Configuring QoS actions in a policy
In QoS policy-configuration mode, you define the actions to be applied to a pre-configured IPv4 or IPv6 traffic class when a packet matches the
match
criteria in the class. Note: Actions are not executed on packets that match
ignore
criteria. You can enter multiple action statements in a traffic class, including the default class.
The following commands are supported in a QoS policy configuration:
rate-limit
Configures the rate limit for matching packets.
ip-precedence
Configures (marks) the IP precedence bits in the ToS byte of IPv4 packet headers and Traffic Class byte of IPv6 headers.
dscp
Configures the DSCP bits in the IPv4 ToS byte and IPv6 Traffic Class byte of packet headers.
priority
Configures the 802.1p class of service (CoS) priority in Layer 2 frame headers.
For information on the difference between the DSCP bits and precedence bits in the ToS byte of an IPv4 header and the Traffic Class byte of an IPv6 header.
Context: Global configuration
Syntax:
no [seq-number] class [ipv4 | ipv6] classname action qos-action [action qosaction ...]
In a QoS policy configuration, the
qos-action
parameter can be any of the following commands:
Syntax
rate-limit kbps
Configures the maximum transmission rate for matching packets in a specified traffic class. All packets that exceed the configured limit are dropped.
The rate limit is specified in kilobits per second, where
kbps
is a value from 0 to 10000000.
- Rate limiting usage
Rate limit values below 13 kbps may result in unpredictable rate limiting behavior. Configuring a rate limit of 0 (zero) kilobits on a port blocks all traffic on the port. If blocking all traffic is the desired behavior, HPE recommends that you configure
deny
ACL instead configuring a rate limit of 0. A rate limit that you apply with a classifier-based policy overrides any globally-configured per-port rate limit on the selected packets.For more information on per-port rate limiting, see the ArubaOS-Switch Management and Configuration Guide for your switch.
- Rate limiting restrictions
A rate limit is calculated on a per-module or per port-bank basis. If trunked ports or VLANs with a configured rate limit span multiple modules or port-banks, the configured rate limit is not guaranteed. A QoS policy that uses the
class action rate-limit
command is not supported on a port interface on which ICMP rate limiting has already been globally configured. To apply the QoS policy, you must first disable the ICMP rate limiting configuration. In cases where you want to maintain an ICMP rate limiting configuration, configure a class in which you specify the necessary match statements for ICMP traffic, and a QoS policy in which you configure the rate limit action for the class.See the ArubaOS-Switch Multicast and Routing Guide for your switch for more information.
priority
priority-value
Configures the 802.1p class of service (CoS) bits in Layer 2 frames of matching packets in a specified traffic class. Valid CoS values range from 0 to 7. The 802.1p CoS value controls the outbound port-queue priority for traffic leaving the switch. In an 802.1Q VLAN network, downstream devices may honor or change the 802.1p priority in incoming packets. 802.1p priority settings and outbound queue assignment shows how the Layer 2 802.1p priority value determines to which outbound port queue a packet is sent both on the switch and on a downstream device. The 802.1p CoS numeric value (from 0 to 7) corresponds to the hexadecimal equivalent of the three binary 0 and 1 bit settings in the Layer 2 header. For example if the CoS bit values are
1 1 1
, the numeric value is7
(1+2+4). Similarly, if the CoS bits are0 1 1
, the numeric value is3
(1+2+0).NOTE:If you want the 802.1p CoS priority settings included in outbound packets to be honored on downstream devices, configure tagged VLANs on the appropriate inbound and outbound ports.
ip-precedence precedence-value
- Configures the IP precedence value in the IPv4 ToS byte or IPv6 Traffic Class byte of matching packets in a specified traffic class. Valid IP precedence values are either a numeric value from 0 (low priority) to 7 (high priority) or its corresponding name:802.1p priority settings and outbound queue assignment shows how the Layer 2 802.1p priority value determines to which outbound port queue a packet is sent.
0
routine
1
priority
2
immediate
3
flash
4
flash-override
5
critical
6
internet (for internetwork control)
7
network (for network control)
IP precedence-to-802.1p priority mapping shows the 802.1p priority value (0 to 7) associated, by default, with each IP Precedence three-bit setting and automatically assigned by the switch to the Layer 2 header of matching packets.
dscp dscp-value
Configures the DSCP codepoint in the IPv4 ToS byte or IPv6 Traffic Class byte of matching packets in a specified traffic class. Valid values for the DSCP codepoint are any of the following:
- A binary eight-bit set (such as
100110
). - A decimal value from
0
(low priority) to63
(high priority) that corresponds to a binary DSCP bit set. - The ASCII standard name for a binary DSCP bit set:
af11
(001010)
af42
(100100)
af12
(001100)
af43
(100110)
af13
(001110)
ef
(101110)
af21
(010010)
cs1
(001000) = precedence 1
af22
(010100)
cs2
(010000) = precedence 2
af23
(010110)
cs3
(011000) = precedence 3
af31
(011010)
cs4
(100000) = precedence 4
af32
(011100)
cs5
(101000) = precedence 5
af33
(011110)
cs6
(110000) = precedence 6
af41
(100010)
cs7
(111000) = precedence 7
default
(000000)
Prerequisite
The DSCP value you enter must already be configured with an 802.1p priority in the DSCP Policy table before you can use it to mark matching packets.
NOTE:DSCP-802.1p Mapping: The 802.1p priority currently associated with each DSCP codepoint is stored in the DSCP Policy table (displayed with the
show qos dscp-map
command. Certain DSCP codepoints have 802.1p priorities assigned by default. The 802.1p priority mapped to a DSCP codepoint is automatically applied in matching packets whose codepoint is reset with theclass action dscp
command in a QoS policy.- A binary eight-bit set (such as