< Home

Applying a Traffic Policy

Pre-configuration Tasks

Before applying a traffic policy, configure the traffic policy.

Procedure

Determine the object, for example, a port, VLAN, VLANIF interface, or system, to which a traffic policy will be applied, and then apply the traffic policy in the corresponding view. If a traffic policy is applied to a port, VLAN, or system, both Layer 2 and Layer 3 traffic traversing the interface, VLAN, or system can be controlled. If a traffic policy is applied to a VLANIF interface, only Layer 3 traffic traversing the VLANIF interface can be controlled.

  • Applying a traffic policy to an interface

    1. Run system-view

      The system view is displayed.

    2. Run interface interface-type interface-number [.subinterface-number ]

      The interface view or sub-interface view is displayed.

      • Only the S5720-EI, S5720-HI, S5730-HI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-EI, S6720-HI, S6720S-EI, S6730-H, S6730S-H, S6730-S, and S6730S-S support Ethernet sub-interfaces.

      • Only hybrid and trunk interfaces on the preceding switches support Ethernet sub-interface configuration.

      • After you run the undo portswitch command to switch Layer 2 interfaces on the preceding series of switches into Layer 3 interfaces, you can configure Ethernet sub-interfaces on the interfaces.

      • After an interface is added to an Eth-Trunk, sub-interfaces cannot be configured on the interface.

      • VLAN termination sub-interfaces cannot be created on a VCMP client.

    3. Run traffic-policy policy-name { inbound | outbound }

      A traffic policy is applied to the interface or sub-interface.

      Each direction on an interface can be configured with only one traffic policy. A single traffic policy can be applied to both directions on one or more interfaces. After a traffic policy is applied to an interface, the system performs traffic policing for all the incoming or outgoing packets that match traffic classification rules on the interface.

      • Traffic policies can be applied to only the inbound direction of sub-interfaces on the S5720-EI, S5720-HI, S5730-HI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-EI, S6720-HI, S6720S-EI, S6730-H, S6730S-H, S6730-S, and S6730S-S.

      • You are not advised to apply a traffic policy containing remark 8021p, remark cvlan-id, or remark vlan-id to the outbound direction of an untagged interface. This configuration may cause incorrect information in the packets.

      • Applying traffic policies consumes ACL resources. If ACL resources are insufficient, some traffic policies will fail to be applied. For example, if an if-match rule in a traffic policy occupies one ACL, one ACL is occupied for each interface to which the traffic policy is applied. When a traffic policy is applied to multiple VLANs, one ACL is occupied for each VLAN to which the traffic policy is applied. When a traffic policy is applied to the system, one ACL is occupied. For details about ACLs occupied by if-match rules, see Table 3 in "Licensing Requirements and Limitations for MQC."

      • Among the 2N interfaces on the S6720-EI or S6720S-EI, if an interface in the range from 1 to N and an interface in the range from N+1 to 2N are added to the same Eth-Trunk or VLAN, and outgoing traffic of the Eth-Trunk or VLAN is rate-limited by car, the outgoing traffic rate is two times the CAR value.
  • Applying a traffic policy to a VLAN

    1. Run system-view

      The system view is displayed.

    2. Run vlan vlan-id

      The VLAN view is displayed.

    3. Run traffic-policy policy-name { inbound | outbound }

      A traffic policy is applied to the VLAN.

      Each direction of a VLAN can be configured with only one traffic policy.

      After a traffic policy is applied to a VLAN, the system performs traffic policing for the packets that belong to the VLAN and match traffic classification rules in the inbound or outbound direction.

  • Applying a traffic policy to a VLANIF interface

    1. Run system-view

      The system view is displayed.

    2. Run interface vlanif vlan-id

      The VLANIF interface view is displayed.

    3. Run traffic-policy policy-name { inbound | outbound }

      A traffic policy is applied to the VLANIF interface.

      Each direction of a VLANIF interface can be configured with only one traffic policy. A single traffic policy can be applied to both directions on one or more VLANIF interfaces.

      A traffic policy cannot be applied to a VLANIF interface corresponding to the super-VLAN or MUX VLAN.

      On the S5720-EI, S6720-EI, and S6720S-EI, a traffic policy applied to a VLANIF interface takes effect only for unicast packets and Layer 3 multicast packets on the VLANIF interface.

      On the S5720-HI, S5730-HI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-HI, S6730-H, S6730S-H, S6730-S, and S6730S-S, a traffic policy applied to a VLANIF interface takes effect only for unicast packets on the VLANIF interface.

      A traffic policy can be applied to a VLANIF interface only on the S5720-EI, S5720-HI, S5730-HI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-EI, S6720-HI, S6720S-EI, S6730-H, S6730S-H, S6730-S, and S6730S-S.

      A traffic policy cannot be applied to the inbound direction of a VLANIF interface when the bound traffic behaviors define the following actions:
      • remark vlan-id
      • remark cvlan-id
      • remark 8021p
      • remark flow-id
      • mac-address learning disable
      A traffic policy cannot be applied to the outbound direction of a VLANIF interface when the bound traffic behaviors define the following actions:
      • remark flow-id
      • mac-address learning disable
  • Applying a traffic policy globally

    1. Run system-view

      The system view is displayed.

    2. Run traffic-policy policy-name global { inbound | outbound } [ slot slot-id ]

      A traffic policy is applied to the system.

      Each direction can be configured with only one traffic policy in the system or slot. A traffic policy cannot be applied to the same direction in both the system and slot.

      • In a stack, a traffic policy applied to the system takes effect on all the interfaces and VLANs of all the member switches in the stack. The system then performs traffic policing for all the incoming and outgoing packets that match traffic classification rules on all the member switches. A traffic policy applied to a specified slot takes effect on all the interfaces and VLANs of the member switch with the specified stack ID. The system then performs traffic policing for all the incoming and outgoing packets that match traffic classification rules on this member switch.
      • On a standalone switch, a traffic policy applied to the system takes effect on all the interfaces and VLANs of the local switch. The system then performs traffic policing for all the incoming and outgoing packets that match traffic classification rules on the local switch. Traffic policies applied to the slot and system have the same functions.
Parent Topic: Configuring MQC
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >