HP Unified Wired-WLAN Products ACL and QoS Command Reference HP 830 Unified Wired-WLAN PoE+ Switch Series HP 850 Unified Wired-WLAN Appliance HP 870 Unified Wired-WLAN Appliance HP 11900/10500/7500 20G Unified Wired-WLAN Module Part number: 5998-4780 Software version: 3507P22 (HP 830 PoE+ Switch Series) 2607P22 (HP 850 Appliance) 2607P22 (HP 870 Appliance) 2507P22 (HP 11900/10500/7500 20G Module) Document version: 6W101-20140418
Legal and notice information © Copyright 2014 Hewlett-Packard Development Company, L.P. No part of this documentation may be reproduced or transmitted in any form or by any means without prior written consent of Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Contents ACL configuration commands ····································································································································· 1 acl ·············································································································································································· 1 acl copy ······················································································································································
Port priority and priority trust mode commands ········································································································· 52 qos priority ····························································································································································· 52 display qos trust interface ····································································································································· 53 qos trust ·······
ACL configuration commands acl Use acl to create a WLAN, WLAN-AP, IPv4 basic, IPv4 advanced, or Ethernet frame header ACL, and enter its view. If the ACL has been created, you directly enter its view. Use undo acl to delete the specified ACLs. Syntax acl number acl-number [ name acl-name ] [ match-order { auto | config } ] undo acl { all | name acl-name | number acl-number } Default WLAN ACL 199 exists.
You can change match order only for ACLs that do not contain any rules. To display any ACLs you have created, use the display acl command. Examples # Create IPv4 basic ACL 2000, and enter its view. system-view [Sysname] acl number 2000 [Sysname-acl-basic-2000] # Create IPv4 basic ACL 2001 with the name flow, and enter its view.
name dest-acl-name: Assigns a unique name to the ACL you are creating. The dest-acl-name is a case-insensitive string of 1 to 63 characters. It must start with an English letter, and to avoid confusion, it cannot be all. For this ACL, the system automatically picks the smallest number from all available numbers in the same ACL category as the source ACL. The name option is not available for WLAN ACLs and WLAN-AP ACLs. Usage guidelines You can assign a name to an ACL only when you create it.
Usage guidelines You can assign a name to an ACL only when you create it. After an ACL is created, you cannot rename it or remove its name. You can change match order only for ACLs that do not contain any rules. To display any ACLs you have created, use the display acl ipv6 command. Examples # Create IPv6 basic ACL 2000 and enter its view. system-view [Sysname] acl ipv6 number 2000 [Sysname-acl6-basic-2000] # Create IPv6 basic ACL 2001 with the name flow, and enter its view.
Usage guidelines You can assign a name to an ACL only when you create it. After an ACL is created with a name, you cannot rename it or remove its name. Examples # Create IPv6 basic ACL 2002 by copying IPv6 basic ACL 2001. system-view [Sysname] acl ipv6 copy 2001 to 2002 acl ipv6 name Use acl ipv6 name to enter the view of an IPv6 basic or IPv6 advanced ACL that has a name.
Parameters acl-name: Specifies an IPv4 basic, IPv4 advanced, or Ethernet frame header ACL name, a case-insensitive string of 1 to 63 characters. It must start with an English letter. The ACL must already exist. Examples # Enter the view of IPv4 basic ACL flow. system-view [Sysname] acl name flow [Sysname-acl-basic-2001-flow] Related commands acl description Use description to configure a description for an ACL. Use undo description to remove the ACL description.
display acl Use display acl to display configuration and match statistics for WLAN, WLAN-AP, IPv4 basic, IPv4 advanced, and Ethernet frame header ACLs.
rule 5 permit source 2.2.2.2 0 rule 0 permit Table 1 Command output Field Description Basic ACL 2000 Category and number of the ACL. The following field information is about IPv4 basic ACL 2000. named flow The name of the ACL is flow. "-none-" means the ACL is not named. This field is not present for a WLAN or WLAN-AP ACL. 2 rules The ACL contains two rules. match-order is auto The match order for the ACL is auto, which sorts ACL rules in depth-first order.
• 3000 to 3999 for IPv6 advanced ACLs all: Displays information for all IPv6 basic and IPv6 advanced ACLs. name acl6-name: Specifies an ACL by its name. The acl6-name argument is a case-insensitive string of 1 to 63 characters. It must start with an English letter. |: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
display time-range Use display time-range to display the configuration and status of the specified time range or all time ranges. Syntax display time-range { time-range-name | all } [ | { begin | exclude | include } regular-expression ] Views Any view Default command level 1: Monitor level Parameters time-range-name: Specifies a time range name, a case-insensitive string of 1 to 32 characters. It must start with an English letter. all: Displays the configuration and status of all existing time ranges.
Syntax reset acl counter { acl-number | all | name acl-name } Views User view Default command level 2: System level Parameters acl-number: Specifies an ACL by its number: • 100 to 199 for WLAN ACLs • 200 to 299 for WLAN-AP ACLs • 2000 to 2999 for IPv4 basic ACLs • 3000 to 3999 for IPv4 advanced ACLs • 4000 to 4999 for Ethernet frame header ACLs all: Clears statistics for all WLAN, WLAN-AP, IPv4 basic, IPv4 advanced, and Ethernet frame header ACLs. name acl-name: Specifies an ACL by its name.
Examples # Clear statistics for IPv6 basic ACL 2001. reset acl ipv6 counter 2001 Related commands display acl ipv6 rule (Ethernet frame header ACL view) Use rule to create or edit an Ethernet frame header ACL rule. You can edit ACL rules only when the match order is config. Use undo rule to delete an Ethernet frame header ACL rule or some attributes in the rule. If no optional keywords are provided, this command deletes the entire rule.
type protocol-type protocol-type-mask: Matches one or more protocols in the Ethernet frame header. The protocol-type argument is a 16-bit hexadecimal number that represents a protocol type in Ethernet_II and Ethernet_SNAP frames. The protocol-type-mask argument is a 16-bit hexadecimal number that represents a protocol type mask. source-mac source-address source-mask: Matches a source MAC address range.
undo rule rule-id [ { { ack | fin | psh | rst | syn | urg } * | established } | counting | destination | destination-port | dscp | icmp-type | precedence | reflective | source | source-port | time-range | tos ] * Default An IPv4 advanced ACL does not contain any rule. Views IPv4 advanced ACL view Default command level 2: System level Parameters rule-id: Specifies a rule ID in the range of 0 to 65534. If no rule ID is provided when you create an ACL rule, the system automatically assigns it a rule ID.
Parameters Function Description Specifies a ToS preference The tos argument can be a number in the range of 0 to 15, or in words, max-reliability (2), max-throughput (4), min-delay (8), min-monetary-cost (1), or normal (0).
Parameters Function { ack ack-value | fin fin-value | psh psh-value | rst rst-value | syn syn-value | urg urg-value } * Specifies one or more TCP flags including ACK, FIN, PSH, RST, SYN, and URG. established Specifies the flags for indicating the established status of a TCP connection. Description Parameters specific to TCP. The value for each argument can be 0 (flag bit not set) or 1 (flag bit set). The TCP flags in a rule are ORed.
ICMP message name ICMP message type ICMP message code source-route-failed 3 5 timestamp-reply 14 0 timestamp-request 13 0 ttl-exceeded 11 0 Usage guidelines Within an ACL, the permit or deny statement of each rule must be unique. If the ACL rule you are creating or editing has the same deny or permit statement as another rule in the ACL, your creation or editing attempt fails. To view rules in an ACL and their rule IDs, use the display acl all command.
rule (IPv4 basic ACL view) Use rule to create or edit an IPv4 basic ACL rule. You can edit ACL rules only when the match order is config. Use undo rule to delete an entire IPv4 basic ACL rule or some attributes in the rule. If no optional keywords are provided, this command deletes the entire rule. If optional keywords or arguments are provided, this command deletes the specified attributes.
[Sysname] acl number 2000 [Sysname-acl-basic-2000] rule permit source 10.0.0.0 0.255.255.255 [Sysname-acl-basic-2000] rule permit source 172.17.0.0 0.0.255.255 [Sysname-acl-basic-2000] rule permit source 192.168.1.0 0.0.0.255 [Sysname-acl-basic-2000] rule deny source any Related commands • acl • display acl • step • time-range rule (IPv6 advanced ACL view) Use rule to create or edit an IPv6 advanced ACL rule. You can edit ACL rules only when the match order is config.
• A protocol by its name: gre (47), icmpv6 (58), ipv6, ipv6-ah (51), ipv6-esp (50), ospf (89), tcp (6), or udp (17). The ipv6 keyword specifies all protocols. Table 8 describes the parameters that you can specify regardless of the value for the protocol argument. Table 8 Match criteria and other rule information for IPv6 advanced ACL rules Parameters Function Description source { source-address source-prefix | source-address/so urce-prefix | any } Specifies a source IPv6 address.
Table 9 TCP/UDP-specific parameters for IPv6 advanced ACL rules Parameters Function Description source-port operator port1 [ port2 ] Specifies one or more UDP or TCP source ports. The operator argument can be lt (lower than), gt (greater than), eq (equal to), neq (not equal to), or range (inclusive range). destination-port operator port1 [ port2 ] Specifies one or more UDP or TCP destination ports. The port1 and port2 arguments are TCP or UDP port numbers in the range of 0 to 65535.
ICMPv6 message name ICMPv6 message type ICMPv6 message code frag-time-exceeded 3 1 hop-limit-exceeded 3 0 host-admin-prohib 1 1 host-unreachable 1 3 neighbor-advertisement 136 0 neighbor-solicitation 135 0 network-unreachable 1 0 packet-too-big 2 0 port-unreachable 1 4 redirect 137 0 router-advertisement 134 0 router-solicitation 133 0 unknown-ipv6-opt 4 2 unknown-next-hdr 4 1 Usage guidelines Within an ACL, the permit or deny statement of each rule must be uniqu
system-view [Sysname] acl ipv6 number 3003 [Sysname-acl6-adv-3003] rule permit udp source-port eq snmp [Sysname-acl6-adv-3003] rule permit udp source-port eq snmptrap [Sysname-acl6-adv-3003] rule permit udp destination-port eq snmp [Sysname-acl6-adv-3003] rule permit udp destination-port eq snmptrap Related commands • acl ipv6 • display ipv6 acl • step • time-range rule (IPv6 basic ACL view) Use rule to create or edit an IPv6 basic ACL rule.
source { source-address source-prefix | source-address/source-prefix | any }: Matches a source IP address. The source-address and source-prefix arguments represent a source IPv6 address and address prefix length in the range of 1 to 128. The any keyword represents any IPv6 source address. time-range time-range-name: Specifies a time range for the rule. The time-range-name argument is a case-insensitive string of 1 to 32 characters. It must start with an English letter.
Parameters rule-id: Specifies a rule ID in the range of 0 to 65534. If no rule ID is provided when you create an ACL rule, the system automatically assigns it a rule ID. This rule ID is the nearest higher multiple of the numbering step to the current highest rule ID, starting from 0. For example, if the rule numbering step is 5 and the current highest rule ID is 28, the rule is numbered 30. deny: Denies matching packets. permit: Allows matching packets to pass.
Default command level 2: System level Parameters rule-id: Specifies a rule ID in the range of 0 to 65534. If no rule ID is provided when you create an ACL rule, the system automatically assigns it a rule ID. This rule ID is the nearest higher multiple of the numbering step to the current highest rule ID, starting from 0. For example, if the rule numbering step is 5 and the current highest rule ID is 28, the rule is numbered 30. deny: Denies matching APs. permit: Allows matching APs.
Views WLAN ACL view, WLAN-AP ACL view, IPv4 basic/advanced ACL view, IPv6 basic/advanced ACL view, Ethernet frame header ACL view Default command level 2: System level Parameters rule-id: Specifies an ACL rule ID in the range of 0 to 65534. The ACL rule must already exist. text: Specifies a comment about the ACL rule, a case-sensitive string of 1 to 127 characters. Examples # Create a rule in IPv4 basic ACL 2000 and add a comment about the rule.
that is the nearest higher multiple of the numbering step to the current highest rule ID. For example, if the rule numbering step is 5 and the current highest rule ID is 28, the system picks rule 30. text: Specifies a remark, a case-sensitive string of 1 to 63 characters. Usage guidelines A rule range remark always appears immediately above the specified rule.
rule 0 permit source 14.1.1.0 0.0.0.255 rule 5 permit source 10.1.1.1 0 time-range work-time rule 10 remark Rules for VIP_start rule 10 permit source 192.168.0.0 0.0.0.255 rule 15 permit source 1.1.1.1 0 rule 20 permit source 10.1.1.1 0 rule 25 permit counting rule 26 remark Rules for VIP_end # return Related commands • display this • display current-configuration (Fundamentals Command Reference) step Use step to set a rule numbering step for an ACL.
[Sysname-acl-basic-2000] step 2 # Set the rule numbering step to 2 for IPv6 basic ACL 2000. system-view [Sysname] acl ipv6 number 2000 [Sysname-acl6-basic-2000] step 2 Related commands • display acl • display acl ipv6 time-range Use time-range to configure a time range. If you provide an existing time range name, the command adds a statement to the time range. Use undo time-range to delete a time range or a statement in the time range.
from time1 date1: Specifies the start time and date of an absolute statement. The time1 argument specifies the time of the day in hh:mm format (24-hour clock). Its value is in the range of 00:00 to 23:59. The date1 argument specifies a date in MM/DD/YYYY or YYYY/MM/DD format, where MM is the month of the year in the range of 1 to 12, DD is the day of the month with the range depending on MM, and YYYY is the year in the calendar in the range of 1970 to 2100.
Related commands display time-range 32
QoS policy commands Class commands display traffic classifier Use display traffic classifier to display class information. Syntax display traffic classifier user-defined [ classifier-name ] [ | { begin | exclude | include } regular-expression ] Views Any view Default command level 1: Monitor level Parameters user-defined: Displays user-defined classes. classifier-name: Specifies a class by its name, a string of 1 to 31 characters. |: Filters command output by specifying a regular expression.
Field Description Operator Match operator you set for the class. If the operator is AND, the class matches the packets that match all its match criteria. If the operator is OR, the class matches the packets that match any of its match criteria. Rule(s) Match criteria. if-match Use if-match to define a match criterion. Use undo if-match to delete a match criterion.
Keyword and argument combination Description Matches the 802.1p priority of the customer network. customer-dot1p 8021p-list The 8021p-list argument is a list of up to eight 802.1p priority values. An 802.1p priority ranges from 0 to 7. Matches IP precedence. ip-precedence ip-precedence-list The ip-precedence-list argument is a list of up to eight IP precedence values. An IP precedence ranges from 0 to 7. Matches local precedence.
Defining a criterion to match 802.1p priority in customer or service provider VLAN tags • You can configure multiple 802.1p priority match criteria for a class. All the defined 802.1p values are automatically arranged in ascending order. • You can configure up to eight 802.1p priority values in one command line. If the same 802.1p priority value is specified multiple times, the system considers them as one. If a packet matches one of the defined 802.1p priority values, it matches the if-match clause.
# Define a match criterion for class class1 to match the packets with their customer network 802.1p priority values being 3. system-view [Sysname] traffic classifier class1 [Sysname-classifier-class1] if-match customer-dot1p 3 # Define a match criterion for class class1 to match the advanced ACL 3101. system-view [Sysname] traffic classifier class1 [Sysname-classifier-class1] if-match acl 3101 # Define a match criterion for class class1 to match the advanced IPv6 ACL 3101.
traffic classifier Use traffic classifier to create a class and enter class view. Use undo traffic classifier to delete a class. Syntax traffic classifier classifier-name [ operator { and | or } ] undo traffic classifier classifier-name Views System view Default command level 2: System level Parameters classifier-name: Specifies a class name, a string of 1 to 31 characters. operator: Sets the operator to logic AND or OR for the class. and: Specifies the logic AND operator.
Default CBS is the amount of traffic transmitted at the rate of CIR over 500 ms. Views Traffic behavior view Default command level 2: System level Parameters cir committed-information-rate: Sets the committed information rate (CIR) in kbps, which specifies an average traffic rate. cbs committed-burst-size: Sets the committed burst size (CBS) in bytes. ebs excess-burst-size: Sets the excess burst size (EBS) in bytes. The default is 0.
Keyword DSCP value (binary) DSCP value (decimal) af43 100110 38 cs1 001000 8 cs2 010000 16 cs3 011000 24 cs4 100000 32 cs5 101000 40 cs6 110000 48 cs7 111000 56 ef 101110 46 Usage guidelines A QoS policy that has a CAR action can be applied to inbound or outbound direction of an interface. A traffic behavior can contain only one CAR action. If you configure the car command multiple times in the same traffic behavior, the last configuration takes effect.
behavior-name: Specifies a behavior by its name, a string of 1 to 31 characters. If no traffic behavior is specified, this command displays information about all the user-defined behaviors. |: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow.
Default command level 2: System level Parameters deny: Drops packets. permit: Permits packet to pass through. Examples # Configure the traffic filtering action as deny in traffic behavior database. system-view [Sysname] traffic behavior database [Sysname-behavior-database] filter deny remark dot1p Use remark dot1p to configure an 802.1p priority marking action or configure the inner-to-outer tag priority copying action. Use undo remark dot1p to delete the action.
Syntax remark local-precedence local-precedence undo remark local-precedence Views Traffic behavior view Default command level 2: System level Parameters local-precedence: Sets the local precedence to be marked for packets, in the range of 0 to 7. Examples # Configure traffic behavior database to mark matching traffic with local precedence 2.
[Sysname-behavior-behavior1] Related commands • classifier behavior • qos apply policy • qos policy QoS policy configuration and application commands classifier behavior Use classifier behavior to associate a behavior with a class in a QoS policy. Use undo classifier to remove a class from the policy.
display qos policy Use display qos policy to display user-defined QoS policy configuration information. Syntax display qos policy user-defined [ policy-name [ classifier classifier-name ] ] [ | { begin | exclude | include } regular-expression ] Views Any view Default command level 1: Monitor level Parameters user-defined: Displays user-defined QoS policies. policy-name: Specifies a QoS policy by its name, a string of 1 to 31 characters.
Field Description Behavior Behavior associated with the class. A behavior is associated with a class. It can be configured with multiple actions. For more information, see the traffic behavior command in "Traffic behavior commands." display qos policy interface Use display qos policy interface to display information about the QoS policy or policies applied to an interface or all interfaces.
Interface: Ten-GigabitEthernet1/0/1 Direction: Inbound Policy: testpolicy Classifier: testclass Matched : 0(Packets) 0(Bytes) Operator: AND Rule(s) : If-match local-precedence 7 If-match acl 2000 Behavior: testbehavior Committed Access Rate: CIR 20 (kbps), CBS 2000 (byte), EBS 0 (byte) Green Action: pass Red Action: remark local-precedence 7 and pass Green : 0(Packets) 0(Bytes) Red : 0(Packets) 0(Bytes) Filter Enable: deny Classifier: testclass1 Matched : 0(Packets) 0(Bytes) Operator: AND Rule(s) : -non
Views Interface view, port group view Default command level 2: System level Parameters inbound: Specifies the inbound direction. outbound: Specifies the outbound direction. policy-name: Specifies a QoS policy by its name, a string of 1 to 31 characters. Usage guidelines All physical interfaces, except interfaces with X.25 or LAPB encapsulation enabled, can have QoS policies applied. Settings in interface view take effect on the current interface.
Usage guidelines You can only edit or remove the configurations in a disabled user profile. Disabling a user profile logs out the users that are using the user profile. The QoS policy applied to a user profile takes effect when the user-profile is activated and the users are online. Only the remark, car, and filter actions are supported in the QoS policies applied in user profile view. A null policy cannot be applied in user profile view.
Priority mapping commands Priority mapping table commands display qos map-table Use display qos map-table to display the configuration of a priority mapping table. Syntax display qos map-table [ dot11e-lp | dot1p-lp | dscp-lp | lp-dot11e | lp-dot1p | lp-dscp ] [ | { begin | exclude | include } regular-expression ] Views Any view Default command level 1: Monitor level Parameters dot11e-lp: Specifies the 802.11e-to-local mapping table. dot1p-dot1p: Specifies the 802.1p-to-802.1p mapping table.
IMPORT : EXPORT 0 : 2 1 : 0 2 : 1 3 : 3 4 : 4 5 : 5 6 : 6 7 : 7 Table 18 Command output Field Description MAP-TABLE NAME Name of the priority mapping table. TYPE Type of the priority mapping table. DIRECTION Direction of the priority mapping table. IMPORT Input values of the priority mapping table. EXPORT Output values of the priority mapping table.
Related commands • display qos map-table qos map-table Use qos map-table to enter the specified priority mapping table view. Syntax qos map-table { dot11e-lp | dot1p-lp | dscp-lp | lp-dot11e | lp-dot1p | lp-dscp } Views System view Default command level 2: System level Parameters dot11e-lp: Specifies the 802.11e-to-local mapping table. dot1p-dot1p: Specifies the 802.1p-to-802.1p mapping table. dot1p-lp: Specifies the 802.1p-to-local mapping table. dscp-lp: Specifies the DSCP-to-local mapping table.
Default The port priority is 0. Views Interface view, port group view Default command level 2: System level Parameters priority-value: Specifies the port priority value. The value range is 0 to 7. Usage guidelines In interface (Ethernet interface or WLAN-ESS interface) view, the setting takes effect on the current interface only. In port group view, the setting takes effect on all interfaces in the port group.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
dot1p: Uses the 802.1p priority in incoming packets for priority mapping. dscp: Uses the DSCP value in incoming packets for priority mapping. Usage guidelines In interface (Ethernet interface or WLAN-ESS interface) view, the setting takes effect on the current interface only. In port group view, the setting takes effect on all ports in the port group. If a WLAN-ESS interface in service contains WLAN-DBSS interfaces, you cannot modify its priority trust mode.
Traffic policing and rate limit commands Traffic policing commands qos car (user-profile view) Use qos car in user profile view to apply a CAR policy to a user profile. Use undo qos car in user profile view to remove the CAR policy applied to a user profile.
[Sysname-user-profile-user] qos car outbound any cir 200 cbs 50000 display qos lr interface Use display qos lr interface to view the rate limit configuration information and operational statistics on a specified interface or all the interfaces.
Field Description Passed Number and bytes of packets that have passed. Delayed Number and bytes of delayed packets. qos lr Use qos lr to limit the rate of incoming packets or outgoing packets on the interface. Use undo qos lr to remove the rate limit.
Congestion management commands FIFO queuing commands qos fifo queue-length Use qos fifo queue-length to set the FIFO queue length. Use undo qos fifo queue-length to restore the default. Syntax qos fifo queue-length queue-length undo qos fifo queue-length Views Interface view Default command level 2: System level Parameters queue-length: Sets the queue length threshold. The value range for this argument is 1 to 1024, and the default queue length is 75. Examples # Set the FIFO queue length to 100.
Parameters interface-type interface-number: Specifies an interface by its type and number. |: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.
Views Any view Default command level 1: Monitor level Parameters pql-number: Specifies a priority queue list by its number. |: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression.
Parameters pql: Specifies a PQ list. pql-index: Specifies a PQ list index in the range of 1 to 16. Usage guidelines An interface can use only one PQ list. Multiple match criteria can be configured for a PQ list. During traffic classification, the system matches packets with the rules in the PQ list. If a packet matches a certain rule, it is assigned to the priority queue, and the matching process is over. If a packet does not match any rule, it is allocated to the default priority queue.
system-view [Sysname] qos pql 12 default-queue bottom Related commands • qos pq • qos pql local-precedence • qos pql protocol • qos pql queue qos pql local-precedence Use qos pql local-precedence to configure a match criterion for a PQ list to assign packets with a specified local precedence to a specified queue. Use undo qos pql local-precedence to delete the match criterion.
qos pql protocol Use qos pql protocol to specify a queue for the IP packets that match a certain match criterion. Use undo qos pql protocol to delete the match criterion. Syntax qos pql pql-index protocol ip [ queue-key key-value ] queue { bottom | middle | normal | top } undo qos pql pql-index protocol ip [ queue-key key-value ] Default No match criterion is configured. Views System view Default command level 2: System level Parameters pql-index: Specifies a PQ list index in the range of 1 to 16.
Related commands • qos pq • qos pql default-queue • qos pql local-precedence • qos pql queue qos pql queue Use qos pql queue to specify the length of a specified priority queue (the maximum number of packets that the priority queue can hold). Use undo qos pql queue to restore the default for a priority queue.
CQ commands display qos cq interface Use display qos cq interface to view the custom queuing (CQ) configuration and statistics of an interface or all the interfaces. Syntax display qos cq interface [ interface-type interface-number ] [ | { begin | exclude | include } regular-expression ] Views Any view Default command level 1: Monitor level Parameters interface-type interface-number: Specifies an interface by its type and number. |: Filters command output by specifying a regular expression.
Field Description Output queue Output queue information. Custom queuing Custom queuing. The CQ list in use is displayed. Size Number of packets in a queue. Length Queue length, which specifies the maximum number of packets a queue can hold. Discards Number of dropped packets. Related commands qos cq display qos cql Use display qos cql to display the configuration of the specified or all custom queue lists.
• qos cql qos cq Use qos cq to apply a CQ list to an interface. Use undo qos cq to restore the default. Syntax qos cq cql cql-index undo qos cq Default The congestion management policy on an interface is FIFO. Views Interface view Default command level 2: System level Parameters cql-index: Specifies a CQ list index in the range of 1 to 16. Usage guidelines An interface can use only one CQ list. You can configure multiple match criteria for a CQ list.
Syntax qos cql cql-index default-queue queue-number undo qos cql cql-index default-queue Default The queue number is 1. Views System view Default command level 2: System level Parameters cql-index: Specifies a CQ list index in the range of 1 to 16. queue-number: Specifies a queue number in the range of 1 to 16. Usage guidelines Packets that match no match criterion are allocated to the default queue. Examples # Specify queue 2 as the default queue for CQ list 5.
Parameters cql-index: Specifies a CQ list index in the range of 1 to 16. local-precedence-value: Specifies a local precedence value in the range of 0 to 7. queue-number: Specifies a queue number in the range of 1 to 16. Usage guidelines You can execute this command multiple times with the same cql-index argument to create different match criteria for packets with different local precedence values. Examples # Create a match criterion in CQ list 5 to assign packets with local precedence value 4 to queue 3.
Table 25 Values for the queue-key argument and the key-value argument queue-key key-value Description acl ACL number (2000 to 3999) All IP packets matching the specified ACL are enqueued. fragments N/A All fragmented IP packets are enqueued. greater-than Length (0 to 65535) IP packets larger than a specified value are enqueued. less-than Length (0 to 65535) IP packets smaller than a specified value are enqueued.
Parameters cql-index: Specifies a CQ list index in the range of 1 to 16. queue-number: Specifies a queue number in the range of 1 to 16. queue-length queue-length: Specifies the maximum queue length in the range of 1 to 1024. This argument is 20 by default. Usage guidelines If the queue is full, subsequent packets are dropped. Examples # Set the length of queue 4 in CQ list 5 to 40.
Related commands • qos cq • qos cql default-queue • qos cql local-precedence • qos cql protocol • qos cql queue 73
Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.
Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. [] Square brackets enclose syntax choices (keywords or arguments) that are optional. { x | y | ... } Braces enclose a set of required syntax choices separated by vertical bars, from which you select one.
Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features. Represents an access controller, a unified wired-WLAN module, or the switching engine on a unified wired-WLAN switch. Represents an access point.
Index ACDFIQRSTW qos car (user-profile view),56 A qos cq,68 acl,1 qos cql default-queue,68 acl copy,2 qos cql local-precedence,69 acl ipv6,3 qos cql protocol,70 acl ipv6 copy,4 qos cql queue,71 acl ipv6 name,5 qos cql queue serving,72 acl name,5 qos fifo queue-length,59 C qos lr,58 car,38 qos map-table,52 classifier behavior,44 qos policy,49 D qos pq,61 qos pql default-queue,62 description,6 qos pql local-precedence,63 display acl,7 qos pql protocol,64 display acl ipv6,8 qos pql
traffic behavior,43 W traffic classifier,38 Websites,74 78
