Users Guide
Until Release 9.3(0.0), the software has the capability to qualify only on the 6-bit DSCP part of the ToS field in IPv4 Header. You can now
accept and process incoming packets based on the 2-bit ECN part of the ToS field in addition to the DSCP categorization. The IPv4 ACLs
(standard and Extended) are enhanced to add this qualifier. This new keyword ‘ecn’ is present for all L3 ACL types (TCP/UDP/IP/ICMP)
at the level where the ‘DSCP’ qualifier is positioned in the current ACL commands.
Dell Networking OS supports the capability to contain DSCP and ECN classifiers simultaneously for the same ACL entry.
You can use the ecn keyword with the ip access-list standard, ip access-list extended, seq, and permit commands for standard and
extended IPv4 ACLs to match incoming packets with the specified ECN values.
Similar to ‘dscp’ qualifier in the existing L3 ACL command, the ‘ecn’ qualifier can be used along with all other supported ACL match
qualifiers such as SIP/DIP/TCP/UDP/SRC PORT/DST PORT/ ICMP.
Until Release 9.3(0.0), ACL supports classification based on the below TCP flags:
• ACK
• FIN
• SYN
• PSH
• RST
• URG
You can now use the ‘ecn’ match qualifier along with the above TCP flag for classification.
The following combination of match qualifiers is acceptable to be configured for the Dell Networking OS software through L3 ACL
command:
• Classification based on DSCP only
• Classification based on ECN only
• Classification based on ECN and DSCP concurrently
You can now use the set-color yellow keyword with the match ip access-group command to mark the color of the traffic as ‘yellow’ would
be added in the ‘match ip’ sequence of the class-map configuration.
By default, all packets are considered as ‘green’ (without the rate-policer and trust-diffserve configuration) and hence support would be
provided to mark the packets as ‘yellow’ alone will be provided.
By default Dell Networking OS drops all the ‘RED’ or ‘violate’ packets.
The following combination of marking actions to be specified match sequence of the class-map command:
• set a new DSCP for the packet
• set the packet color as ‘yellow’
• set the packet color as ‘yellow’ and set a new DSCP for the packet
This marking action to set the color of the packet is allowed only on the ‘match-any’ logical operator of the class-map.
This marking-action can be configured for all of the below L3 match sequence types:
• match ip access-group
• match ip dscp
• match ip precedence
• match ip vlan
Sample configuration to mark non-ecn packets as “yellow”
with single traffic class
Consider the use case where the packet with DSCP value “40” need to be enqueued in queue#2 and packets with DSCP value as 50 need
to be enqueued in queue#3. And all the packets with ecn value as ‘0’ must be marked as ‘yellow’.
The above requirement can be achieved using either of the two approaches.
The above requirement can be achieved using either of the two approaches.
Approach without explicit ECN match qualifiers for ECN packets:
!
ip access-list standard dscp_50
seq 5 permit any dscp 50
!
ip access-list standard dscp_40
Quality of Service (QoS)
635