< Home

Example for Configuring Rate Limiting for Users on Different Network Segments

Networking Requirements

As shown in Figure 1, the Switch connects to the router through GE0/0/3, and the users connect to the Internet through the Switch and router.

Users on different floors connect to the network through different access switches and belong to different network segments. Different bandwidth needs to be provided for users on different network segments. The users belonging to the same network segment share the bandwidth.

Table 1 describes the QoS requirements.

Table 1 QoS guarantee for uplink traffic on the Switch

User

CIR (kbit/s)

PIR (kbit/s)

All users on the first floor

4000

10000

All users on the second floor

6000

10000
Figure 1 Networking of rate limiting for users on different network segments

Configuration Roadmap

The configuration roadmap is as follows:
  1. Create VLANs and configure interfaces to enable the users to connect to the Internet through the Switch.
  2. Configure ACLs to match different network segments on the Switch.
  3. Configure traffic classifiers and apply the ACLs to the traffic classifiers on the Switch.
  4. Configure traffic behaviors on the Switch to limit the rates of packets from users on different floors.
  5. Configure a traffic policy on the Switch, associate the traffic behaviors with the traffic classifiers in the traffic policy, and apply the traffic policy to the interface on the Switch connected to the router.

Procedure

  1. Create VLANs and configure interfaces.

    # Create VLAN 100 and VLAN 200 on the Switch.

    <HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] vlan batch 100 200

    # Configure GE0/0/1 and GE0/0/2 as trunk interfaces and add them to VLAN 100 and VLAN 200. Configure GE0/0/3 as a trunk interface and add it to VLAN 100 and VLAN 200.

    [Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] port link-type trunk
[Switch-GigabitEthernet0/0/1] port trunk allow-pass vlan 100
[Switch-GigabitEthernet0/0/1] quit
[Switch] interface gigabitethernet 0/0/2
[Switch-GigabitEthernet0/0/2] port link-type trunk
[Switch-GigabitEthernet0/0/2] port trunk allow-pass vlan 200
[Switch-GigabitEthernet0/0/2] quit
[Switch] interface gigabitethernet 0/0/3
[Switch-GigabitEthernet0/0/3] port link-type trunk
[Switch-GigabitEthernet0/0/3] port trunk allow-pass vlan 100 200
[Switch-GigabitEthernet0/0/3] quit

  2. Configure ACLs.

    # Configure ACLs to match different network segments.
    [Switch] acl 2000
[Switch-acl-basic-2000] rule permit source 192.168.1.0 0.0.0.255
[Switch-acl-basic-2000] quit
[Switch] acl 2001
[Switch-acl-basic-2001] rule permit source 192.168.2.0 0.0.0.255
[Switch-acl-basic-2001] quit

  3. Configure traffic classifiers.

    # Configure traffic classifiers c1 and c2 on the Switch to classify packets from users in different floors.

    [Switch] traffic classifier c1 operator and
[Switch-classifier-c1] if-match acl 2000
[Switch-classifier-c1] quit
[Switch] traffic classifier c2 operator and
[Switch-classifier-c2] if-match acl 2001
[Switch-classifier-c2] quit

  4. Configure traffic behaviors.

    # Create traffic behaviors b1 and b2 on the Switch to limit the rates of different service flows.

    [Switch] traffic behavior b1
[Switch-behavior-b1] car cir 4000 pir 10000 green pass
[Switch-behavior-b1] quit
[Switch] traffic behavior b2
[Switch-behavior-b2] car cir 6000 pir 10000 green pass
[Switch-behavior-b2] quit

  5. Configure a traffic policy and apply the traffic policy to the interface connected to the router.

    # Create a traffic policy named p1 on the Switch, associate traffic classifiers with traffic behaviors in the traffic policy, and apply the traffic policy to the outbound direction of GE0/0/3 to police packets.

    [Switch] traffic policy p1
[Switch-trafficpolicy-p1] classifier c1 behavior b1
[Switch-trafficpolicy-p1] classifier c2 behavior b2
[Switch-trafficpolicy-p1] quit
[Switch] interface gigabitethernet 0/0/3
[Switch-GigabitEthernet0/0/3] traffic-policy p1 outbound
[Switch-GigabitEthernet0/0/3] quit

  6. Verify the configuration.

    # View the traffic classifier configuration.

    [Switch] display traffic classifier user-defined
  User Defined Classifier Information:                                          
   Classifier: c2                                                               
    Operator: AND                                                               
    Rule(s) : if-match acl 2001                                                 
                                                                                
   Classifier: c1                                                               
    Operator: AND                                                               
    Rule(s) : if-match acl 2000                                                 
                                                                                
Total classifier number is 2

    # View the traffic policy configuration.

    [Switch] display traffic policy user-defined p1
  User Defined Traffic Policy Information:                                      
  Policy: p1                                                                    
   Classifier: c1                                                               
    Operator: AND                                                               
     Behavior: b1                                                               
      Committed Access Rate:                                                    
        CIR 4000 (Kbps), CBS 500000 (Byte)                                      
        PIR 10000 (Kbps), PBS 1250000 (Byte)                                    
        Green Action   : pass                                                   
        Yellow Action  : pass                                                   
        Red Action     : discard                                                
   Classifier: c2                                                               
    Operator: AND                                                               
     Behavior: b2                                                               
      Committed Access Rate:                                                    
        CIR 6000 (Kbps), CBS 750000 (Byte)                                      
        PIR 10000 (Kbps), PBS 1250000 (Byte)                                    
        Green Action   : pass                                                   
        Yellow Action  : pass                                                   
        Red Action     : discard

Configuration Files

  • Switch configuration file

    #
sysname Switch
#
vlan batch 100 200
#
acl number 2000  
 rule 5 permit source 192.168.1.0 0.0.0.255 
acl number 2001  
 rule 5 permit source 192.168.2.0 0.0.0.255 
#
traffic classifier c1 operator and
 if-match acl 2000
traffic classifier c2 operator and
 if-match acl 2001
#
traffic behavior b1
 car cir 4000 pir 10000 cbs 500000 pbs 1250000 green pass yellow pass red discard
traffic behavior b2
 car cir 6000 pir 10000 cbs 750000 pbs 1250000 green pass yellow pass red discard
#
traffic policy p1 match-order config
 classifier c1 behavior b1
 classifier c2 behavior b2
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 100
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 200
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 100 200
 traffic-policy p1 outbound
#
return

Relevant Information

Video

Configure IP Subnet-based Rate Limiting

Parent Topic: Configuration Examples for Traffic Policing, Traffic Shaping, and Interface-based Rate Limiting
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >