priority mapping table on RouterA and modify the mappings between 802.1p
priorities and DSCP priorities so that RouterA can re-mark 802.1p priorities with DSCP
priorities.
Data Preparation
To complete the configuration, you need the following data:
l VLAN 20 that the interface of RouterA connected to SwitchA belongs to, IP address
192.168.2.1/24 of VLANIF 20, and 802.1p priority trusted by interfaces
l VLAN 30 that the interface of RouterA connected to SwitchB belongs to, IP address
192.168.3.1/24 of VLANIF 30, and 802.1p priorities trusted by interfaces
l IP address 192.168.4.1/24 of the interface of RouterA connected to the WAN-side interface
l 802.1p priorities 2, 5, and 6 mapped to DSCP priorities 14, 40, and 46 on RouterA
Procedure
Step 1 Create VLANs and configure interfaces.
# Create VLAN 20 and VLAN 30 on RouterA.

<Huawei> system-view
[Huawei] sysname RouterA
[RouterA] vlan batch 20 30
# Configure Eth0/0/0 and Eth0/0/1 as trunk interfaces, and add Eth0/0/0 to VLAN 20 and
Eth0/0/1 to VLAN 30.
[RouterA] interface ethernet 0/0/0
[RouterA-Ethernet0/0/0] port link-type trunk
[RouterA-Ethernet0/0/0] port trunk allow-pass vlan 20
[RouterA-Ethernet0/0/0] quit
NOTE
Configure the interface of SwitchA connected to RouterA as a trunk interface and add it to VLAN 20.
Configure the interface of SwitchB connected to RouterA as a trunk interface and add it to VLAN 30.
# Create VLANIF 20 and VLANIF 30, assign IP address 192.168.2.1/24 to VLANIF 20, and
assign IP address 192.168.3.1/24 to VLANIF 30.
[RouterA] interface vlanif 20
[RouterA-Vlanif20] ip address 192.168.2.1 24
[RouterA-Vlanif20] quit
# Assign IP address 192.168.4.1/24 to GE0/0/1.

[RouterA] interface gigabitethernet 0/0/1
[RouterA-GigabitEthernet0/0/1] ip address 192.168.4.1 24
[RouterA-GigabitEthernet0/0/1] quit

NOTE
Configure RouterB to ensure that there is a reachable route betweenRouterB and RouterA. The
configuration details are not mentioned here.
Step 2 Configure priority mapping.

# Configure Eth0/0/0 and Eth0/0/1 to trust 802.1p priorities in packets.
[RouterA-Ethernet0/0/0] trust 8021p
# Configure priority mapping.

[RouterA] qos map-table dot1p-dscp
[RouterA-maptbl-dot1p-dscp] input 2 output 14
Step 3 Verify the configuration.

# View the priority mapping information on RouterA.
<RouterA> display qos map-table dot1p-dscp
Input Dot1p DSCP
-------------------
0 0
1 8
2 14
3 24
4 32
5 40
6 46
7 56
# View the interface configuration on RouterA.

<RouterA> system-view
[RouterA-Ethernet0/0/0] display this
#
port link-type trunk
port trunk allow-pass vlan 20
trust 8021p
#
return
[RouterA-Ethernet0/0/1] display this
#
port link-type trunk
port trunk allow-pass vlan 30
trust 8021p
#
return
----End
Configuration Files
l Configuration file of RouterA
#
sysname RouterA

#
vlan batch 20 30
#
qos map-table dot1p-
dscp
input 2 output
14
input 6 output 46
#
interface
Vlanif20
ip address 192.168.2.1
255.255.255.0
#
interface
Vlanif30
255.255.255.0
#
port link-type
trunk
port trunk allow-pass vlan
20
trust 8021p
#
port link-type
trunk
30
trust 8021p
#
interface GigabitEthernet0/0/1
255.255.255.0
#
return
1.10.2 Example for Configuring Traffic Policing

Interface-based traffic policing provides different bandwidths for different users, and flow-based
traffic policing provides different bandwidths for different services of a user.
As shown in Figure 1-4, voice, video, and data services on the LAN side of the enterprise belong
to VLAN 10, VLAN 20, and VLAN 30. The services are transmitted to Eth0/0/0 on RouterA,
and are transmitted to the WAN-side network through GE0/0/1 on RouterA.
Flow-based traffic policing needs to be performed for different service packets on RouterA so
that the service traffic is limited within a proper range and bandwidth is ensured. Interface-based
traffic policing needs to be performed for all incoming traffic on Eth0/0/0 so that the total traffic
of a single enterprise user is limited within a proper range.

Figure 1-4 Networking diagram for configuring traffic policing
Voice
VLAN 10
Eth0/0/0
WAN
VLAN 20 LAN
GE0/0/1
Switch RouterA RouterB
Video VLAN 30
Data
2. Configure traffic classifiers on RouterA to classify packets based on the VLAN ID.
3. Configure traffic behaviors on RouterA to perform traffic policing for different service
packets from the enterprise.
4. Configure a traffic policy on RouterA, bind the traffic policy to traffic behaviors and traffic
classifiers, and apply the traffic policy to the inbound direction of the interface on
RouterA connected to Switch.
5. Configure interface-based traffic policing to the inbound direction of the interface on
RouterA connected to Switch to limit the rate of all the packets.
Data Preparation
l VLANs allowed by the interface of RouterA connected to the Switch: VLAN 10, VLAN
20, VLAN 30
l IP addresses of VLANIF 10, VLANIF 20, and VLANIF 30: 192.168.1.1/24,
192.168.2.1/24, and 192.168.3.1/24
l Names of traffic classifiers matching service flows
l Traffic policing parameters of different service flows:
– Voice service: CIR value 256 kbit/s, CBS value 48128 bytes, and PBS value 80128
bytes

– Video service: CIR value 4000 kbit/s, CBS value 752000 bytes, and PBS value 1252000
bytes
– Data service: CIR value 2000 kbit/s, CBS value 376000 bytes, and PBS value 626000
bytes
l CIR value of enterprise users: 10000 kbit/s
l Type and number of the interface and the direction to which a traffic policy is applied:
inbound direction of Eth0/0/0 on RouterA
Procedure
# Create VLAN 10, VLAN 20, and VLAN 30 on RouterA.
[RouterA] vlan batch 10 20 30
# Configure Eth0/0/0 as a trunk interface and allow packets from VLAN 10, VLAN 20, and
VLAN 30 to pass through.
[RouterA-Ethernet0/0/0] port trunk allow-pass vlan 10 20 30
NOTE
# Configure the interface of Switch connected to RouterA as a trunk interface and allow packets from
VLAN 10, VLAN 20, and VLAN 30 to pass through.
# Create VLANIF 10, VLANIF 20, and VLANIF 30, and assign IP addresses 192.168.1.1/24,
192.168.2.1/24, and 192.168.3.1/24 to VLANIF 10, VLANIF 20, and VLANIF 30.

NOTE
Step 2 Configure traffic classifiers.

# Configure traffic classifiers c1, c2, and c3 on RouterA to classify different service flows from
the enterprise based on the VLAN ID.
[RouterA] traffic classifier c1
[RouterA-classifier-c1] if-match vlan-id 10
[RouterA-classifier-c1] quit

Step 3 Configure traffic behaviors.

# Create traffic behaviors b1, b2, and b3 on RouterA to perform traffic policing for different
service flows from the enterprise.
[RouterA] traffic behavior b1
[RouterA-behavior-b1] car cir 256 cbs 48128 pbs 80128
[RouterA-behavior-b1] statistic enable
[RouterA-behavior-b1] quit
Step 4 Configure a traffic policy and apply the traffic policy to an interface.
# Create a traffic policy p1 on RouterA, bind the traffic policy to the traffic classifiers and the
traffic behaviors, and apply the traffic policy to the inbound direction of Eth0/0/0.
[RouterA] traffic policy p1
[RouterA-trafficpolicy-p1] classifier c1 behavior b1
[RouterA-trafficpolicy-p1] quit
[RouterA-Ethernet0/0/0] traffic-policy p1 inbound
Step 5 Configure interface-based traffic policing.

# Configure interface-based traffic policing in the inbound direction of Eth0/0/0 on RouterA in
the inbound direction to limit traffic of a single enterprise user within the proper range.
[RouterA-Ethernet0/0/0] qos car inbound cir 10000

# View the traffic classifier configuration.
[RouterA] display traffic classifier user-defined
User Defined Classifier Information:
Classifier: c2
Operator: OR
Rule(s) : if-match vlan-id 20
Classifier: c3
Operator: OR
Classifier: c1
Operator: OR
# View the traffic policy configuration.

[RouterA] display traffic policy user-defined
User Defined Traffic Policy Information:
Policy: p1
Classifier: c1

Operator: OR
Behavior: b1
Committed Access Rate:
CIR 256 (Kbps), PIR 0 (Kbps), CBS 48128 (byte), PBS 80128 (byte)
Color Mode: color Blind
Conform Action: pass
Yellow Action: pass
Exceed Action: discard
statistic: enable
Classifier: c2
Operator: OR
Behavior: b2
Yellow Action: pass
statistic: enable
Classifier: c3
Operator: OR
Behavior: b3
Yellow Action: pass
statistic: enable

[RouterA] display traffic policy statistics interface ethernet 0/0/0 inbound
Interface: Ethernet0/0/0
Traffic policy inbound: p1
Rule number: 3
Current status: OK!
Board : 0
Item Packets Bytes
---------------------------------------------------------------------
Matched 0 0
+--Passed 0 0
+--Dropped 0 0
+--Filter 0 0
+--URPF - -
+--CAR 0 0
+--Enqueue 0 0
+--Queue pass 0 0
+--Queue drop 0 0
+--Car 0 -
+--Green packets 0 -
+--Yellow packets 0 -
+--Red packets 0 -
----End
Configuration Files
#
sysname RouterA
#
vlan batch 10 20
30
#

traffic classifier c1 operator

or
if-match vlan-id
10
or
if-match vlan-id
20
or
if-match vlan-id
30
#
traffic behavior
b1
car cir 256 cbs 48128 pbs 80128 green pass yellow pass red
discard
statistic
enable
traffic behavior
b2
discard
statistic
enable
traffic behavior
b3
discard
statistic
enable
#
traffic policy
p1
classifier c1 behavior
b1
b2
b3
#
interface
Vlanif10
255.255.255.0
#
interface
Vlanif20
ip address 192.168.2.1 255.255.255.0
#
interface
Vlanif30
255.255.255.0
#
interface Ethernet0/0/0 port link-type
trunk
port trunk allow-pass vlan 10 20
30
qos car inbound cir
10000
traffic-policy p1
inbound
#
255.255.255.0
#
return

1.10.3 Example for Configuring Traffic Shaping

Interface-based traffic shaping shapes all the service traffic of a user so that the traffic is sent at
an even rate, and queue-based traffic shaping sets different GTS parameters for different user
services.
connected to Eth0/0/0 of RouterA through Switch, and are sent to the WAN-side network through
GE0/0/1 of RouterA.
Different service packets are identified based on 802.1p priorities on the LAN side. RouterA
sends the packets to queues based on 802.1p priorities. When packets reach the WAN-side
network through GE0/0/1, jitter may occur. To prevent jitter and ensure bandwidth of services,
perform the following operations:
l Set the CIR value of the interface to 8000 kbit/s.
l Set the CIR value of voice services to 256 kbit/s and the CBS value to 6400 bytes.
l Set the CIR value of video services to 4000 kbit/s and the CBS value to 100000 bytes.
l Set the CIR value of data services to 2000 kbit/s and the CBS value to 50000 bytes.
Figure 1-5 Networking diagram of traffic shaping configurations
Voice
802.1p=6
Eth0/0/0
WAN
802.1p=2 LAN
GE0/0/1
Switch RouterA RouterB
Data
802.1p=5
Video
1. Create VLANs and VLANIF interfaces on RouterA and configure interfaces so that
enterprise users can access the WAN-side network through RouterA.
2. Configure interfaces to trust 802.1p priorities in packets on RouterA.
3. Configure interface-based traffic shaping on RouterA to limit the interface bandwidth.

4. Configure queue-based traffic shaping on RouterA to limit the bandwidth of voice, video,
and data services.
Data Preparation
l VLAN 10 that the interface of RouterA connected to Switch belongs to, IP address
192.168.1.1/24 of VLANIF 10, and 802.1p priorities trusted by interfaces
l Interface-based traffic shaping rate
l Queue-based traffic shaping rate
Procedure
# Create VLAN 10 on RouterA.

[RouterA] vlan 10
# Configure Eth0/0/0 as a trunk interface and add Eth0/0/0 to VLAN 10.

NOTE
Configure the interface of the Switch connected to RouterA as a trunk interface and add it to VLAN 10.
# Create VLANIF 10 and assign IP address 192.168.1.1/24 to VLANIF 10.


NOTE
Step 2 Configure the packet priority trusted by an interface.
# Configure Eth0/0/0 to trust 802.1p priorities of packets.

Step 3 Configure interface-based traffic shaping.
# Configure interface-based traffic shaping on RouterA and set the CIR value to 8000 kbit/s.


[RouterA-GigabitEthernet0/0/1] qos gts cir 8000 cbs 200000
Step 4 Configure queue-based traffic shaping.

# Create a queue profile qp1 on RouterA, set the scheduling mode to WFQ for queues 0 to 5
and to PQ for queue 6 and queue 7, set CIR values of queue 6, queue 5, and queue 2 to 256 kbit/
s, 4000 kbit/s, and 2000 kbit/s, and set CBS values of queue 6, queue 5, and queue 2 to 6400
bytes, 100000 bytes, and 50000 bytes.
[RouterA] qos queue-profile qp1
[RouterA-qos-queue-profile-qp1] schedule pq 6 to 7 wfq 0 to 5
[RouterA-qos-queue-profile-qp1] queue 6 gts cir 256 cbs 6400
[RouterA-qos-queue-profile-qp1] quit
# Apply the queue profile qp1 to GE0/0/1 on RouterA.

[RouterA-GigabitEthernet0/0/1] qos queue-profile qp1

[RouterA-GigabitEthernet0/0/1] display this
#
ip address 192.168.4.1 255.255.255.0
qos gts cir 8000 cbs 200000
#
return
# View the drop profile configuration.

[RouterA] display qos queue-profile qp1
Queue-profile: qp1
-----------------------------------------------------------------
0 WFQ 10 -/- -/-
1 WFQ 10 -/- -/-
2 WFQ 10 -/- 2000/50000
3 WFQ 10 -/- -/-
4 WFQ 10 -/- -/-
5 WFQ 10 -/- 4000/100000
6 PQ - -/- 256/6400
7 PQ - -/- -/-
----End
Configuration Files
sysname RouterA
#
vlan 10
#
qos queue-profile
qp1
queue 2 gts cir 2000 cbs
50000
100000

6400
schedule wfq 0 to 5 pq 6 to
7
#
interface
Vlanif10
255.255.255.0
#
port link-type
trunk
10
trust
8021p
#
255.255.255.0
qos queue-profile
qp1
qos gts cir 8000 cbs
200000
#
return
1.10.4 Example for Configuring Congestion Avoidance and

Congestion Management
By configuring congestion avoidance and congestion management, the AR1200-S provides
different services for packets of different priorities and ensures high-priority and low-delay
services.
Packets are marked with different DSCP priorities by SwitchA and SwitchB, and the priorities
of voice, video, and data services are ef, cs5, and af32 and af31. RouterA sends packets to queues
based on DSCP priorities. The rates of Eth0/0/0 and Eth0/0/1 on RouterA are greater than those
of GE0/0/1, congestion may occur on GE0/0/1 in the outbound direction. To reduce the impact
of network congestion and ensure bandwidth for high-priority and low-delay services, set the
related parameters according to the following table.
Table 1-6 Congestion avoidance parameters
Service DSCP Queue Scheduli Drop Method

Type Priority Index ng Mode
Voice 46 5 PQ Tail drop
Video 38 4 WFQ WRED:

l Lower drop threshold (%): 60
l Upper drop threshold (%): 80
l Drop probability (%): 20

Service DSCP Queue Scheduli Drop Method

Type Priority Index ng Mode
Data 28 3 WFQ WRED:

26 l DSCP=28
– Lower drop threshold (%): 50
– Upper drop threshold (%): 70
– Drop probability (%): 30
l DSCP=26
– Lower drop threshold (%): 40
– Upper drop threshold (%): 60
– Drop probability (%): 40
Figure 1-6 Networking diagram of congestion avoidance and congestion management

configurations
Video
Data DSCP=38
DSCP=26
DSCP=28
Voice SwitchA GE0/0/1

DSCP=46 Eth0/0/0
LAN WAN
Eth0/0/1
Video SwitchB
DSCP=40 RouterA RouterB
Data
DSCP=26
DSCP=28 Voice
DSCP=46
1. Create VLANs and VLANIF interfaces on RouterA and configure interfaces so that
enterprise users can access the WAN-side network through RouterA.
2. Configure interfaces to trust DSCP priorities in packets on RouterA.
3. Create drop profiles and set WRED parameters based on the DSCP priority.
4. Create a queue profile and set the scheduling mode and drop mode for each queue.

5. Apply the queue profile to the outbound direction of the interface on RouterA connected
to the WAN-side network to implement congestion avoidance and congestion management.
Data Preparation
l VLAN 20 that the interface of RouterA connected to SwitchA belongs to, IP address
192.168.2.1/24 of VLANIF 20, and DSCP priority trusted by interfaces
l VLAN 30 that the interface of RouterA connected to SwitchB belongs to, IP address
192.168.3.1/24 of VLANIF 30, and DSCP priorities trusted by interfaces
l Names of the drop profiles and WRED parameters
l Name of the queue profile and scheduling mode
l Number of the interface to which the queue profile is applied
Procedure

# Configure Eth0/0/0 and Eth0/0/1 to trust DSCP priorities, configure them as trunk interfaces,
and add Eth0/0/0 to VLAN 20 and Eth0/0/1 to VLAN 30.
[RouterA-Ethernet0/0/0] trust dscp
[RouterA-Ethernet0/0/1] trust dscp
NOTE
Configure the interface of SwitchA connected to RouterA as a trunk interface and add it to VLAN 20.
Configure the interface of SwitchB connected to RouterA as a trunk interface and add it to VLAN 30.


NOTE
Step 2 Create drop profiles.

# Create drop profiles data and video on RouterA.
[RouterA] drop-profile data
[RouterA-drop-profile-data] wred dscp
[RouterA-drop-profile-data] dscp 28 low-limit 50 high-limit 70 discard-percentage
30
[RouterA-drop-profile-data] dscp 26 low-limit 40 high-limit 60 discard-percentage
40
[RouterA-drop-profile-data] quit
[RouterA] drop-profile video
[RouterA-drop-profile-video] wred dscp
[RouterA-drop-profile-video] dscp 38 low-limit 60 high-limit 80 discard-percentage
20
[RouterA-drop-profile-video] quit
Step 3 Create a queue profile.

# Create a queue profile queue-profile1 on RouterA and set the scheduling mode and drop mode
for each queue.
[RouterA] qos queue-profile queue-profile1
[RouterA-qos-queue-profile-queue-profile1] schedule pq 5 wfq 4 to 3
[RouterA-qos-queue-profile-queue-profile1] queue 4 drop-profile video
[RouterA-qos-queue-profile-queue-profile1] queue 3 drop-profile data
[RouterA-qos-queue-profile-queue-profile1] quit
Step 4 Apply the queue profile.

# Apply the queue profile to GE0/0/1 of RouterA.
[RouterA-GigabitEthernet0/0/1] qos queue-profile queue-profile1

#
ip address 192.168.4.1 255.255.255.0
qos queue-profile queue-profile1
#
return
# View the drop profile configuration.

[RouterA] display qos queue-profile queue-profile1
Queue-profile: queue-profile1
-----------------------------------------------------------------
3 WFQ 10 -/- -/-
4 WFQ 10 -/- -/-
5 PQ - -/- -/-
# View the drop profile bound to the queue profile.

[RouterA] qos queue-profile queue-profile1
[RouterA-qos-queue-profile-queue-profile1] display this
#

queue 3 drop-profile data

queue 4 drop-profile video
schedule wfq 3 to 4 pq 5
#
return
# View the configuration of drop profiles.

[RouterA-qos-queue-profile-queue-profile1] quit
[RouterA] display drop-profile video
Drop-profile[2]: video
DSCP Low-limit High-limit Discard-percentage
-----------------------------------------------------------------
0(default) 30 100 10
1 30 100 10
2 30 100 10
3 30 100 10
4 30 100 10
5 30 100 10
6 30 100 10
7 30 100 10
8(cs1) 30 100 10
9 30 100 10
10(af11) 30 100 10
11 30 100 10
12(af12) 30 100 10
13 30 100 10
14(af13) 30 100 10
15 30 100 10
16(cs2) 30 100 10
17 30 100 10
18(af21) 30 100 10
19 30 100 10
20(af22) 30 100 10
21 30 100 10
22(af23) 30 100 10
23 30 100 10
24(cs3) 30 100 10
25 30 100 10
26(af31) 30 100 10
27 30 100 10
28(af32) 30 100 10
29 30 100 10
30(af33) 30 100 10
31 30 100 10
32(cs4) 30 100 10
33 30 100 10
34(af41) 30 100 10
35 30 100 10
36(af42) 30 100 10
37 30 100 10
38(af43) 60 80 20
39 30 100 10
40(cs5) 30 100 10
41 30 100 10
42 30 100 10
43 30 100 10
44 30 100 10
45 30 100 10
46(ef) 30 100 10
47 30 100 10
48(cs6) 30 100 10
49 30 100 10
50 30 100 10
51 30 100 10
52 30 100 10
53 30 100 10
54 30 100 10
55 30 100 10
56(cs7) 30 100 10

57 30 100 10
58 30 100 10
59 30 100 10
60 30 100 10
61 30 100 10
62 30 100 10
63 30 100 10
-----------------------------------------------------------------
[RouterA] display drop-profile data
Drop-profile[1]: data
-----------------------------------------------------------------
0(default) 30 100 10
1 30 100 10
2 30 100 10
3 30 100 10
4 30 100 10
5 30 100 10
6 30 100 10
7 30 100 10
8(cs1) 30 100 10
9 30 100 10
10(af11) 30 100 10
11 30 100 10
12(af12) 30 100 10
13 30 100 10
14(af13) 30 100 10
15 30 100 10
16(cs2) 30 100 10
17 30 100 10
18(af21) 30 100 10
19 30 100 10
20(af22) 30 100 10
21 30 100 10
22(af23) 30 100 10
23 30 100 10
24(cs3) 30 100 10
25 30 100 10
26(af31) 40 60 40
27 30 100 10
28(af32) 50 70 30
29 30 100 10
30(af33) 30 100 10
31 30 100 10
32(cs4) 30 100 10
33 30 100 10
34(af41) 30 100 10
35 30 100 10
36(af42) 30 100 10
37 30 100 10
38(af43) 60 80 20
39 30 100 10
40(cs5) 30 100 10
41 30 100 10
42 30 100 10
43 30 100 10
44 30 100 10
45 30 100 10
46(ef) 30 100 10
47 30 100 10
48(cs6) 30 100 10
49 30 100 10
50 30 100 10
51 30 100 10
52 30 100 10
53 30 100 10
54 30 100 10
55 30 100 10
56(cs7) 30 100 10

57 30 100 10
58 30 100 10
59 30 100 10
60 30 100 10
61 30 100 10
62 30 100 10
63 30 100 10
-----------------------------------------------------------------
----End
Configuration Files
#
sysname RouterA
#
vlan batch 20 30
#
drop-profile
data
wred dscp
dscp af31 low-limit 40 high-limit 60 discard-percentage
40
30
#
drop-profile
video
wred dscp
20
#
qos queue-profile queue-
profile1
queue 3 drop-profile
data
queue 4 drop-profile
video
schedule wfq 3 to 4 pq
5
#
interface
Vlanif20
255.255.255.0
#
interface
Vlanif30
255.255.255.0
#
port link-type
trunk
20
trust dscp
#
port link-type
trunk
30
trust dscp
#
255.255.255.0


#
return
1.10.5 Example for Configuring HQoS

By configuring HQoS, the AR1200-S provides differentiated services for service packets with
different priorities and users with different priorities, and ensures bandwidth for high-priority
and low-delay services.
As shown in Figure 1-7, two departments in VPNA and VPNB are connected to the Router
through Switch and are connected to the headquarters through two sub-interfaces of GE0/0/1.
Each department has voice, video, and data service flows.
Packets are marked with different DSCP priorities by Switch, and the priorities of voice, video,
and data services are ef, af21, and af11. Each department needs to set the individual CIR value
and share the maximum bandwidth of the interface. Voice packets need to be processed first,
and bandwidth of video and data packets needs to be ensured.
Figure 1-7 Networking diagram of HQoS configurations
Voice
Data
VPNA
VLAN 10
Video
LSWA
GE0/0/1.1
Eth0/0/0
LAN Switch WAN
Eth0/0/1 GE0/0/1.2
Router
LSWB
Video
VPNB
Data VLAN 20
Voice

can access the WAN-side network through the Router.
2. Configure interfaces to trust DSCP priorities in packets on the Router.
3. Configure sub traffic policies for VPNA and VPNB on the Router, configure traffic
classifiers based on DSCP priorities to send voice packets to EF queues and video and data
packets to AF queues, and bind drop profiles.
4. Configure a traffic policy on the Router, configure traffic classifiers based on VLAN IDs
to shape packets from different VLANs, and bind the traffic policy to the sub traffic policies.
5. Apply the traffic policy to the interface of the Router connected to the WAN-side network
to provide differentiated QoS services.
Data Preparation
l VLAN 10 that Eth0/0/0 of the Router connected to Switch, IP address 192.168.1.1/24 of
VLANIF 10, and DSCP priorities trusted by interfaces
l VLAN 20 that Eth0/0/1 of the Router connected to Switch, IP address 192.168.1.1/24 of
VLNAIF 20, and DSCP priorities trusted by interfaces
l IP address 192.168.3.1/24 of GE0/0/1 on the Router connected to the WAN-side interface,
control VLAN 100 of GE0/0/1.1, its encapsulation mode dot1q, and its IP address
192.168.4.1/24; and control VLAN 200 of GE0/0/1.2, its encapsulation mode dot1q, and
its IP address 192.168.5.1/24
l Names of the drop profiles and WRED parameters
Drop Profile DSCP Lower Drop Upper Drop Maximum

Name Threshold Threshold Drop
Probability
video 18 80% 95% 60%
data 10 70% 85% 60%
l Names of traffic classifiers, traffic behaviors, and traffic policies

l Queue types, and bandwidth allocation modes and drop methods:
– Voice service: EF queue, maximum bandwidth at 5% bandwidth of the interface, and
tail drop
– Video service: AF queue, assured bandwidth at 60% bandwidth of the interface, drop
profile
– Data service: AF queue, assured bandwidth at 35% bandwidth of the interface, drop
profile
l Assured bandwidth of departments:
– VPNA: 30 Mbit/s
– VPNB:20 Mbit/s

Procedure
# Create VLAN 10 and VLAN 20 on the Router.
[Huawei] sysname Router
[Router] vlan batch 10 20

[Router] interface ethernet 0/0/0
[Router-Ethernet0/0/0] port link-type trunk
[Router-Ethernet0/0/0] port trunk allow-pass vlan 10
[Router-Ethernet0/0/0] quit

NOTE
Configure the interface of Switch connected to the Router as a trunk interface and add it to VLAN 10 and
VLAN 20.
# Create VLANIF 10 and VLANIF 20, and assign IP addresses 192.168.1.1/24 and
192.168.2.1/24 to VLANIF 10 and VLANIF 20.
[Router] interface vlanif 10
[Router-Vlanif10] ip address 192.168.1.1 24
[Router-Vlanif10] quit
[Router] interface vlanif 20
[Router-Vlanif20] ip address 192.168.2.1 24
[Router-Vlanif20] quit

[Router] interface gigabitethernet 0/0/1
[Router-GigabitEthernet0/0/1] ip address 192.168.3.1 24
[Router-GigabitEthernet0/0/1] quit
# Configure the control VLAN of GE0/0/1.1 as VLAN 100, set the encapsulation mode to dot1q,
and assign 192.168.4.1/24 to it. Configure the control VLAN of GE0/0/1.2 as VLAN 200, set
the encapsulation mode to dot1q, and assign 192.168.5.1/24 to it.
[Router] interface gigabitethernet 0/0/1.1
[Router-GigabitEthernet0/0/1.1] ip address 192.168.4.1 24
[Router-GigabitEthernet0/0/1.1] control-vid 1 dot1q-termination
[Router-GigabitEthernet0/0/1.1] dot1q termination vid 100
[Router-GigabitEthernet0/0/1.1] quit
[Router] interface gigabitethernet 0/0/1.2
[Router-GigabitEthernet0/0/1.2] ip address 192.168.5.1 24
[Router-GigabitEthernet0/0/1.2] control-vid 2 dot1q-termination
[Router-GigabitEthernet0/0/1.2] dot1q termination vid 200
[Router-GigabitEthernet0/0/1.2] quit
Step 2 Configure the packet priority trusted by an interface.

# Configure Eth0/0/0 and Eth0/0/1 to trust DSCP priorities in packets.
[Router-Ethernet0/0/0] trust dscp

[Router-Ethernet0/0/1] trust dscp

Step 3 Configure traffic policies for VPNA and VPNB.
# Create traffic classifiers data, video, and voice on the Router to classify different service flows
from the enterprise based on DSCP priorities.
[Router] traffic classifier data
[Router-classifier-data] if-match dscp af11
[Router-classifier-data] quit
[Router] traffic classifier video
[Router-classifier-video] if-match dscp af21
[Router-classifier-video] quit
[Router] traffic classifier voice
[Router-classifier-voice] if-match dscp ef
[Router-classifier-voice] quit
# Create drop profiles data and video on the Router.

[Router] drop-profile data
[Router-drop-profile-data] wred dscp
[Router-drop-profile-data] dscp 10 low-limit 70 high-limit 85 discard-percentage
60
[Router-drop-profile-data] quit
[Router] drop-profile video
[Router-drop-profile-video] wred dscp
[Router-drop-profile-video] dscp 18 low-limit 80 high-limit 95 discard-percentage
60
[Router-drop-profile-video] quit
# Create traffic behaviors data, video, and voice on the Router to configure congestion
management and congestion avoidance for different service flows of the enterprise.
[Router] traffic behavior data
[Router-behavior-data] queue af bandwidth pct 35
[Router-behavior-data] drop-profile data
[Router-behavior-data] quit
[Router] traffic behavior video
[Router-behavior-video] queue af bandwidth pct 60
[Router-behavior-video] drop-profile video
[Router-behavior-video] quit
[Router] traffic behavior voice
[Router-behavior-voice] queue ef bandwidth pct 5
[Router-behavior-voice] quit
# Define sub traffic policies for VPNA and VPNB on the Router.
[Router] traffic policy vpna-sub
[Router-trafficpolicy-vpna-sub] classifier voice behavior voice
[Router-trafficpolicy-vpna-sub] classifier video behavior video
[Router-trafficpolicy-vpna-sub] classifier data behavior data
[Router-trafficpolicy-vpna-sub] quit
[Router] traffic policy vpnb-sub
[Router-trafficpolicy-vpnb-sub] classifier voice behavior voice
[Router-trafficpolicy-vpnb-sub] classifier video behavior video
[Router-trafficpolicy-vpnb-sub] classifier data behavior data
[Router-trafficpolicy-vpnb-sub] quit
# Configure traffic classifiers vpna and vpnb on the Router to classify different service flows
from the enterprise based on the VLAN ID.
[Router] traffic classifier vpna
[Router-classifier-vpna] if-match vlan-id 100
[Router-classifier-vpna] quit
[Router] traffic classifier vpnb

[Router-classifier-vpnb] if-match vlan-id 200

[Router-classifier-vpnb] quit
# Create traffic behaviors vpna and vpnb on the Router to shape packets from different VLANs
and bind them to sub traffic policies.
[Router] traffic behavior vpna
[Router-behavior-vpna] gts cir 20000
[Router-behavior-vpna] traffic-policy vpna-sub
[Router-behavior-vpna] quit
[Router] traffic behavior vpnb
[Router-behavior-vpnb] gts cir 30000
[Router-behavior-vpnb] traffic-policy vpnb-sub
[Router-behavior-vpnb] quit
Configure a traffic policy on the Router.

[Router] traffic policy enterprise
[Router-trafficpolicy-enterprise] classifier vpna behavior vpna
[Router-trafficpolicy-enterprise] classifier vpnb behavior vpnb
[Router-trafficpolicy-enterprise] quit
Step 5 Apply the traffic policy.

# Apply the traffic policy on GE0/0/1 of the Router in the outbound direction.
[Router] interface gigabitethernet 0/0/1
[Router-GigabitEthernet0/0/1] traffic-policy enterprise outbound

# View the interface configuration on the Router.
[Router-GigabitEthernet0/0/1] display this
ip address 192.168.3.1 255.255.255.0
traffic-policy enterprise outbound
return

[Router-GigabitEthernet0/0/1] quit
[Router] display traffic policy user-defined
Policy: enterprise
Classifier: vpna
Operator: OR
Behavior: vpna
General Traffic Shape:
CIR 20000 (bps), CBS 10000 (bit), PBS 0 (bit)
Queue length 50 (Packets)
Traffic-policy:
Traffic-policy vpna-sub
Classifier: vpnb
Operator: OR
Behavior: vpnb
General Traffic Shape:
CIR 30000 (bps), CBS 15000 (bit), PBS 0 (bit)
Queue length 50 (Packets)
Traffic-policy:
Traffic-policy vpnb-sub
Policy: vpna-sub
Classifier: voice
Operator: OR
Behavior: voice
Expedited Forwarding:
Bandwidth 5 (%)

Classifier: video
Operator: OR
Behavior: video
Assured Forwarding:
Bandwidth 60 (%)
Drop Method: WRED
Drop-profile: video
Classifier: data
Operator: OR
Behavior: data
Assured Forwarding:
Bandwidth 35 (%)
Drop Method: WRED
Drop-profile: data
Policy: vpnb-sub
Classifier: voice
Operator: OR
Behavior: voice
Expedited Forwarding:
Bandwidth 5 (%)
Classifier: video
Operator: OR
Behavior: video
Assured Forwarding:
Bandwidth 60 (%)
Drop Method: WRED
Drop-profile: video
Classifier: data
Operator: OR
Behavior: data
Assured Forwarding:
Bandwidth 35 (%)
Drop Method: WRED
Drop-profile: data
# View the configuration of drop profiles.

[Router] display drop-profile video
Drop-profile[1]: video
-----------------------------------------------------------------
0(default) 30 100 10
1 30 100 10
2 30 100 10
3 30 100 10
4 30 100 10
5 30 100 10
6 30 100 10
7 30 100 10
8(cs1) 30 100 10
9 30 100 10
10(af11) 30 100 10
11 30 100 10
12(af12) 30 100 10
13 30 100 10
14(af13) 30 100 10
15 30 100 10
16(cs2) 30 100 10
17 30 100 10
18(af21) 80 95 60
19 30 100 10
20(af22) 30 100 10
21 30 100 10
22(af23) 30 100 10

23 30 100 10
24(cs3) 30 100 10
25 30 100 10
26(af31) 30 100 10
27 30 100 10
28(af32) 30 100 10
29 30 100 10
30(af33) 30 100 10
31 30 100 10
32(cs4) 30 100 10
33 30 100 10
34(af41) 30 100 10
35 30 100 10
36(af42) 30 100 10
37 30 100 10
38(af43) 30 100 10
39 30 100 10
40(cs5) 30 100 10
41 30 100 10
42 30 100 10
43 30 100 10
44 30 100 10
45 30 100 10
46(ef) 30 100 10
47 30 100 10
48(cs6) 30 100 10
49 30 100 10
50 30 100 10
51 30 100 10
52 30 100 10
53 30 100 10
54 30 100 10
55 30 100 10
56(cs7) 30 100 10
57 30 100 10
58 30 100 10
59 30 100 10
60 30 100 10
61 30 100 10
62 30 100 10
63 30 100 10
-----------------------------------------------------------------
[Router] display drop-profile data
Drop-profile[2]: data
-----------------------------------------------------------------
0(default) 30 100 10
1 30 100 10
2 30 100 10
3 30 100 10
4 30 100 10
5 30 100 10
6 30 100 10
7 30 100 10
8(cs1) 30 100 10
9 30 100 10
10(af11) 70 85 60
11 30 100 10
12(af12) 30 100 10
13 30 100 10
14(af13) 30 100 10
15 30 100 10
16(cs2) 30 100 10
17 30 100 10
18(af21) 30 100 10
19 30 100 10
20(af22) 30 100 10
21 30 100 10
22(af23) 30 100 10

23 30 100 10
24(cs3) 30 100 10
25 30 100 10
26(af31) 30 100 10
27 30 100 10
28(af32) 30 100 10
29 30 100 10
30(af33) 30 100 10
31 30 100 10
32(cs4) 30 100 10
33 30 100 10
34(af41) 30 100 10
35 30 100 10
36(af42) 30 100 10
37 30 100 10
38(af43) 30 100 10
39 30 100 10
40(cs5) 30 100 10
41 30 100 10
42 30 100 10
43 30 100 10
44 30 100 10
45 30 100 10
46(ef) 30 100 10
47 30 100 10
48(cs6) 30 100 10
49 30 100 10
50 30 100 10
51 30 100 10
52 30 100 10
53 30 100 10
54 30 100 10
55 30 100 10
56(cs7) 30 100 10
57 30 100 10
58 30 100 10
59 30 100 10
60 30 100 10
61 30 100 10
62 30 100 10
63 30 100 10
-----------------------------------------------------------------
----End
Configuration Files
l Configuration file of the Router
sysname Router
#
vlan batch 10
20
#
drop-profile
data
wred dscp
60
#
drop-profile
video
wred dscp
60
#
traffic classifier vpna operator
or
if-match vlan-id
100

traffic classifier video operator

or
if-match dscp
af21
traffic classifier vpnb operator
or
if-match vlan-id
200
traffic classifier data operator
or
if-match dscp
af11
traffic classifier voice operator
or
if-match dscp
ef
#
traffic behavior
vpna
gts cir 20000 cbs 10000 pbs 0 queue-length
50
traffic-policy vpna-
sub
traffic behavior
video
queue af bandwidth pct
60
drop-profile
video
traffic behavior
vpnb
gts cir 30000 cbs 15000 pbs 0 queue-length
50
traffic-policy vpnb-
sub
traffic behavior
data
queue af bandwidth pct
35
drop-profile
data
traffic behavior
voice
queue ef bandwidth pct
5
#
traffic policy
enterprise
classifier vpna behavior
vpna
classifier vpnb behavior
vpnb
traffic policy vpna-
sub
classifier voice behavior
voice
classifier video behavior
video
classifier data behavior
data
traffic policy vpnb-
sub
classifier voice behavior
voice
classifier video behavior
video
classifier data behavior
data
#

interface
Vlanif10
255.255.255.0
#
interface
Vlanif20
255.255.255.0
#
port link-type
trunk
10
trust
dscp
#
port link-type
trunk
20
trust
dscp
#
255.255.255.0
traffic-policy enterprise
outbound
#
interface GigabitEthernet0/0/1.1
control-vid 1 dot1q-
termination
dot1q termination vid
100
255.255.255.0
#
interface GigabitEthernet0/0/1.2
control-vid 2 dot1q-
termination
dot1q termination vid
200
255.255.255.0
#
return

Configuration Guide - QoS 2 Traffic Policy Configuration
2 Traffic Policy Configuration
About This Chapter
This chapter describes the configuration of a traffic policy and the configurations of the traffic
behavior and traffic classifier in the traffic policy. It also provides configuration examples.
2.1 Traffic Policy Overview

A traffic policy classifies user traffic and specifies a traffic behavior for each type of traffic. The
traffic policy supported by the AR1200-S provides modular configurations. Traffic classifiers
and traffic behaviors are defined using templates, which simplify the configuration.
2.2 Traffic Policy Features Supported by the AR1200-S
A traffic policy supports multiple matching rules in traffic classifiers and multiple actions in
traffic behaviors.
2.3 Configuring a Traffic Classifier
A traffic classifier classifies user traffic and is the prerequisite to configuring a traffic policy.
2.4 Configuring a Traffic Behavior
A traffic behavior is the action to be performed for packets matching the traffic classifier and is
the prerequisite to configuring a traffic policy. The AR1200-S provides the following traffic
actions: permit/deny, re-marking, redirection, traffic policing, traffic shaping, traffic statistics,
and queue scheduling.
2.5 Configuring a Traffic Policy
After a traffic classifier and a traffic behavior are configured, bind the traffic classifier and the
traffic behavior to a traffic policy and apply the traffic policy to an interface.
2.6 Maintaining a Traffic Policy
If the traffic statistics function is enabled, you can view and clear the flow-based traffic statistics.
This section provides several configuration examples of a traffic policy.

2.1 Traffic Policy Overview

A traffic policy classifies user traffic and specifies a traffic behavior for each type of traffic. The
traffic policy supported by the AR1200-S provides modular configurations. Traffic classifiers
and traffic behaviors are defined using templates, which simplify the configuration.
A traffic policy provides modular configurations to integrate ACL-based QoS configuration

commands. It contains the following modules:
l Traffic classifier
l Traffic behavior
l Traffic policy
Traffic Classifier
A traffic classifier defines a group of matching rules to classify traffic.
The relationship between rules in a traffic classifier can be AND or OR (the default value is
OR):
l AND: Packets match a traffic classifier only when the packets match all the rules.
l OR: Packets match a traffic classifier as long as the packets match a rule.
Traffic Behavior
A traffic behavior is the action to be performed for packets. Performing complex traffic
classification is to provide differentiated services. Complex traffic classification takes effect
only when it is associated with a traffic control action or a resource allocation action.
Traffic Policy
A traffic policy is a QoS policy configured by binding traffic classifiers to traffic behaviors.
2.2 Traffic Policy Features Supported by the AR1200-S

A traffic policy supports multiple matching rules in traffic classifiers and multiple actions in
traffic behaviors.
Traffic Classifier
A traffic classifier and an Access Control List (ACL) can classify and match traffic, but they are
different. The difference between the traffic classifier and the ACL is that the traffic classifier
only classifies packets matching rules, but does not take actions on packets. An ACL defines
the deny or permit action to implement access control. In addition, a traffic classifier contains
more matching rules than an ACL. For example, a traffic classifier can match packets based on
the inbound interface, whereas an ACL cannot match packets based on the inbound interface.
Table 2-1 lists traffic classification rules.

Table 2-1 Complex traffic classification rules
Layer Traffic Classification Rule
Layer 2 l VLAN ID in the outer tag of a VLAN

packet
l VLAN ID in the inner tag of a VLAN
packet
l 802.1p priority in the outer tag of a
VLAN packet
l 802.1p priority in the inner tag of a
VLAN packet
l Source MAC address
l Destination MAC address
l Protocol field encapsulated based on
Layer 2 information
l FR DE
l FR DLCI
l ATM PVC
l ACL 4000 to 4999
Layer 3 l DSCP priority in IP packets

l IP precedence in IP packets
l IP protocol type (IPv4)
l ACL 2000 to 3999
Layer 4 l RTP port number

l TCP SYN flag in TCP packets
Others l Inbound interface
Traffic Behavior
The AR1200-S provides the following traffic actions:
l Permit/Deny
The permit/deny action is the simplest traffic control action. The AR1200-S controls
network traffic by forwarding or discarding packets.
l Re-marking
This traffic control action sets the precedence field in a packet. Packets carry different
precedence fields on various networks. For example, packets carry the 802.1p field in a
VLAN, the ToS field on an IP network. Therefore, the AR1200-S is required to mark
precedence fields of packets based on the network type.
Generally, a device at the border of a network needs to re-mark precedence fields of
incoming packets; the device in the core of a network provides corresponding QoS services
based on precedence fields marked by the border device, or re-marks the precedence fields
based on its configuration rule.

l Redirection
This traffic control action redirects packets to the specified next hop address. The AR1200-
S does not forward packets based on the destination IP address.
By using redirection, you can implement policy-based routing (PBR). The policy-based
route is a static route. When the next hop is unavailable, the AR1200-S forwards packets
based on the original forwarding path.
l Traffic policing
This traffic control action limits the volume of traffic and the resources used by the traffic
by monitoring the rate of the traffic. By using traffic policing, the AR1200-S can discard
the packets, re-mark the color or precedence of, or implement other QoS measures over the
packets that exceed the rate limit.
l Traffic shaping
This traffic control action also limits the volume of traffic and the resources used by the
traffic by monitoring the rate of the traffic. Traffic shaping adjusts the speed of outgoing
traffic so that the downstream device has sufficient capabilities to process traffic. This
prevents packet loss and congestion. Traffic shaping controls the volume of outgoing traffic
over a network connection on a network so that the outgoing traffic can be sent out at an
even rate.
l Flow mirroring
This traffic control action copies the specified data packets to a specified destination to
detect and troubleshoot faults on a network. For details, see Configuring Local Flow
Mirroring in the Huawei AR1200-S Series Enterprise Routers Configuration Guide -
Device Management.
l Traffic statistics
This traffic control action collects data packets matching defined complex traffic
The traffic statistics action is not a QoS control measure but can be used with other actions
to improve security of networks and packets.
l Queue scheduling
Queue scheduling involves configurations relevant to queues, including scheduling modes
of Expedited Forwarding (EF), Assured Forwarding (AF), and Weighted Fair Queuing
(WFQ) queues, traffic shaping, and Weighted Random Early Detection (WRED). For
details, see CBQ in 1.2 QoS Features Supported by the AR1200-S.
Traffic Policy
A traffic policy is a QoS policy configured by binding traffic classifiers to traffic behaviors. A
traffic policy can be applied to LAN-side interfaces, WAN-side interfaces, or WAN-side sub-
interfaces.
Traffic Policy Nesting

A traffic policy can be nested into another traffic policy, as shown in Figure 2-1. That is, the
traffic behavior or action in a traffic policy is a sub traffic policy. When a sub traffic policy is
bound to a traffic policy, the traffic behavior in the traffic policy is taken for packets matching
the traffic classifier associated with the traffic behavior. Then the packets are classified by the
sub traffic policy and the traffic behavior in the sub traffic policy is taken for the classified
packets.

Figure 2-1 Networking diagram of traffic policy nesting
Traffic policy Sub traffic policy
Traffic Traffic
classifier behavior
Traffic Traffic ......
classifier behavior
Traffic Traffic
classifier behavior
......
Traffic Traffic
classifier behavior
Traffic Traffic ......
classifier behavior
Traffic Traffic
classifier behavior
Sub traffic policy
The AR1200-S supports two layers of traffic policies. A sub traffic policy cannot be nested by
another traffic policy.
The AR1200-S uses traffic policy nesting to implement HQoS. Traffic policy nesting can only
be configured on outbound WAN-side interfaces.
2.3 Configuring a Traffic Classifier

A traffic classifier classifies user traffic and is the prerequisite to configuring a traffic policy.
A traffic classifier can be used to classify packets based on the following information:
l Layer 2 information such as the VLAN ID in packets, 802.1p priority in packets, source
MAC address, destination MAC address, Layer 2 protocol field, DE field in FR packets,
DLCI in FR packets, PVC information in ATM packets, and ACL 4000 to 4999
l Layer 3 information such as DSCP priority in IP packets, IP precedence in IP packets,
protocol type, and ACL 2000-3999
l Layer 4 information such as the RTP port number and SYN Flag in the TCP packet header
l Inbound interface of packets
A traffic classifier must be bound to a traffic behavior and associated with a traffic policy so
that it can take effect.
Before configuring a traffic classifier, complete the following tasks:

l Configuring an ACL if necessary
Procedure
Step 1 Run:
system-view
Step 2 Run:
traffic classifier classifier-name [ operator { and | or } ]
A traffic classifier is created and the traffic classifier view is displayed.
l and: If rules are ANDed with each other, the packets must match all the non-ACL rules and
one of the ACL rules of the traffic classifier.
l or: Packets need to match only one rule of the traffic classifier.
By default, the relationship between rules in a traffic classifier is OR.

l To define a matching rule for traffic classification based on the 802.1p priority in VLAN
packets, run the if-match 8021p 8021p-value &<1-8> command.
l To define a matching rule for traffic classification based on the inner 802.1p priority in QinQ
packets, run the if-match cvlan-8021p 8021p-value &<1-8> command.
l To define a matching rule for traffic classification based on an ACL, run the if-match acl
{ acl-number | acl-name } command.
NOTE
To define a matching rule for traffic classification based on an ACL, create the ACL first. The AR1200-
S supports the following types of ACLs:
l Basic ACLs. For details on how to create a basic ACL, see Configuring a Basic ACL.
l Advanced ACLs. For details on how to create an advanced ACL, see Configuring an Advanced
ACL.
l Layer 2 ACLs. For details on how to create a Layer 2 ACL, see Configuring a Layer 2 ACL.
l To define a matching rule for classifying all data packets, run the if-match any command.
NOTE
If if-match any and other rules are configured in a traffic classifier simultaneously, packets match only
if-match any.
l To define a matching rule for traffic classification based on the destination MAC address,
run the if-match destination-mac mac-address [ mac-address-mask mac-address-mask ]
command.
l To define a matching rule for traffic classification based on the source MAC address, run the
if-match source-mac mac-address [ mac-address-mask mac-address-mask ] command.
l To define a matching rule for traffic classification based on the DLCI in FR packets, run the
if-match dlci start-dlci-number [ to end-dlci-number ] command.
l To define a matching rule for traffic classification based on the Discard Eligibility (DE) in
FR packets, run the if-match fr-de command.

l To define a matching rule for traffic classification based on the DSCP priority in IP packets,
run the if-match dscp dscp-value &<1-8> command.
l To define a matching rule for traffic classification based on the IP precedence in IP packets,
run the if-match ip-precedence ip-precedence-value &<1-8> command.
NOTE
If the relationship between rules is AND in a traffic classifier, the if-match dscp and if-match ip-
precedence commands cannot be used in the traffic classifier simultaneously.
l To define a matching rule for traffic classification based on the inbound interface, run the
if-match inbound-interface interface-type interface-number command.
l To define a matching rule for traffic classification based on the protocol field in the Ethernet
frame, run the if-match l2-protocol { arp | ip | rarp | protocol-value } command.
l To define a matching rule to classify traffic based on the Layer 3 protocol type in packets,
run the if-match protocol ip command.
l To define a matching rule for traffic classification based on the Permanent Virtual Circuit
(PVC) information in ATM packets, run the if-match pvc vpi-number/vci-number command.
l To define a matching rule for traffic classification based on the RTP port number, run the
if-match rtp start-port start-port-number end-port end-port-number command.
l To define a matching rule for traffic classification based on the SYN Flag in the TCP packet
header, run the if-match tcp syn-flag syn-flag &<1-6> command.
l To define a matching rule for traffic classification based on the VLAN ID, run the if-match
vlan-id start-vlan-id [ to end-vlan-id ] command.
l To define a matching rule for traffic classification based on the inner VLAN ID in QinQ
packets, run the if-match cvlan-id start-cvlan-id [ to end-cvlan-id ] command.
----End
Checking the Configuration

Run the display traffic classifier { system-defined | user-defined } [ classifier-name ]
command to check the traffic classifier configuration.
<Huawei> display traffic classifier user-defined
Classifier: gong
Operator: OR
Rule(s) : if-match vlan-id 3 to 5
2.4 Configuring a Traffic Behavior

A traffic behavior is the action to be performed for packets matching the traffic classifier and is
the prerequisite to configuring a traffic policy. The AR1200-S provides the following traffic
actions: permit/deny, re-marking, redirection, traffic policing, traffic shaping, traffic statistics,
and queue scheduling.

Before configuring a traffic behavior, familiarize yourself with the applicable environment,

A traffic behavior is the action to be performed for packets. Performing complex traffic
classification is to provide differentiated services. Complex traffic classification takes effect
only when it is associated with a traffic control action or a resource allocation action.
A traffic classifier must be bound to a traffic behavior and associated with a traffic policy so
that it can take effect.
A traffic policy containing different traffic behaviors are applied to different types of interfaces
and directions on the AR1200-S. See Table 2-2.
Table 2-2 Limitation on applying a traffic policy containing different traffic behaviors
Traffic Behavior Application Limitation
Permit/Deny There are no limitations.

Re-marking
Traffic policing
Traffic statistics
Redirection This action cannot be applied to LAN-side

or WAN-side interfaces in the inbound
direction.
Traffic shaping These actions cannot be applied to WAN-

Congestion management side interfaces in the outbound direction.
Congestion avoidance
Sub traffic policy binding
Before configuring a traffic behavior, complete the following tasks:
Data Preparation
To configure a traffic behavior, you need the following data.
No. Data
1 Traffic behavior name and related parameters
2.4.2 Configuring a Permit or Deny Action

The AR1200-S implements access control using a traffic policy. You can use the deny |
permit command to define a traffic policy. By using this traffic policy, you can implement the
firewall function to filter out packets.

Context
By configuring a deny or permit action, the AR1200-S rejects or permits packets matching traffic
classification rules to control the network traffic.
Procedure
Step 1 Run:
system-view
Step 2 Run:

l To configure a permit action, run the permit command.
l To configure a deny action, run the deny command.
NOTE
l If the action is set to deny, the packets matching traffic classification rules are discarded. Therefore,
other actions except for the traffic statistics action cannot be configured.
l If the action is set to permit, the permit action is taken for the packets matching traffic classification
rules, and other actions defined in the traffic behavior are taken for these packets.
----End
2.4.3 Configuring Redirection

By configuring the redirection action, the AR1200-S redirects the packets matching traffic
classification rules to a specified next hop address.
Context
You can configure redirection in a traffic behavior to implement PBR.
A traffic policy containing the redirection action can be applied to only the inbound direction
of an interface.
If the AR1200-S does not have the ARP entry corresponding to the next hop IP address, it triggers
ARP learning. If no ARP entry is learned, packets are forwarded along the original path. If the
AR1200-S has the ARP entry or learns the ARP entry, packets are forwarded based on the
specified IP address.
NQA diagnoses and locates network faults. Association between NQA and redirection
implements rapid route switchover and ensure correct data traffic forwarding when network
faults occur.
l If the NQA test instance detects a reachable destination IP address, packets are forwarded
based on the specified IP address and redirection takes effect.
l If the NQA test instance detects an unreachable destination IP address, packets are
forwarded along the original path and redirection does not take effect.

NOTE
The NQA test instance must be an ICMP type. For details, see Configuring the ICMP Test and Configuring
Universal Parameters for the NQA Test Instance in NQA Configuration of the Huawei AR1200-S Series
Enterprise Routers Configuration Guide - Network Management.
Procedure
Step 1 Run:
system-view

Step 2 Run:

Step 3 Run:
redirect ip-nexthop ip-address [ track nqa admin-name test-name ]
The packets matching traffic classification rules are redirected to the specified next hop
address and association between redirection and the NQA test instance is configured.
----End
2.4.4 Configuring Re-marking

By configuring the re-marking action, the AR1200-S re-marks priorities of packets matching
traffic classification rules, such as 802.1p priorities in VLAN packets, DSCP priorities in IP
packets, DE values in FR packets, or internal priorities.
Context
After the re-marking action is configured, the AR1200-S still processes outgoing packets based
on the original priority but the downstream device processes the packets based on the re-marked
priority.
Procedure
Step 1 Run:
system-view

Step 2 Run:

l Run:
remark 8021p 8021p-value
The 802.1p priority of the packets matching traffic classification rules is re-marked.
l Run:
remark cvlan-8021p 8021p-value

The inner 802.1p priority in QinQ packets matching the traffic classification rules is re-
marked.
l Run:
remark dscp { dscp-name | dscp-value }
The DSCP priority of the packets matching traffic classification rules is re-marked.
l Run:
remark fr-de fr-de-value
The DE value of the FR packets matching traffic classification rules is re-marked.

l Run:
remark local-precedence { local-precedence-name | local-precedence-value }
The local priority of the packets matching traffic classification rules is re-marked.
NOTE
If the traffic behavior is configured with remark 8021p or remark dscp, but not remark local-
precedence, the AR1200-S marks the local priority of packets as 0.
----End
2.4.5 Configuring Traffic Policing

Traffic policing limits the volume of traffic and the resources used by the traffic by monitoring
the traffic rate.
Context
The AR1200-S performs traffic policing for packets matching traffic classification rules, and
discards the excess packets or re-marks the colors or CoS of the excess packets.
NOTE
When the CBS value is less than the number of bytes in a single packet of a service, packets of the service
are discarded.
Procedure
Step 1 Run:
system-view
Step 2 Run:
Step 3 Run:
car cir cir-value [ pir pir-value ] [ cbs cbs-value pbs pbs-value ] [ share ]
[ green { discard | pass [ remark-8021p 8021p-precedence | remark-dscp dscp-
value ] } ] [ yellow { discard | pass [ remark-8021p 8021p-precedence | remark-
dscp dscp-value ] } ] [ red { discard | pass [ remark-8021p 8021p-precedence |
remark-dscp dscp-value ] } ]
The CAR action is configured.

After share is specified, all the rules in a traffic classifier bound to a traffic behavior share CAR
parameters. The system aggregates all the flows and uses the CAR to limit the flows.
----End
2.4.6 Configuring Traffic Shaping

Traffic shaping also limits the volume of traffic and the resources used by the traffic by
monitoring the traffic rate.
Context
Traffic shaping adjusts the rate of outgoing traffic so that the downstream device has capabilities
to process traffic. This prevents packet loss and congestion. Traffic shaping controls the volume
of outgoing traffic over a network connection so that the outgoing traffic can be sent out at an
even rate.
NOTE
A traffic policy containing the traffic shaping action can only be applied to outbound AR1200-S WAN-
side interfaces.
Procedure
Step 1 Run:
system-view

Step 2 Run:

Step 3 Run:
gts cir cir-value [ cbs cbs-value [ pbs pbs-value [ queue-length queue-length ] ] ]
Traffic shaping is configured.
----End
2.4.7 Configuring Congestion Management

The AR1200-S provides Assured Forwarding (AF), Expedited Forwarding (EF), and Best-Effort
(BE) queues for data packets matching traffic classification rules.
Context
The AR1200-S provides the following queues for data packets matching traffic classification
rules:
l AF: ensures low drop probability of packets when the rate of outgoing service traffic does
not exceed the minimum bandwidth. It is applied to services of heavy traffic that need to
be ensured.
l EF: is applied to services requiring a low delay, low drop probability, and assured
bandwidth. It is also applied to services occupying low bandwidth, for example, voice
packets. After packets matching traffic classification rules enter EF queues, they are

scheduled in Strict Priority (SP) mode. Packets in other queues are scheduled only after all
the packets in EF queues are scheduled.
l BE: is used with the default traffic classifier. The remaining packets that do not enter AF
or EF queues enter BE queues. BE queues use Weighted Fair Queuing (WFQ) scheduling.
When a greater number of queues are configured, WFQ allocates bandwidth more evenly
but more resources are occupied. WFQ is applied to the services insensitive to the delay
and packet loss, for example, Internet access services.
NOTE
A traffic policy containing AF, EF, or BE can only be applied to outbound AR1200-S WAN-side interfaces.
Although you are allowed to configure AF queues and bandwidth for the default traffic classifier,
BE queues are configured in most situations.
l When the default traffic classifier is associated with AF queues:
– The total bandwidth used by AF queues and EF queues cannot exceed the interface
bandwidth.
– EF queues are provided with bandwidth preferentially. AF queues share the remaining
bandwidth based on their weights.
l When the default traffic classifier is associated with BE queues:
– The system allocates 10% of the interface's available bandwidth to BE queues.
– The bandwidth used by AF queues and EF queues cannot exceed 90% of the interface
bandwidth.
– EF queues are provided with bandwidth preferentially. AF and BE queues share the
remaining bandwidth based on their weights.
The system allocates bandwidth to queues based on their weights.
Table 2-3 provides an example of bandwidth allocation.
Table 2-3 Example of congestion management parameter settings
Interface Bandwidth User Configuration
100M EF queues: a maximum of 50% of the

interface bandwidth
AF queues: a minimum bandwidth of 30

Mbit/s
BE queues: The default traffic classifier is

associated with BE queues. By default, the
system allocates 10% of the interface's
available bandwidth.
The system first allocates bandwidth to EF queues. AF queues and BE queues share the
remaining bandwidth based on weights:
l Bandwidth of EF queues: 100 Mbit/s x 50% = 50 Mbit/s
l AF queues: BE queues = 30 Mbit/s:(100 Mbit/s x 10%) = 3:1
l Remaining bandwidth: 100 Mbit/s - 50 Mbit/s = 50 Mbit/s

l AF queues and BE queues share the remaining bandwidth in the proportion of 3:1.
– Bandwidth of AF queues: 50 Mbit/s x [3/(3+1)]= 37.5 Mbit/s
– Bandwidth of BE queues: 50 Mbit/s x [1/(3+1)]= 12.5 Mbit/s
Procedure
Step 1 Run:
system-view

Step 2 Run:

l Run:
queue af bandwidth { bandwidth | pct percentage }
AF is configured for packets of a certain type and the minimum bandwidth is set.
l Run:
queue ef bandwidth { bandwidth [ cbs cbs-value ] | pct percentage }
EF is configured for packets of a certain type and the maximum bandwidth is set.
l Run:
queue wfq [ queue-number total-queue-number ]
The AR1200-S is configured to send packets matching the default traffic classifier to BE
queues in WFQ mode and the number of queues is set.
----End
Follow-up Procedure
Use the queue drop methods based on site requirements.
l Tail drop: Run the queue-length { bytes bytes-value | packets packets-value }* command
to configure tail drop and set the queue length.
l Drop profile: For details on how to configure a drop profile, see 2.4.8 Configuring
Congestion Avoidance.
2.4.8 Configuring Congestion Avoidance

This section describes how to configure flow-based congestion avoidance, and set the upper
drop threshold, lower drop threshold, and maximum drop probability of the WRED drop profile
for packets of different priorities.
Context
After a drop profile is bound to a traffic behavior, bind the traffic behavior and traffic classifier
to a traffic policy and apply the traffic policy to an interface so that WRED parameters in the
drop profile take effect on the interface.

NOTE
A traffic policy containing AF, EF, or BE can only be applied to outbound AR1200-S WAN-side interfaces.
The tail drop method and a drop profile cannot be used in the same traffic behavior. If both the drop-
profile command and the queue-length command are executed, the latter command takes effect.
Procedure
Step 1 Run:
system-view

Step 2 Run:
The traffic behavior view is displayed.
NOTE
queue af or queue wfq must have been configured in the traffic behavior.
Step 3 Run:
A drop profile is bound to the traffic behavior.
NOTE
The drop profile has been created and WRED parameters have been set in the drop profile.
----End
2.4.9 Binding a Sub Traffic Policy

A sub traffic policy can be bound to a traffic behavior on the AR1200-S so that the AR1200-S
can provide differentiated services.
Context
A traffic policy can be nested into another traffic policy. That is, the traffic behavior or action
in a traffic policy is a sub traffic policy. When a sub traffic policy is bound to a traffic policy,
the traffic behavior in the traffic policy is taken for packets matching the traffic classifier
associated with the traffic behavior. Then the packets are classified by the sub traffic policy and
the traffic behavior in the sub traffic policy is taken for the classified packets.
The AR1200-S supports two layers of traffic policies. A sub traffic policy cannot be nested by
another traffic policy.
Table 2-4 lists traffic classifiers and traffic behaviors allowed in traffic policies when traffic
policy nesting is used.

Table 2-4 Traffic classifiers and traffic behaviors allowed in traffic policies
Traffic Policy Traffic Classifier Traffic Behavior
Traffic policy (Optional) Traffic (Mandatory) Flow-based

classification based on the traffic shaping
VLAN ID in packets (Mandatory) Sub traffic
(Optional) Traffic policy binding
classification based on PVC
information in packets
(Optional) Traffic
classification based on the
data link connection
identifier (DLCI) in packets
Sub traffic policy All traffic classifiers The following traffic

supported behaviors cannot be
configured simultaneously:
l Flow-based traffic
shaping
l Class-based congestion
management and
congestion avoidance
– (Mandatory) Class-
based congestion
management
– (Optional) Flow-
based congestion
avoidance
NOTE
A traffic policy containing the preceding traffic behaviors can only be applied to outbound AR1200-S
WAN-side interfaces.
Procedure
Step 1 Run:
system-view

Step 2 Run:
The traffic behavior view is displayed.
NOTE
The traffic shaping action must have been configured in the traffic behavior.
Step 3 Run:
traffic-policy policy-name

A sub traffic policy is bound to a traffic behavior.
NOTE
The bound sub traffic policy must have been configured.
----End
2.4.10 Configuring Traffic Statistics

By configuring the traffic statistics action, the AR1200-S collects traffic statistics on the packets
matching traffic classification rules.
Context
The display traffic policy statistics command shows the statistics on forwarded packets and
discarded packets on an interface to which a traffic policy has been applied. You can locate faults
according to the command output.
By default, the traffic statistics function is disabled. Before running the display traffic policy
statistics command, ensure that the traffic statistics function has been enabled.
Procedure
Step 1 Run:
system-view
Step 2 Run:
Step 3 Run:
statistic enable
The traffic statistics function is enabled.
----End

You can view the traffic behavior configuration after a traffic behavior is configured.
Prerequisite
All the traffic behavior configurations are complete.
Procedure
l Run the display traffic behavior { system-defined | user-defined } [ behavior-name ]
command to check the traffic behavior configuration.
----End

2.5 Configuring a Traffic Policy

After a traffic classifier and a traffic behavior are configured, bind the traffic classifier and the
traffic behavior to a traffic policy and apply the traffic policy to an interface.
A traffic classifier classifies user packets and a traffic behavior defines actions taken for the
packets matching the traffic classifier. A traffic policy is configured by binding traffic classifiers
to traffic behaviors. A traffic policy can be applied to AR1200-S LAN-side interfaces, WAN-
side interfaces, or WAN-side sub-interfaces.
Only one traffic policy can be applied to one direction on an interface, but a traffic policy can
be applied to different directions on different interfaces.
Before configuring a traffic policy, complete the following tasks:
l 2.3 Configuring a Traffic Classifier
l 2.4 Configuring a Traffic Behavior
Procedure
Step 1 Run:
system-view
Step 2 Run:
traffic policy policy-name
A traffic policy is created and the traffic policy view is displayed.
Step 3 Run:
classifier classifier-name behavior behavior-name
A traffic classifier and a traffic behavior are associated with the traffic policy.
Step 4 Run:
quit
Exit from the traffic policy view.
Step 5 Run:
Step 6 Run:
traffic-policy policy-name { inbound | outbound }
A traffic policy is applied to the interface or sub-interface in the inbound or outbound direction.
----End

2.6 Maintaining a Traffic Policy

If the traffic statistics function is enabled, you can view and clear the flow-based traffic statistics.
2.6.1 Displaying the Flow-based Traffic Statistics

The flow-based traffic statistics include the numbers of forwarded and discarded packets.
Context
To check forwarded and discarded packets on an interface to which a traffic policy has been
applied, view the flow-based traffic statistics on the interface.
To view the flow-based traffic statistics, ensure that a traffic policy has been created and the
traffic statistics action has been configured in the traffic policy.
Procedure
Step 1 Run the display traffic policy statistics interface interface-type interface-number [ pvc vpi-
number/vci-number | dlci dlic-number ] { inbound | outbound } [ verbose { classifier-base |
rule-base } [ class classifier-name ] ] or display traffic policy statistics interface { virtual-
template vt-number | dialer number } virtual-access va-number { inbound | outbound }
[ verbose { classifier-base | rule-base } [ class classifier-name ] ] command to view the traffic
statistics on an interface to which a traffic policy has been applied.
----End
2.6.2 Clearing the Flow-based Traffic Statistics

You can use the reset command to clear the flow-based traffic statistics.
Context
Before recollecting the flow-based traffic statistics on an interface, run the following command
in the user view to clear the existing statistics.
To clear the flow-based traffic statistics, ensure that a traffic policy has been created and the
traffic statistics action has been configured in the traffic policy.
CAUTION
The cleared flow-based traffic statistics cannot be restored. Exercise caution when you run the
command.
Procedure
Step 1 Run the reset traffic policy statisticsreset traffic policy statistics interface interface-type
interface-number { inbound | outbound } or reset traffic policy statistics interface { virtual-

template vt-number | dialer number } virtual-access va-number { inbound | outbound }

command to clear the flow-based traffic statistics on an interface.
----End

This section provides several configuration examples of a traffic policy.
2.7.1 Example for Configuring Re-marking

By configuring re-marking, the Router re-marks 802.1p priorities in packets with DSCP
priorities to provide differentiated services.
Different service packets are identified on the LAN side based on 802.1p priorities in packets.
When packets reach the WAN- side network from GE0/0/1, RouterA needs to provide
differentiated services based on DSCP priorities in the packets. The re-marking action is
configured to re-mark 802.1p priorities with DSCP priorities.
Figure 2-2 Networking diagram of re-marking configurations
Video
802.1p=5
Data
802.1p=2
Voice SwitchA GE0/0/1

Eth0/0/0
LAN 802.1p=6 WAN
Eth0/0/1
Video SwitchB
802.1p=5 RouterA RouterB
Data
802.1p=2 Voice
802.1p=6

2. Configure traffic classifiers on RouterA to match packets based on 802.1p priorities.
3. Configure traffic behaviors on RouterA to re-mark 802.1p priorities of packets.
4. Configure a traffic policy on RouterA, bind the configured traffic behaviors and traffic
classifiers to the traffic policy, and apply the traffic policy to Eth0/0/0 and Eth0/0/1 in the
inbound direction.
Data Preparation
l The interface connecting RouterA and SwitchA belongs to VLAN 20 and the IP address
of VLANIF 20 is 192.168.2.1/24.
l The interface connecting RouterA and SwitchB belongs to VLAN 30 and the IP address
of VLANIF 30 is 192.168.3.1/24.
l The IP address of the interface connecting RouterA and the WAN-side interface is
192.168.4.1/24.
l The 802.1p priorities of data, video, and voice packets are 2, 5, and 6, and are re-marked
with DSCP priorities 15, 40, and 50.
l The traffic policy is applied to Eth0/0/0 and Eth0/0/1 in the inbound direction.
Procedure
# Configure Eth0/0/0 and Eth0/0/1 as trunk interfaces, and add Eth0/0/0 to VLAN 20 and
Eth0/0/1 to VLAN 30.
NOTE
Configure the interface connecting SwitchA and RouterA as a trunk interface and add it to VLAN 20.
Configure the interface connecting SwitchB and RouterA as a trunk interface and add it to VLAN 30.


NOTE
Configure RouterB to ensure that there is a reachable route between RouterB and RouterA. The

# Create and configure traffic classifiers c1, c2, and c3 on RouterA to classify packets based on
802.1p priorities.
[RouterA-classifier-c1] if-match 8021p 2
Step 3 Create and configure traffic behaviors b1, b2, and b3 on RouterA, and re-mark 802.1p priorities
of packets.
[RouterA-behavior-b1] remark dscp 15
Step 4 # Create a traffic policy p1 on RouterA, bind the configured traffic behaviors and traffic
classifiers to the traffic policy, and apply the traffic policy to Eth0/0/0 and Eth0/0/1 in the
inbound direction.
[RouterA] traffic policy p1
[RouterA-trafficpolicy-p1] quit
[RouterA] quit

# View the configuration of traffic classifiers.
<RouterA> display traffic classifier user-defined
Classifier: c2
Operator: OR
Rule(s) : if-match 8021p 5
Classifier: c3
Operator: OR
Classifier: c1
Operator: OR


<RouterA> display traffic policy user-defined p1
Policy: p1
Classifier: c1
Operator: OR
Behavior: b1
Marking:
Remark DSCP 15
Classifier: c2
Operator: OR
Behavior: b2
Marking:
Remark DSCP cs5
Classifier: c3
Operator: OR
Behavior: b3
Marking:
Remark DSCP 50
----End
Configuration Files
#
sysname RouterA
#
vlan batch 20 30
#
traffic classifier c3 operator or
if-match 8021p 6
if-match 8021p 5
if-match 8021p 2
#
traffic behavior b3
remark dscp 50
traffic behavior b2
remark dscp cs5
traffic behavior b1
remark dscp 15
#
traffic policy
p1
b1
b2
classifier c3 behavior b3
#
interface
Vlanif20
255.255.255.0
#
interface
Vlanif30
255.255.255.0
#

port link-type
trunk
20
traffic-policy p1
inbound
#
port link-type
trunk
30
traffic-policy p1
inbound
#
255.255.255.0
#
return
2.7.2 Example for Configuring Traffic Statistics

After the traffic statistics action is configured, the Router collects statistics on packets with the
specified source MAC address.
As shown in Figure 2-3, the MAC address of PC1 is 0000-0000-0003 and PC1 is connected to
Eth0/0/0 of the Router through the switch. The Router is required to collect statistics on packets
with the source MAC address 0000-0000-0003.
Figure 2-3 Networking diagram of traffic statistics based on complex traffic classification
Eth0/0/0
VLAN 20 WAN
PC1 Switch Router
MAC:0000-0000-0003
1. Configure interfaces so that the Router can be connected to the switch and PC1.
2. Configure an ACL to match packets with the source MAC address 0000-0000-0003.
3. Configure a traffic classifier and bind the traffic classifier to the ACL.
4. Configure a traffic behavior to allow the packets matching rules.
5. Configure a traffic policy, bind the traffic policy to the traffic classifier and traffic behavior,
and apply the traffic policy to Eth0/0/0 in the inbound direction so that the Router collects
statistics on packets with the source MAC address 0000-0000-0003.

Data Preparation
l VLAN 20 that the interface connecting the Router and the switch belong to
l ACL 4000
l Traffic classifier c1
l Traffic behavior b1
l Traffic policy p1
Procedure
Step 1 Create a VLAN and configure each interface.
# Create VLAN 20.
[Huawei] sysname Router
[Router] vlan 20
[Router-vlan20] quit

NOTE
Configure the interface connecting the switch and the Router as a trunk interface and add it to VLAN 20.
Configure the interface connecting the switch and PC1 as an access interface and add it to VLAN 20.
Step 2 Create ACL 4000 (a Layer 2 ACL) on the Router to match packets with the source MAC address
0000-0000-0003.
[Router] acl 4000
[Router-acl-L2-4000] rule permit source-mac 0000-0000-0003 ffff-ffff-ffff
[Router-acl-L2-4000] quit
Step 3 Create a traffic classifier c1 on the Router to match ACL 4000.

[Router] traffic classifier c1
[Router-classifier-c1] if-match acl 4000
[Router-classifier-c1] quit
Step 4 Create a traffic behavior b1 on the Router and configure the traffic statistics action in the traffic
behavior.
[Router] traffic behavior b1
[Router-behavior-b1] statistic enable
[Router-behavior-b1] quit
Step 5 Configure a traffic policy and apply the traffic policy to an interface.
# Create a traffic policy p1 on the Router and bind the traffic policy to the traffic classifier and
traffic behavior.
[Router] traffic policy p1
[Router-trafficpolicy-p1] classifier c1 behavior b1
[Router-trafficpolicy-p1] quit
# Apply the traffic policy p1 to Eth0/0/0.

[Router-Ethernet0/0/0] traffic-policy p1 inbound

[Router] quit

# View the ACL configuration.
<Router> display acl 4000
L2 ACL 4000, 1 rule
Acl's step is 5
rule 5 permit source-mac 0000-0000-0003
# View the traffic classifier configuration.

<Router> display traffic classifier user-defined
Classifier: c1
Operator: OR
Rule(s) : if-match acl 4000

<Router> display traffic policy user-defined p1
Policy: p1
Classifier: c1
Operator: OR
Behavior: b1
statistic: enable
# View the traffic statistics.

<Router> display traffic policy statistics interface Ethernet 0/0/0 inbound
Interface: Ethernet0/0/0
Traffic policy inbound: p1
Rule number: 1
Current status: OK!
Board : 0
Item Packets Bytes
---------------------------------------------------------------------
Matched 0 0
+--Passed 0 0
+--Dropped 0 0
+--Filter 0 0
+--URPF - -
+--CAR 0 0
+--Enqueue 0 0
+--Queue pass 0 0
+--Queue drop 0 0
+--Car 0 -
+--Green packets 0 -
+--Yellow packets 0 -
+--Red packets 0 -
----End
Configuration Files
l Configuration file of the Router
#
sysname Router
#
vlan batch 20
#
acl number 4000
rule 5 permit source-mac 0000-0000-0003
#

if-match acl 4000

#
traffic behavior b1
statistic enable
#
traffic policy p1
classifier c1 behavior b1
#
port link-type
trunk
20
traffic-policy p1
inbound
#
return
2.7.3 Example for Configuring Association Between NQA and

Redirection
After association between NQA and redirection is configured, when the NQA test instance
detects that links are running properly, packets from different departments reach the WAN-side
network through different links; when the NQA test instance detects that a link fault occurs,
redirection does not take effect and packets are forwarded along the original path.
As shown in Figure 2-4, two departments VLAN 10 and VLAN 20 connect to GE1/0/0 and
GE2/0/0 of RouterA.
RouterA can connect to the WAN-side network through the link RouterA→RouterB→
RouterD or RouterA→RouterC→RouterD. The requirements are as follows:
l Packets from the two departments reach the WAN-side network through the two links when
the two links are running properly.
l When a link is faulty, packets from the two departments are forwarded on the other link.
This prevents service interruption for a long time.
l When the link fault is rectified, packets reach the WAN-side network through the two links.

Figure 2-4 Networking diagram of association between NQA and redirection
Data
Voice
Video
VLAN 10 192.168.3.1/24 192.168.5.1/24

RouterB
GE1/0/0
192.168.1.1/24
SwitchA
RouterA WAN
SwitchB
GE2/0/0
RouterD
192.168.2.1/24
RouterC
VLAN 20
192.168.4.1/24 192.168.6.1/24
Video
Voice
Data
1. Configure interfaces so that enterprise users can access the WAN-side network through
RouterA.
2. Configure a NQA test instance to detect whether the links RouterA→RouterB→RouterD
and RouterA→RouterC→RouterD are running properly.
3. Configure traffic classifiers to match incoming packets.
4. Configure traffic behaviors in which redirection is associated with the NQA test instance.
When the NQA test instance detects that the link RouterA→RouterB→RouterD is running
properly, packets matching the traffic classifier are redirected to 192.168.3.1/24. When the
NQA test instance detects that the link RouterA→RouterC→RouterD is running properly,
packets matching the traffic classifier are redirected to 192.168.4.1/24.
5. Configure traffic policies, bind traffic classifiers and traffic behaviors to the traffic policies,
and apply the traffic policies to interfaces.
Data Preparation
l IP addresses of interfaces
l NQA test instance parameters
NQA Test Administrator NQA Test Destination

Instance Type Instance Name Address
ICMP admin vlan10 192.168.5.1/24

NQA Test Administrator NQA Test Destination

Instance Type Instance Name Address
ICMP admin vlan20 192.168.6.1/24
l Traffic classifier parameters
Name Matching Rule
vlan10 Matching incoming packets on GE1/0/0
vlan20 Matching incoming packets on GE2/0/0
l Traffic behavior parameters
Name Next Hop IP Address NQA Test Instance

Associated with
Redirection
vlan10 192.168.3.1/24 admin vlan10
vlan20 192.168.4.1/24 admin vlan20
l Traffic policies vlan10 and vlan20, which are applied to incoming packets on GE1/0/0 and
GE2/0/0
Procedure
Step 1 Configure each interface.
# Configure IP address 192.168.1.1/24 for GE1/0/0 on RouterA.

NOTE
The configurations of other interfaces are similar to the configuration of GE1/0/0, and are not mentioned
here.
Configure SwitchA and SwitchB so that they can communicate with RouterA.
Step 2 Configure an NQA test instance on RouterA.

[RouterA] nqa test-instance admin vlan10
[RouterA-nqa-admin-vlan10] test-type icmp
[RouterA-nqa-admin-vlan10] destination-address ipv4 192.168.5.1
[RouterA-nqa-admin-vlan10] frequency 10
[RouterA-nqa-admin-vlan10] start now
[RouterA-nqa-admin-vlan10] quit
[RouterA] nqa test-instance admin vlan20
[RouterA-nqa-admin-vlan20] test-type icmp
[RouterA-nqa-admin-vlan20] destination-address ipv4 192.168.6.1
[RouterA-nqa-admin-vlan10] frequency 10
[RouterA-nqa-admin-vlan20] start now
[RouterA-nqa-admin-vlan20] quit


# Configure traffic classifiers vlan10 and vlan20 on RouterA to match incoming packets on
GE1/0/0 and GE2/0/0 respectively.
[RouterA] traffic classifier vlan10

[RouterA-classifier-vlan10] if-match inbound-interface gigabitethernet 1/0/0
[RouterA-classifier-vlan10] quit
[RouterA] traffic classifier vlan20
[RouterA-classifier-vlan20] if-match inbound-interface gigabitethernet 2/0/0
[RouterA-classifier-vlan20] quit
Step 4 Configure traffic behaviors.

# Create traffic behavior vlan10 on RouterA and associate the NQA test instance admin
vlan10 with redirection to the next hop 192.168.3.1/24. When the NQA test instance detects that
the link is running properly, redirection takes effect. When the NQA test instance detects a link
fault, packets are forwarded along the original path.
[RouterA] traffic behavior vlan10
[RouterA-behavior-vlan10] redirect ip-nexthop 192.168.3.1 track nqa admin vlan10
[RouterA-behavior-vlan10] quit
# Create traffic behavior vlan20 on RouterA and associate the NQA test instance admin
vlan20 with redirection to the next hop 192.168.4.1/24. When the NQA test instance detects that
the link is running properly, redirection takes effect. When the NQA test instance detects a link
fault, packets are forwarded along the original path.
[RouterA] traffic behavior vlan20
[RouterA-behavior-vlan20] redirect ip-nexthop 192.168.4.1 track nqa admin vlan20
[RouterA-behavior-vlan20] quit
Step 5 Configure traffic policies and apply the traffic policies to interfaces.
# Create traffic policies vlan10 and vlan20 on RouterA and bind the traffic classifier and the
traffic behavior to the traffic policy.
[RouterA] traffic policy vlan10
[RouterA-trafficpolicy-vlan10] classifier vlan10 behavior vlan10
[RouterA-trafficpolicy-vlan10] quit
[RouterA] traffic policy vlan20
[RouterA-trafficpolicy-vlan20] classifier vlan20 behavior vlan20
[RouterA-trafficpolicy-vlan20] quit
# Apply the traffic policy vlan10 to incoming packets on GE1/0/0 and the traffic policy
vlan20 to incoming packets on GE2/0/0.
[RouterA-GigabitEthernet1/0/0] traffic-policy vlan10 inbound
[RouterA-GigabitEthernet2/0/0] traffic-policy vlan20 inbound

#
ip address 192.168.1.1 255.255.255.0
traffic-policy vlan10 inbound
#
return

#
ip address 192.168.2.1 255.255.255.0
traffic-policy vlan20 inbound
#
return
# View the traffic policy configuration on the interface.

[RouterA] display traffic policy user-defined
Policy: vlan10
Classifier: vlan10
Operator: OR
Behavior: vlan10
Redirect:
Redirect ip-nexthop 192.168.3.1 track nqa admin vlan10
Policy: vlan20
Classifier: vlan20
Operator: OR
Behavior: vlan20
Redirect:
Redirect ip-nexthop 192.168.4.1 track nqa admin vlan20
----End
Configuration Files
#
sysname RouterA
#
traffic classifier vlan10 operator
or
if-match inbound-interface GigabitEthernet1/0/0
traffic classifier vlan20 operator
or
if-match inbound-interface GigabitEthernet2/0/0
#
traffic behavior
vlan10
redirect ip-nexthop 192.168.3.1 track nqa admin
vlan10
traffic behavior
vlan20
redirect ip-nexthop 192.168.4.1 track nqa admin
vlan20
#
traffic policy
vlan10
classifier vlan10 behavior
vlan10
traffic policy
vlan20
classifier vlan20 behavior
vlan20
#
255.255.255.0
traffic-policy vlan10
inbound
#

255.255.255.0
traffic-policy vlan20
inbound
#
nqa test-instance admin
vlan10
test-type
icmp
destination-address ipv4
192.168.5.1
frequency 10
start now
nqa test-instance admin
vlan20
test-type
icmp
destination-address ipv4
192.168.6.1
frequency 10
start now
#
return


Configuration Guide - QoS (V200R001C01 - 04) PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Configuration Guide - QoS (V200R001C01 - 04) PDF

Uploaded by

Copyright:

Available Formats

Huawei AR1200-S Series Enterprise Routers

Configuration Guide - QoS

HUAWEI TECHNOLOGIES CO., LTD.

Trademarks and Permissions

Huawei Technologies Co., Ltd.

Issue 04 (2012-01-06) Huawei Proprietary and Confidential i

About This Document

Indicates a hazard with a high level of risk, which if not

Indicates a hazard with a medium or low level of risk, which

Indicates a potentially hazardous situation, which if not

NOTE Provides additional information to emphasize or supplement

Issue 04 (2012-01-06) Huawei Proprietary and Confidential ii

Boldface The keywords of a command line are in boldface.

Italic Command arguments are in italics.

[] Items (keywords or arguments) in brackets [ ] are optional.

{ x | y | ... } Optional items are grouped in braces and separated by

[ x | y | ... ] Optional items are grouped in brackets and separated by

{ x | y | ... }* Optional items are grouped in braces and separated by

[ x | y | ... ]* Optional items are grouped in brackets and separated by

# A line starting with the # sign is comments.

Interface Numbering Conventions

Changes in Issue 04 (2012-01-06)

Changes in Issue 03 (2011-11-27)

Issue 04 (2012-01-06) Huawei Proprietary and Confidential iii

l 2.4.5 Configuring Traffic Policing

Changes in Issue 02 (2011-10-15)

Changes in Issue 01 (2011-08-15)

Issue 04 (2012-01-06) Huawei Proprietary and Confidential iv

About This Document.....................................................................................................................ii

Issue 04 (2012-01-06) Huawei Proprietary and Confidential v

1.8.2 Configuring a Traffic Policy....................................................................................................................38

2 Traffic Policy Configuration.....................................................................................................72

Issue 04 (2012-01-06) Huawei Proprietary and Confidential vi

About This Chapter

1.1 QoS Overview

Issue 04 (2012-01-06) Huawei Proprietary and Confidential 1

1.10 Configuration Examples

Issue 04 (2012-01-06) Huawei Proprietary and Confidential 2

1.1 QoS Overview

QoS uses the following models:

1.2 QoS Features Supported by the AR1200-S

The AR1200-S supports the following functions:

Table 1-1 Implementation of QoS features

Traffic policing Interface-based traffic policing can be

Issue 04 (2012-01-06) Huawei Proprietary and Confidential 3

Traffic shaping Interface-based traffic shaping can only be

Congestion avoidance Queue-based congestion avoidance can only

Congestion management Queue-based congestion management can

HQoS Flow-based hierarchical QoS (HQoS) can

Table 1-2 Mappings between 802.1p priorities and queues

802.1p Priority Queue Index

Issue 04 (2012-01-06) Huawei Proprietary and Confidential 4

802.1p Priority Queue Index

Table 1-3 Mappings between 802.1p priorities and queues

Issue 04 (2012-01-06) Huawei Proprietary and Confidential 5

Figure 1-1 Measuring traffic using token buckets

Put tokens into the bucket at the

The AR1200-S supports dual token bucket technology:

Issue 04 (2012-01-06) Huawei Proprietary and Confidential 6

Figure 1-2 Traffic shaping

Token Put tokens into

Issue 04 (2012-01-06) Huawei Proprietary and Confidential 7

Traffic shaping is performed for packets in a specified queue on an interface so that