- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Re: Using ACL to ID traffic by port on 2610 and ma...
Switches, Hubs, and Modems
1752550
Members
4908
Online
108788
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-07-2010 10:21 AM
тАО10-07-2010 10:21 AM
Using ACL to ID traffic by port on 2610 and mark with certain DSCP values
Hello,
I have a need to use ACL's to ID traffic coming into ports on my 2610 by TCP and UDP port and to mark that traffic with certain DSCP values so that my MPLS provider will process the traffic correctly.
Could you please point me to examples that would address that or let me know if you cant do that with the 2610.
thanks
I have a need to use ACL's to ID traffic coming into ports on my 2610 by TCP and UDP port and to mark that traffic with certain DSCP values so that my MPLS provider will process the traffic correctly.
Could you please point me to examples that would address that or let me know if you cant do that with the 2610.
thanks
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-07-2010 12:18 PM
тАО10-07-2010 12:18 PM
Re: Using ACL to ID traffic by port on 2610 and mark with certain DSCP values
With 2610 you can only classify traffic based on ONE parameter: IP address, IP Type of Service (ToS), L3 protocol, TCP/UDP port number, source port, or DiffServ.
And you can mark traffic with DSCP and 802.1p values.
Command syntax:
qos dscp
For example:
qos tcp-port 80 dscp 000101
Use can find some examples in Advanced Traffic Guide
http://cdn.procurve.com/training/Manuals/2610-AdvTrafficMgmt-Dec2007-59918641.pdf
"Assigning a DSCP Policy Based on TCP or UDP Port Number"
If you want to combine few parameters, for example, IP and TCP port, you can't do this with 2610.
But you can use layer 3 switches (3500, 5400 etc) with Classifier-Based Policy.
And you can mark traffic with DSCP and 802.1p values.
Command syntax:
qos
For example:
qos tcp-port 80 dscp 000101
Use can find some examples in Advanced Traffic Guide
http://cdn.procurve.com/training/Manuals/2610-AdvTrafficMgmt-Dec2007-59918641.pdf
"Assigning a DSCP Policy Based on TCP or UDP Port Number"
If you want to combine few parameters, for example, IP and TCP port, you can't do this with 2610.
But you can use layer 3 switches (3500, 5400 etc) with Classifier-Based Policy.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-07-2010 12:24 PM
тАО10-07-2010 12:24 PM
Re: Using ACL to ID traffic by port on 2610 and mark with certain DSCP values
Thanks for the Reply
So if you mark traffic of a certain TCP port number with a DSCP value, is that done globally on ingress of any traffic coming into a port on the switch before egress out another port?
Is it a global command?
Do you need to enable qos globally first before issueing the
qos tcp-port XX dscp XXX command ?
thanks
So if you mark traffic of a certain TCP port number with a DSCP value, is that done globally on ingress of any traffic coming into a port on the switch before egress out another port?
Is it a global command?
Do you need to enable qos globally first before issueing the
qos tcp-port XX dscp XXX command ?
thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-07-2010 09:43 PM
тАО10-07-2010 09:43 PM
Re: Using ACL to ID traffic by port on 2610 and mark with certain DSCP values
1. You need to enable recognition of ToS field in IP packet as DiffServ:
sw1(config)# qos type-of-service diff-services
2. Configure DSCP Policy (dscp-map) to associate DSCP value and 802.1p priority (you must create dscp-map before you can assign DSCP value, before third command):
sw1(config)# qos dscp-map 000101 priority 5
3. Assign DSCP value:
sw1(config)# qos tcp-port 80 dscp 000101
All commands are global.
Traffic classified on ingress in any switch port and marked. On egress port its placed in appropriate queue.
ProCurve switch assign port queue for traffic based on 802.1p priority values.
So if you need to place packets with dscp 000101 in medium queue, you must create a dscp-map (second command). After that switch knows that this traffic corresponds to Medium queue.
Port Queue and 802.1p Priority Values:
Low (1 - 2)
Normal (0, 3)
Medium (4 - 5)
High (6 - 7)
By default switch have association:
queue Medium <--> 802.1p value 4 or 5
The second command create association:
DSCP 000101 <--> 802.1p value 5
The third command create association:
TCP port 80 <--> DSCP 000101
Third command actually create 2 rules:
for traffic which goes FROM TCP port 80 and TO TCP port 80.
You can check all configurations you made with this commands:
Displays how switch recognise ToS field:
show qos type-of-service
Displays the DSCP Policy Table:
show qos dscp-map
Displays a listing of all TCP and UDP QoS classifiers currently in the running-config file:
show qos tcp-udp-port-priority
Hope this helps
sw1(config)# qos type-of-service diff-services
2. Configure DSCP Policy (dscp-map) to associate DSCP value and 802.1p priority (you must create dscp-map before you can assign DSCP value, before third command):
sw1(config)# qos dscp-map 000101 priority 5
3. Assign DSCP value:
sw1(config)# qos tcp-port 80 dscp 000101
All commands are global.
Traffic classified on ingress in any switch port and marked. On egress port its placed in appropriate queue.
ProCurve switch assign port queue for traffic based on 802.1p priority values.
So if you need to place packets with dscp 000101 in medium queue, you must create a dscp-map (second command). After that switch knows that this traffic corresponds to Medium queue.
Port Queue and 802.1p Priority Values:
Low (1 - 2)
Normal (0, 3)
Medium (4 - 5)
High (6 - 7)
By default switch have association:
queue Medium <--> 802.1p value 4 or 5
The second command create association:
DSCP 000101 <--> 802.1p value 5
The third command create association:
TCP port 80 <--> DSCP 000101
Third command actually create 2 rules:
for traffic which goes FROM TCP port 80 and TO TCP port 80.
You can check all configurations you made with this commands:
Displays how switch recognise ToS field:
show qos type-of-service
Displays the DSCP Policy Table:
show qos dscp-map
Displays a listing of all TCP and UDP QoS classifiers currently in the running-config file:
show qos tcp-udp-port-priority
Hope this helps
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP