Configuring MQC-based Priority Re-marking

Background

Priority re-marking is a method of changing priority fields of the packets that match certain traffic classification rules. For example, you can configure priority mapping to change the 802.1p priority of VLAN packets or DSCP priority and local priority of IP packets.

Procedure

Configure a traffic classifier.

Run system-view

The system view is displayed.
Run traffic classifier classifier-name [ operator { and | or } ]
A traffic classifier is created and the traffic classifier view is displayed, or the view of an existing traffic classifier is displayed.
and is the logical operator between the rules in the traffic classifier, which means that:
- If the traffic classifier contains ACL rules, packets match the traffic classifier only when they match one ACL rule and all the non-ACL rules.
- If the traffic classifier does not contain any ACL rules, packets match the traffic classifier only when they match all the rules in the classifier.
The logical operator or means that packets match the traffic classifier as long as they match any one of the rules in the traffic classifier.
By default, the logical operator used between rules in a traffic classifier is OR.

Configure matching rules according to the following table.

Matching Rule	Command	Remarks
Outer VLAN ID or inner and outer VLAN IDs of QinQ packets	if-match vlan-id start-vlan-id [ to end-vlan-id ] [ cvlan-id cvlan-id ]	Only the S5730-SI, S5730S-EI, S6720-LI, S6720S-LI, S6720-SI, and S6720S-SI support the cvlan-id cvlan-id parameter.
Inner and outer VLAN IDs in QinQ packets	if-match cvlan-id start-vlan-id [ to end-vlan-id ] [ vlan-id vlan-id ]	Only the S5730-SI, S5730S-EI, S6720-LI, S6720S-LI, S6720-SI, and S6720S-SI support this command.
802.1p priority in VLAN packets	if-match 8021p 8021p-value &<1-8>	If you enter multiple 802.1p priority values in the command, packets match the traffic classifier as long as they match one 802.1p priority value, regardless of whether the relationship between rules in the traffic classifier is AND or OR.
Destination MAC address	if-match destination-mac mac-address [ mac-address-mask ]	-
Source MAC address	if-match source-mac mac-address [ mac-address-mask ]	-
Protocol type field encapsulated in the Ethernet frame header	if-match l2-protocol { arp \| ip \| mpls \| rarp \| protocol-value }	-
All packets	if-match any	-
DSCP priority in IP packets	if-match dscp dscp-value &<1-8>	If you enter multiple DSCP priority values in the command, packets match the traffic classifier as long as they match one DSCP priority value, regardless of whether the relationship between rules in the traffic classifier is AND or OR. If the relationship between rules in a traffic classifier is AND, the if-match dscp and if-match ip-precedence commands cannot be configured in the traffic classifier simultaneously.
IP precedence in IP packets	if-match ip-precedence ip-precedence-value &<1-8>	If the relationship between rules in a traffic classifier is AND, the if-match dscp and if-match ip-precedence commands cannot be configured in the traffic classifier simultaneously. If you enter multiple IP priority values in the command, packets match the traffic classifier as long as they match one IP priority value, regardless of whether the relationship between rules in the traffic classifier is AND or OR.
Layer 3 protocol type	if-match protocol { ip \| ipv6 }	-
SYN Flag in the TCP packet header	if-match tcp syn-flag { syn-flag-value \| ack \| fin \| psh \| rst \| syn \| urg }	-
Inbound interface	if-match inbound-interface interface-type interface-number	A traffic policy containing such a matching rule cannot be applied to the outbound direction, nor can it be applied to an interface view.
ACL rule	if-match acl { acl-number \| acl-name } NOTE: To use an ACL in a traffic classifier, you are advised to configure rules in the ACL first.	If an ACL used in a traffic classifier has multiple rules, packets match the ACL as long as they match any one of rules in the ACL, regardless of whether the relationship between rules in the traffic classifier is AND or OR.
ACL6 rule	if-match ipv6 acl { acl-number \| acl-name } NOTE: To use an ACL6 in a traffic classifier, you are advised to configure rules in the ACL6 first.	-

Run quit

Exit from the traffic classifier view.

Configure a traffic behavior.
1. Run traffic behavior behavior-name
  A traffic behavior is created and the traffic behavior view is displayed.
2. Run the following commands as required:
  - To re-mark the 802.1p priority field of packets matching the traffic classifier, run the remark 8021p 8021p-value command.
    
    If a traffic policy containing remark 8021p is applied to the outbound direction on an interface, the VLAN of the outbound interface must work in tagged mode.
  - To re-mark the DSCP priority field of packets matching the traffic classifier, run the remark dscp { dscp-name | dscp-value } command.
  - To re-mark the local priority field of packets matching the traffic classifier, run the remark local-precedence { local-precedence-name | local-precedence-value } command.
  - To re-mark the IP precedence field of packets matching the traffic classifier, run the remark ip-precedence ip-precedence command.
3. Run quit
  Exit from the traffic behavior view.
Configure a traffic policy.
1. Run traffic policy policy-name
  
  A traffic policy is created and the traffic policy view is displayed, or the view of an existing traffic policy is displayed.
2. Run classifier classifier-name behavior behavior-name
  
  A traffic behavior is bound to a traffic classifier in the traffic policy.
3. Run quit
  
  Exit from the traffic policy view.
Apply the traffic policy.

Applying a traffic policy consumes ACL resources. If there are not sufficient ACL resources, a traffic policy may fail to be applied. For example, an if-match rule in a traffic policy occupies an ACL. When the traffic policy is applied to M interfaces, M ACLs are occupied. When a traffic policy is applied to L VLANs, L ACLs are occupied. When a traffic policy is applied to the system, one ACL is occupied. For details about ACLs occupied by if-match rules, see Table 3 in "Licensing Requirements and Limitations for MQC" of MQC Configuration.
- Applying a traffic policy to an interface
  1. Run interface interface-type interface-number
    
    The interface view is displayed.
  2. Run traffic-policy policy-name { inbound | outbound }
    
    A traffic policy is applied to the interface.
    
    A traffic policy can be applied to only one direction on an interface but can be applied to different directions on different interfaces. After a traffic policy is applied to an interface, the system performs traffic policing for all the incoming or outgoing packets that match traffic classification rules on the interface.
    
    It is not recommended to use the traffic policy containing remark 8021p and remark vlan-id in the outbound direction of an untagged interface. This configuration may cause incorrect information in the packets.
- Applying a traffic policy to a VLAN
  1. Run vlan vlan-id
    
    The VLAN view is displayed.
  2. Run traffic-policy policy-name { inbound | outbound }
    
    A traffic policy is applied to the VLAN.
    
    Only one traffic policy can be applied to a VLAN in the inbound or outbound direction.
    
    After a traffic policy is applied a VLAN, the system performs traffic policing for the packets that belong to the VLAN and match traffic classification rules in the inbound or outbound direction.
- Applying a traffic policy to the system
  1. Run traffic-policy policy-name global { inbound | outbound } [ slot slot-id ]
    
    A traffic policy is applied to the system.
    
    Only one traffic policy can be applied to the system or slot in one direction. A traffic policy cannot be applied to the same direction in the system and slot simultaneously.
    - In a stack, a traffic policy that is applied to the system takes effect on all the interfaces and VLANs of all the member switches in the stack. The system then performs traffic policing for all the incoming and outgoing packets that match traffic classification rules on all the member switches. A traffic policy that is applied to a specified slot takes effect on all the interfaces and VLANs of the member switch with the specified stack ID. The system then performs traffic policing for all the incoming and outgoing packets that match traffic classification rules on this member switch.
    - On a standalone switch, a traffic policy that is applied to the system takes effect on all the interfaces and VLANs of the local switch. The system then performs traffic policing for all the incoming and outgoing packets that match traffic classification rules on the local switch. Traffic policies applied to the slot and system have the same functions.

Verifying the Configuration

Run the display traffic classifier user-defined [ classifier-name ] command to check the traffic classifier configuration.
Run the display traffic behavior user-defined [ behavior-name ] command to check the traffic behavior configuration.
Run the display traffic policy user-defined [ policy-name [ classifier classifier-name ] ] command to check the user-defined traffic policy configuration.
Run the display traffic-applied [ interface [ interface-type interface-number ] | vlan [ vlan-id ] ] { inbound | outbound } [ verbose ] command to check information about ACL-based simplified and MQC-based traffic policies applied to the system, a VLAN, or an interface.
Run the display traffic policy { interface [ interface-type interface-number ] | vlan [ vlan-id ] | global } [ inbound | outbound ] command to check the traffic policy configuration.
Run the display traffic-policy applied-record [ policy-name ] command to check the application record of a specified traffic policy.