< Home

Configuring NQA for PBR

Background

PBR allows switches to select paths and forward packets based on defined policies. However, PBR lacks a fault detection mechanism. In a scenario where the link for the redirection next hop becomes faulty, PBR becomes ineffective only after the ARP entry of the redirection next hop is aged. As a result, services cannot be immediately switched to another link, causing service interruptions.

Network quality analysis (NQA) for PBR solves this issue by providing a fault detection mechanism for PBR. In the same scenario, the next hop will become ineffective immediately without waiting for the aging of its ARP entry. This is because the NQA test identifies the fault. NQA for PBR helps shorten the service interruption time and improve QoS.

Pre-configuration Tasks

Before configuring NQA for PBR, complete the following tasks:

  • Configure IP addresses and routing protocols for interfaces to ensure connectivity.

  • Configure an ACL if the ACL needs to be used to classify traffic.

Procedure

  1. Configure an ICMP NQA test instance.

    1. Run system-view

      The system view is displayed.

    2. Run nqa test-instance admin-name test-name

      An NQA test instance is created, and the test instance view is displayed.

    3. Run test-type icmp

      The test type is set to ICMP.

      When NQA is associated with PBR, only an ICMP NQA test instance can be used to check whether a route from the source to the destination is reachable.

    4. Run destination-address ipv4 ip-address

      The destination address is set for the NQA test instance.

    5. (Optional) Run frequency interval

      The interval at which the NQA test instance automatically runs is set.

      By default, no automatic test interval is set. The system performs the test only once.

    6. (Optional) Run probe-count number

      The number of probes to be sent each time is set for the NQA test instance.

      By default, the number of probes to be sent each time is 3.

      By sending multiple probes for an NQA test instance, the network quality can be estimated more accurately based on the collected statistics.

    7. (Optional) Run interval { milliseconds interval | seconds interval }

      The interval at which probe packets are sent is set for the NQA test instance.

      For the default interval at which probe packets are sent, see the command reference manual.

    8. (Optional) Run timeout time

      The timeout period of a probe is set for the NQA test instance.

      By default, the timeout period of a probe for FTP test instances is 15s and that for other test instances is 3s.

    9. Set the NQA test instance startup mode as required to start the NQA test instance.

      • Run start now [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]

        The NQA test instance is started immediately.

      • Run start at [ yyyy/mm/dd ] hh:mm:ss [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]

        The NQA test instance is started at the specified time.

      • Run start delay { seconds second | hh:mm:ss } [ end { at [ yyyy/mm/dd ] hh:mm:ss | delay { seconds second | hh:mm:ss } | lifetime { seconds second | hh:mm:ss } } ]

        The NQA test instance is started after the specified delay.

    10. Run quit

      Return to the system view.

    11. Run quit

      Exit from the system view.

  2. Configure a traffic classifier.

    For details about configuring a traffic classifier, see Configuring a Traffic Classifier in "MQC Configuration" in the S2720, S5700, and S6700 V200R019C10 Configuration Guide - QoS.

  3. Configure a traffic behavior.

    1. Run system-view

      The system view is displayed.

    2. Run traffic behavior behavior-name

      A traffic behavior is created and the traffic behavior view is displayed; alternatively, the existing traffic behavior view is displayed.

    3. Run redirect [ vpn-instance vpn-instance-name ] ip-nexthop { ip-address [ track-nqa admin-name test-name ] } &<1-4> [ forced | low-precedence ] *

      The packets matching traffic classification rules are redirected to the specified next hop, and association between PBR and the NQA test instance is configured.

      To configure association between PBR and the NQA test instance, specify the track-nqa admin-name test-name parameter.

      In a given traffic behavior, a next-hop IP address can be bound to only one NQA test instance.

      On the switch, a maximum of eight NQA test instances can be bound.

    4. (Optional) Run statistic enable

      The traffic statistics collection function is enabled.

    5. Run quit

      Return to the system view.

    6. Run quit

      Exit from the system view.

  4. Configure a traffic policy.

    For details about configuring a traffic policy, see Configuring a Traffic Policy in "MQC Configuration" in the S2720, S5700, and S6700 V200R019C10 Configuration Guide - QoS.

  5. Apply the traffic policy.

    • Apply the traffic policy to an interface.

      1. Run system-view

        The system view is displayed.

      2. Run interface interface-type interface-number

        The interface view is displayed.

      3. Run traffic-policy policy-name inbound

        The traffic policy is applied to the inbound direction of the interface.

    • Apply the traffic policy to a VLAN.

      1. Run system-view

        The system view is displayed.

      2. Run vlan vlan-id

        The VLAN view is displayed.

      3. Run traffic-policy policy-name inbound

        The traffic policy is applied to the VLAN.

        Subsequently, the system performs traffic policing on the incoming packets that are sent from the VLAN and match traffic classification rules.

    • Apply the traffic policy globally.

      1. Run system-view

        The system view is displayed.

      2. Run traffic-policy policy-name global inbound [ slot slot-id ]

        The traffic policy is applied globally.

Verifying the Configuration

  • Run the display traffic classifier user-defined [ classifier-name ] command to check the traffic classifier configuration.
  • Run the display traffic behavior user-defined [ behavior-name ] command to check the traffic behavior configuration.

  • Run the display traffic policy user-defined [ policy-name [ classifier classifier-name ] ] command to check the configuration of a specified user-defined traffic policy.

  • Run the display traffic-applied [ interface [ interface-type interface-number ] | vlan [ vlan-id ] ] { inbound | outbound } [ verbose ] command to check information about ACL-based simplified and MQC-based traffic policies applied to the system, a VLAN, or an interface.

    The display traffic-applied command cannot be used to check information about ACL-based simplified and MQC-based traffic policies applied to a sub-interface. However, traffic policies can be applied to a sub-interface.

  • Run the display traffic policy { interface [ interface-type interface-number [.subinterface-number ] ] | vlan [ vlan-id ] | ssid-profile [ ssid-profile-name ] | global } [ inbound | outbound ] command to check the traffic policy configuration.

    Only the S5720-EI, S5720-HI, S5730-HI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-EI, S6720-HI, S6720S-EI, S6730-H, S6730S-H, S6730-S, and S6730S-S support sub-interfaces.

    Only the S5720-HI, S5730-HI, S5731-H, S5731S-H, S5732-H, S6720-HI, S6730S-H, and S6730-H support ssid-profile [ ssid-profile-name ].

  • Run the display traffic-policy applied-record [ policy-name ] command to check the application records of a specified traffic policy.

Parent Topic: PBR Configuration
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >