HPE Community
Switches, Hubs, and Modems
1752550 Members
4908 Online
108788 Solutions
New Discussion юеВ

Re: Using ACL to ID traffic by port on 2610 and mark with certain DSCP values

 
Bill Petersen
New Member

тАО10-07-2010 10:21 AM

тАО10-07-2010 10:21 AM

Using ACL to ID traffic by port on 2610 and mark with certain DSCP values

Hello,
I have a need to use ACL's to ID traffic coming into ports on my 2610 by TCP and UDP port and to mark that traffic with certain DSCP values so that my MPLS provider will process the traffic correctly.
Could you please point me to examples that would address that or let me know if you cant do that with the 2610.
thanks
0 Kudos
3 REPLIES 3
Natasha Samoylenko
Trusted Contributor

тАО10-07-2010 12:18 PM

тАО10-07-2010 12:18 PM

Re: Using ACL to ID traffic by port on 2610 and mark with certain DSCP values

With 2610 you can only classify traffic based on ONE parameter: IP address, IP Type of Service (ToS), L3 protocol, TCP/UDP port number, source port, or DiffServ.
And you can mark traffic with DSCP and 802.1p values.
Command syntax:
qos dscp

For example:
qos tcp-port 80 dscp 000101

Use can find some examples in Advanced Traffic Guide
http://cdn.procurve.com/training/Manuals/2610-AdvTrafficMgmt-Dec2007-59918641.pdf
"Assigning a DSCP Policy Based on TCP or UDP Port Number"

If you want to combine few parameters, for example, IP and TCP port, you can't do this with 2610.
But you can use layer 3 switches (3500, 5400 etc) with Classifier-Based Policy.
0 Kudos
Bill Petersen
New Member

тАО10-07-2010 12:24 PM

тАО10-07-2010 12:24 PM

Re: Using ACL to ID traffic by port on 2610 and mark with certain DSCP values

Thanks for the Reply

So if you mark traffic of a certain TCP port number with a DSCP value, is that done globally on ingress of any traffic coming into a port on the switch before egress out another port?

Is it a global command?

Do you need to enable qos globally first before issueing the
qos tcp-port XX dscp XXX command ?

thanks

0 Kudos
Natasha Samoylenko
Trusted Contributor

тАО10-07-2010 09:43 PM

тАО10-07-2010 09:43 PM

Re: Using ACL to ID traffic by port on 2610 and mark with certain DSCP values

1. You need to enable recognition of ToS field in IP packet as DiffServ:
sw1(config)# qos type-of-service diff-services

2. Configure DSCP Policy (dscp-map) to associate DSCP value and 802.1p priority (you must create dscp-map before you can assign DSCP value, before third command):
sw1(config)# qos dscp-map 000101 priority 5

3. Assign DSCP value:
sw1(config)# qos tcp-port 80 dscp 000101

All commands are global.
Traffic classified on ingress in any switch port and marked. On egress port its placed in appropriate queue.

ProCurve switch assign port queue for traffic based on 802.1p priority values.
So if you need to place packets with dscp 000101 in medium queue, you must create a dscp-map (second command). After that switch knows that this traffic corresponds to Medium queue.

Port Queue and 802.1p Priority Values:
Low (1 - 2)
Normal (0, 3)
Medium (4 - 5)
High (6 - 7)


By default switch have association:
queue Medium <--> 802.1p value 4 or 5

The second command create association:
DSCP 000101 <--> 802.1p value 5

The third command create association:
TCP port 80 <--> DSCP 000101

Third command actually create 2 rules:
for traffic which goes FROM TCP port 80 and TO TCP port 80.

You can check all configurations you made with this commands:
Displays how switch recognise ToS field:
show qos type-of-service

Displays the DSCP Policy Table:
show qos dscp-map

Displays a listing of all TCP and UDP QoS classifiers currently in the running-config file:
show qos tcp-udp-port-priority

Hope this helps
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.