6. Network QoS Policies

This chapter provides information to configure network QoS policies using the command line interface.

6.1. Overview

This section provides an overview of QoS policies in network mode and access up-link mode.

6.1.1. Overview of Network QoS Policies in Network Mode

Network QoS policies are available for use with network IP interfaces, network port and hybrid port when operating the 7210 SAS device network mode. 7210 SAS-M, 7210 SAS-T, 7210 SAS-Sx/S 1/10GE, 7210 SAS-Sx 10/100GE, and 7210 SAS-Mxp devices support network mode of operation.

The following types of QoS mapping decisions are applicable on a network IP interface when operating in network mode.

MPLS LSP EXP value mapping to FC (if defined)
Default QoS mapping
MPLS LSP EXP mapping to profile

The default QoS mapping always exists on an IP interface and every received packet will be mapped to this default if another explicitly defined matching entry does not exist.

The following types of QoS mapping decisions are applicable on a network port when operating in network mode:

Ethernet Dot1P and IP DSCP value mapping (if defined) for use with IP packets
Default QoS mapping

The default QoS mapping always exists on network port and every received packet will be mapped to this default if another explicitly defined matching entry does not exist.

6.1.1.1. Overview of Network QoS Policies in Access-uplink Mode

Network QoS policies are available for use with access-uplink port when operating the 7210 SAS device in access-uplink mode. 7210 SAS-M, and 7210 SAS-T devices support access-uplink mode of operation.

The following types of QoS mapping decisions are applicable on an access-uplink port when operating in access-uplink mode:

Option to mark Ethernet Dot1p or IP DSCP
Default QoS mapping

The default QoS mapping always exists on an ingress access uplink port and every received packet will be mapped to this default if another explicitly defined matching entry does not exist.

The following sections provide more details about the network QoS policies for both network mode and access-uplink mode.

6.2. Network QoS Policy in Network Mode

The network QoS policy consists of an ingress and egress component. For 7210 SAS-M, 7210 SAS-T, 7210 SAS-Sx/S 1/10GE, 7210 SAS-Sx 10/100GE, and 7210 SAS-Mxp operating in network mode, there are two types of network QoS policies; network QoS policy of type port and network QoS policy of type ip-interface.

A port type network policy is applied to network and hybrid ports and is used for classification and remarking of IP traffic using DSCP or dot1p values. Either DSCP or dot1p can be used for ingress classification but not both. Both DSCP and Dot1p can be configured at egress for remarking.

An ip-interface type network policy is applied to an IP Interface, and is used for classification and remarking of MPLS traffic using EXP values. Note that the FC-to-dot1p marking values configured on the port are also used to mark the dot1p in the VLAN tag, if any, used for MPLS traffic on some 7210 SAS devices.

The ingress component of the policy defines how the EXP, DSCP or dot1p bits are mapped to internal forwarding class (FC) and profile state. The FC and profile state define the per-hop behavior (PHB) or the QoS treatment through the 7210 SAS. The profile mapping can be defined using the mpls-lsp-exp-profile-map policy, which defines the mapping between the LSP EXP bits and the profile (in or out) to be associated with a packet.

The mapping on each ip-interface or port defaults to the mappings defined in the default network QoS policy until an explicit policy is defined for the IP interface or port. It also defines the bandwidth-limiting parameters for the traffic mapped to each FC. Traffic mapped to each FC can be limited to configurable bandwidth values using separate meters and queues for each unicast and multipoint traffic. Multipoint is used for IP interface for MPLS traffic and for IP multicast traffic received on a network or hybrid port.

The total number of QoS resources—that is, ingress classification entries and policers—available for use with IP interfaces is limited. The software allocates these resources to an IP interface on a first-come, first-serve basis. The number of resources used per IP interface limits the total number of IP interfaces configured on the system. The total number of IP interfaces allowed is also subject to a system limit.

Note:

On the 7210 SAS-M, symmetric QoS down MEPs are supported. To determine the FC at ingress of the down MEP, hardware resources from the pool used for MPLS LSP EXP marking is allocated. The FC assigned on ingress has an effect on marking the CFM message sent out of the down MEP. Use of the resource pool to enable symmetric QoS for down MEPs reduces the number of resources available for the egress LSP EXP marking map by one.
For more information about symmetric QoS down MEPs, refer to the symmetric-qos-downmeps command description in the 7210 SAS-M, T, R6, R12, Mxp, Sx, S Basic System Configuration Guide.

The egress component of the network QoS policy defines the LSP EXP, DSCP or dot1p bits marking values associated with each forwarding class.

By default, all ports configured in network mode use Default network policy "1" and all network port IP interfaces use Default network policy "2". Default network policies "1" and "2" cannot be modified or deleted.

New (non-default) network policy parameters can be modified. The no form of this command reverts the object to the default values.

Changes made to a policy are applied immediately to all network ports, hybrid ports, and IP interfaces where the policy is applied. For this reason, when a policy requires several changes, it is recommended that you copy the policy to a work-in-progress policy-id. The work-in-progress copy can be modified until all the changes are made and then the original policy-id can be overwritten using the config>qos>copy command.

For information about the tasks and commands necessary to access the CLI and to configure and maintain your devices, refer to the “CLI Usage” chapter in the 7210 SAS-M, T, R6, R12, Mxp, Sx, S Basic System Configuration Guide.

6.2.1. Network QoS Policy Functionality for the IP-interface Type

The following behavior is supported with use of network IP interface QoS policies for LDP, segment routing (SR), and RSVP (with fast reroute (FRR) or penultimate hop popping (PHP)) MPLS LSPs:

The mpls-lsp-exp-profile-map policy allows you to specify the profile mapping and FC mapping independently. The FC to use is always taken from the network policy using the EXP-to-FC mapping configured in the network policy. The EXP-to-profile mapping defined in the mpls-lsp-exp-profile-map policy associated with the network QoS policy is used. Each IP interface can define a unique network policy for use, and each network policy uses a different MPLS LSP EXP-to-FC mapping. If adequate network classification resources are available, this mapping allows the use of more than 32 distinct network policies.
MPLS transport tunnels that are set up using LDP and segment routing use a global mpls-lsp-exp-profile-map policy. Although the system assigns a default mpls-lsp-exp-profile-map policy, the user can change the default and specify the global policy to use.
Use the mpls-lsp-exp-profile-map policy to assign profile values based on the MPLS EXP bits for MPLS packets received over different IP interfaces. This is particularly useful for RSVP LSPs with FRR 1:1 configurations.
For LDP LSPs or when using the FRR facility, Nokia recommends that a single mpls-lsp-exp-profile-map policy should be used for all IP interfaces. If PHP is enabled, the egress LER receives only VC-labeled packets and the global mpls-lsp-exp-profile-map policy is used for profile mapping. Therefore, when PHP is enabled, a single mpls-lsp-exp-profile-map policy should be used for all IP interfaces to get consistent profile treatment.
If traffic is received on a transport tunnel set up using RSVP LSP, LDP or SR with an identical EXP bit value, the system provides the same QoS treatment to the MPLS traffic. The FC and meter from the network QoS policy are used for all MPLS traffic received on an IP interface, regardless of whether it is an LDP or RSVP LSP. The profile value assigned depends on the configuration. If the user needs similar profile mapping for MPLS traffic received across all transport tunnels, a single mpls-lsp-exp-profile-map must be used for all IP interfaces and for the global mpls-lsp-exp-profile-map.

6.2.2. Basic Configurations

A basic network QoS policy must conform to the following.

Each network QoS policy must have a unique policy ID.
The network must specify the default action.
The network must have a QoS policy scope of template or exclusive.

6.2.3. Create a Network QoS Policy (Type IP-interface) for Network Mode

Configuring and applying QoS policies other than the default policy is optional. A default network policy of the type ip-interface is applied.

To create an network QoS policy of type ip-interface when operating in network mode, define the following:

A network policy ID value. The system will not dynamically assign a value.
Set the network-policy-type parameter to be ip-interface.
Include a description. The description provides a brief overview of policy features.
Egress Marking/ remarking — Specifies the egress LSP EXP marking map. Otherwise, the default values are applied.
1. Remarking — When enabled, this command remarks ALL packets that egress on the specified network port. The remarking is based on the forwarding class to LSP EXP bit mapping defined under the egress node of the network QoS policy.
2. Forwarding class criteria — The forwarding class name represents an egress queue. Specify forwarding class criteria to define the marking criteria of packets flowing through it.
3. LSP EXP— The EXP is used for all packets requiring marking that egress on this forwarding class queue that are in or out of profile.
Ingress criteria — Specifies the for forwarding class mapping for all packets.
1. Default action — Defines the default action to be taken for packets that have an undefined EXP bits set. The default-action specifies the forwarding class to which such packets are assigned.
2. LSP EXP — Creates a mapping between the EXPbits of the network ingress traffic and the forwarding class. Ingress traffic that matches the specified EXP bits will be assigned to the corresponding forwarding class.

User has an option to specify the mapping of the LSP EXP bits to a profile (in/out). Ingress traffic that matches the specified EXP bits will be assigned the corresponding profile.

The following commands associated a network QoS policy with the network IP interface.

CLI Syntax:

config>router

interface interface-name

qos network-policy-id

6.2.3.1. Example for Network QoS Policy of Type IP-interface

The following is the example for 7210 SAS-M devices:

A:7210SAS>config>qos>network# info

----------------------------------------------

ingress

meter 1 create

exit

meter 3 create

exit

meter 5 multipoint create

exit

meter 9 multipoint create

exit

fc "ef" create

meter 3

multicast-meter 5

exit

lsp-exp 0 fc be

lsp-exp 1 fc l2

lsp-exp 2 fc af

lsp-exp 3 fc af

lsp-exp 4 fc h2

lsp-exp 5 fc ef

mpls-lsp-exp-profile 3

exit

egress

fc af

exit

fc be

exit

fc ef

exit

fc h1

lsp-exp-in-profile 3

lsp-exp-out-profile 4

exit

fc h2

exit

fc l1

exit

fc l2

exit

fc nc

exit

----------------------------------------------

The following is the example for 7210 SAS-T, 7210 SAS-Mxp, 7210 SAS-Sx/S 1/10GE, and 7210 SAS-Sx 10/100GE devices:

*7210 SAS>config>qos>network# info

----------------------------------------------

ingress

meter 1 create

exit

meter 3 create

exit

meter 5 multipoint create

exit

meter 9 multipoint create

exit

fc "ef" create

meter 3

multicast-meter 5

exit

lsp-exp 0 fc be

lsp-exp 1 fc l2

lsp-exp 2 fc af

lsp-exp 3 fc af

lsp-exp 4 fc h2

lsp-exp 5 fc ef

exit

egress

remarking

remark 200

exit

----------------------------------------------

6.2.4. Configuring Network QoS Policy (Type Port) for Network Mode

To create a network QoS policy of type port when operating in network mode, define the following:

A network policy ID value. The system does not dynamically assign a value.
Set the network-policy-type parameter to 'port'.
Include a description. The description provides a brief overview of policy features.
You can modify egress DSCP and Dot1p marking map. Otherwise, the default values are applied.
1. Remarking — When enabled, this command remarks ALL packets that egress on the specified network port. The remarking is based on the forwarding class to DSCP bit mapping defined in the remark policy and associated under the egress node of the network QoS policy for all IP traffic and forwarding class to Dot1p bit mapping for all IP.
2. Forwarding class criteria — The forwarding class name represents an egress queue. Specify forwarding class criteria to define the egress characteristics of the queue and the marking criteria of packets flowing through it.
3. DSCP and Dot1p — The DSCP and Dot1p value is used for all packets requiring marking that egress on this forwarding class queue that are in or out of profile.
Ingress criteria — Specifies either DSCP or Dot1p (but not both) to forwarding class mapping for all packets.
1. Default action — Defines the default action to be taken for packets that have an undefined DSCP or Dot1p bits set. The default-action specifies the forwarding class to which such packets are assigned.
2. DSCP or Dot1p — Creates a mapping between the DSCP or Dot1p bits of the network ingress traffic and the forwarding class. Ingress traffic that matches the specified DSCP or Dot1p bits will be assigned to the corresponding forwarding class.

The following shows the command usage to associate a network QoS policy with the network port.

network port (in network mode)

config> port

ethernet

network

qos network-policy-id

Use the following syntax to create a network QoS policy.

*A:dut-d>config>qos>network# info detail

----------------------------------------------

description "Default network-port QoS policy."

scope template

ingress

default-action fc be profile out

meter 1 create

mode trtcm1

adaptation-rule cir closest pir closest

rate cir 0 pir max

mbs default kbits

cbs default kbits

exit

dscp be fc be profile out

dscp ef fc ef profile in

dscp cs1 fc l2 profile in

dscp nc1 fc h1 profile in

dscp nc2 fc nc profile in

dscp af11 fc af profile in

dscp af12 fc af profile out

dscp af41 fc h2 profile in

exit

egress

no remarking

fc af

dscp-in-profile af11

dscp-out-profile af12

no dot1p

dot1p-in-profile 3

dot1p-out-profile 2

no de-mark

exit

fc be

dscp-in-profile be

dscp-out-profile be

no dot1p

dot1p-in-profile 0

dot1p-out-profile 0

no de-mark

exit

fc ef

6.2.5. Default Network Policy Values Available in Network Mode

The default network policy for IP interfaces is identified as policy-id 2. Default policies cannot be modified or deleted. Table 40 lists default network policy parameters.

Table 40: Network Policy Defaults for Policy Type IP-interface

Field	Default
description	Default network QoS policy
scope	template
ingress
default-action	fc be profile out (default action profile out is applicable only for port policies and not for ip-interface policies)
mpls-lsp-exp-profile	1
egress
remarking	no
fc af:
lsp-exp-in-profile	3
lsp-exp-out-profile	2
fc be:
lsp-exp-in-profile	0
lsp-exp-out-profile	0
fc ef:
lsp-exp-in-profile	5
lsp-exp-out-profile	5
fc h1:
lsp-exp-in-profile	6
lsp-exp-out-profile	6
fc h2:
lsp-exp-in-profile	4
lsp-exp-out-profile	4
fc h11:
lsp-exp-in-profile	3
lsp-exp-out-profile	2
fc h12:
lsp-exp-in-profile	1
lsp-exp-out-profile	1
fc nc:
lsp-exp-in-profile	7
lsp-exp-out-profile	7

Table 41 lists default parameters for network QoS policy type ip-interface, LSP EXP-to-FC mapping on ingress.

Table 41: Default Network QoS Policy of Type IP-interface, LSP EXP-to-FC Mapping on Ingress

LSP EXP Value	7210 FC Ingress	Profile
0	be	Out
1	l2	In
2	af	Out
3	af	In
4	h2	In
5	ef	In
6	h1	In
7	nc	In

The default network policy for port is identified as policy-id 1. Default policies cannot be modified or deleted. The following output displays the parameters for default network policy of type port when in network mode of operation:

The following output sample is of a default network port policy on 7210 SAS-M.

*A:ALA>config>qos>network# info detail

----------------------------------------------

description "Default network-port QoS policy."

scope template

ingress

default-action fc be profile out

meter 1 create

mode trtcm

adaptation-rule cir closest pir closest

rate cir 0 pir max

mbs default

cbs default

exit

dscp be fc be profile out

dscp ef fc ef profile in

dscp cs1 fc l2 profile in

dscp nc1 fc h1 profile in

dscp nc2 fc nc profile in

dscp af11 fc af profile in

dscp af12 fc af profile out

dscp af41 fc h2 profile in

exit

egress

no remarking

fc af

dscp-in-profile af11

dscp-out-profile af12

dot1p-in-profile 3

dot1p-out-profile 2

exit

fc be

dscp-in-profile be

dscp-out-profile be

dot1p-in-profile 0

dot1p-out-profile 0

exit

fc ef

dscp-in-profile ef

dscp-out-profile ef

dot1p-in-profile 5

dot1p-out-profile 5

exit

fc h1

dscp-in-profile nc1

dscp-out-profile nc1

dot1p-in-profile 6

dot1p-out-profile 6

exit

fc h2

dscp-in-profile af41

dscp-out-profile af41

dot1p-in-profile 4

dot1p-out-profile 4

exit

fc l1

dscp-in-profile af21

dscp-out-profile af22

dot1p-in-profile 3

dot1p-out-profile 2

exit

fc l2

dscp-in-profile cs1

dscp-out-profile cs1

dot1p-in-profile 1

dot1p-out-profile 1

exit

fc nc

dscp-in-profile nc2

dscp-out-profile nc2

dot1p-in-profile 7

dot1p-out-profile 7

exit

----------------------------------------------

*A:ALA>config>qos>network#

The following output sample is of a default network interface policy for 7210 SAS-M devices in network mode.

A:SAS-M>config>qos>network# info

----------------------------------------------

description "Default network QoS policy."

ingress

meter 1 create

exit

meter 9 multipoint create

exit

lsp-exp 0 fc be

lsp-exp 1 fc l2

lsp-exp 2 fc af

lsp-exp 3 fc af

lsp-exp 4 fc h2

lsp-exp 5 fc ef

lsp-exp 6 fc h1

lsp-exp 7 fc nc

exit

egress

fc af

exit

fc be

exit

fc ef

exit

fc h1

exit

fc h2

exit

fc l1

exit

fc l2

exit

fc nc

exit

----------------------------------------------

*A:SAS-M>config>qos>network#

The following output sample is of a default network port QoS policy for 7210 SAS-T, 7210 SAS-Sx/S 1/10GE, 7210 SAS-Sx 10/100GE, and 7210 SAS-Mxp devices.

*A:Dut-A>config>qos>network# info detail

----------------------------------------------

description "Default network-port QoS policy."

scope template

ingress

default-action fc be profile out

meter 1 create

mode trtcm1

adaptation-rule cir closest pir closest

rate cir 0 pir max

mbs default kbits

cbs default kbits

exit

dscp be fc be profile out

dscp ef fc ef profile in

dscp cs1 fc l2 profile in

dscp nc1 fc h1 profile in

dscp nc2 fc nc profile in

dscp af11 fc af profile in

dscp af12 fc af profile out

dscp af41 fc h2 profile in

exit

egress

no remarking

remark 1

exit

----------------------------------------------

*A:Dut-A>config>qos>network#

6.2.6. Resource Allocation for Network QoS Policy

This section describes the allocation of QoS resources for network QoS policies of both for type ip-interface and type port.

When an IP interface is created, a default network QoS policy of type IP-interface is applied. For the default policy, two meters and two classification entries in hardware are allocated.

The resources are allocated to a network policy only when a port is configured for the IP interface. When a network port is configured a default network QoS policy of type port is applied.

For every FC in use, the system allocates two classification entries in hardware, if the FC is configured to use both the unicast meter and the multicast meter or if the default meter 9 is configured in the policy. If multiple match criteria entries map to the same FC, then each of these are allocated two classification entries in hardware. For example, if there are two match-criteria entries that map to FC ‘af’, then a total of four classification entries are allocated in hardware and if there are four match-criteria entries that map to FC ‘af’, then a total of eight classification entries are allocated in hardware.

For every meter or policer in use, the system allocates one meter in hardware. A meter or policer is considered to be in use when it is associated with an FC in use.

The number of IP interfaces and network ports allowed is limited by number of classification resources available in hardware, subject to system limit on the number of IP interfaces and network/hybrid ports supported by the system.

Calculating the Number of QoS Resources

To calculate the number of QoS resources used by an IP interface, determine the following items:

number of match-criteria entries used to identify the FC
number of FCs to use

Only the FCs used by the match-criteria classification entries are to be considered for the number of FCs, which are referred to as “FC in use”. Also, note that for network policy of type ip-interface, the default multipoint meter 9 is created in a policy; whereas for policy of type port, the default multipoint meter needs to be explicitly configured by the user, if required.

Use the following rules to compute the number of classification entries per FC in use:

If an FC is in use and is created without explicit meters, use default meter 1 for unicast traffic and default meter 9 (if configured) for all other traffic types (that is, broadcast, multicast and unknown-unicast). This requires two classification entries in hardware. If default multipoint meter 9 is not configured, then the FC will use the unicast meter for all traffic types. In this case, the FC requires a single classification entry in hardware.
If an FC is in use and is created with an explicit unicast meter, use that meter for unicast traffic and use default meter 9 (if configured) for all other traffic types. This requires two classification entries in hardware. If default multipoint meter 9 is not configured, then the FC will use the unicast meter for all traffic types. In this case, the FC requires a single classification entry in hardware.
If an FC is in use and is created with an explicit unicast meter and explicit multicast meter, use the unicast meter for unicast traffic and multicast meter for all other kinds of traffic. This requires two classification entries in hardware.

Given the number of match criteria and the number of FCs used, use the equation below to calculate the total number of classification entries (TC) per policy.

TC = Σ 2 * E(i)

i = nc, h1, ef, h2, l1, af, l2, be

where:

E(i) is the number of match- criteria entries that classify packets to FCi. For 7210 platforms, the maximum number of classification entries per policy is 64 (including default).
2 is the number of classification entries that are required by FCi.

Note:

In the worst case, only 2 classification entries are used for each FC in a network policy, because only two types of traffic are supported.

Determining the Number of Policers or Meters

Determine the number of policers or meters (TP) to use. A maximum of 16 meters per network policy is available.

The number of TPs used is the number of meters configured in the policy. Among that number, only those meters configured for use with an FC are considered during resource allocation. In other words, meters that are created but not associated with an FC are not counted for resource allocation.

6.2.6.1. Network QoS Policies Resource Usage Examples

Note:

In the following examples, the profile configuration is not shown. In practice, users need to configure the mpls-lsp-exp-profile policy and associate it with the network policy. Association of a profile policy with the network QoS policy does not change the resource calculation methodology shown in the following examples.

6.2.6.1.1. Example 1

network 1 network-policy-type ip-interface create

description “network-policy-1”

ingress

default-action fc be

meter 1 create

exit

meter 9 multipoint create

exit

egress

fc af

exit

fc be

exit

fc ef

exit

fc h1

exit

fc h2

exit

fc l1

exit

fc l2

exit

fc nc

exit

The number of classification entries (TC) used is calculated, as follows:

(2 * 0)nc + (2 * 0)h1 + (2 * 0)ef + (2 * 0)h2 + (2 * 0)l1 + (2 * 0)af + (2 * 0)l2 + (2 * 1)be = 2

The number of meters (TP) used is 2 (meters 1 and 9).

6.2.6.1.2. Example 2

network 2 network-policy-type ip-interface create

description “network-policy-2”

ingress

default-action fc be

meter 1 create

exit

meter 2 create

exit

meter 9 multipoint create

exit

meter 12 multipoint create

exit

fc "af" create

meter 2

multicast-meter 12

exit

lsp-exp 2 fc af

exit

egress

fc af

exit

fc be

exit

fc ef

exit

fc h1

exit

fc h2

exit

fc l1

exit

fc l2

exit

fc nc

exit

The number of classification entries (TC) used is calculated, as follows:

(2 * 0)nc + (2 * 0)h1 + (2 * 0)ef + (2 * 0)h2 + (2 * 0)l1 + (2 * 1)af + (2 * 0)l2 + (2 * 1)be = 4

The number of meters (TP) user is 4 (meters 1, 2, 9, and 12)

6.2.6.1.3. Example 3

network 3 network-policy-type ip-interface create

description “network-policy-3”

ingress

default-action fc be

meter 1 create

exit

meter 2 create

exit

meter 9 multipoint create

exit

meter 12 multipoint create

exit

fc "af" create

meter 2

multicast-meter 12

exit

fc "be" create

meter 2

multicast-meter 12

exit

lsp-exp 2 fc af

exit

egress

fc af

exit

fc be

exit

fc ef

exit

fc h1

exit

fc h2

exit

fc l1

exit

fc l2

exit

fc nc

exit

The number of classification entries (TC) used are calculated, as follows:

(2 * 0)nc + (2 * 0)h1 + (2 * 0)ef + (2 * 0)h2 + (2 * 0)l1 + (2 * 1)af + (2 * 0)l2 + (2 * 1)be = 4

The number of meters (TP) user is 2 (meters 2 and 12).

6.2.6.1.4. Example 4

network 4 network-policy-type ip-interface create

description “network-policy-4”

ingress

default-action fc be

meter 1 create

exit

meter 9 multipoint create

exit

lsp-exp 1 fc l2

lsp-exp 2 fc af

lsp-exp 3 fc af

lsp-exp 4 fc h2

lsp-exp 5 fc ef

lsp-exp 6 fc h1

lsp-exp 7 fc nc

exit

egress

fc af

exit

fc be

exit

fc ef

exit

fc h1

exit

fc h2

exit

fc l1

exit

fc l2

exit

fc nc

exit

The number of Filter-Entries (TC) used is calculated, as follows:

(2 * 1)nc + (2 * 1)h1 + (2 * 1)ef + (2 * 1)h2 + (2 * 0)l1 + (2 * 2)af + (2 * 1)l2 + (2 * 1)be = 16

The number of meters (TP) used is 2 (meters 1 and 9).

6.2.6.1.5. Example 5

network 5 network-policy-type ip-interface create

description “network-policy-5”

ingress

default-action fc be

meter 1 create

exit

meter 2 create

exit

meter 9 multipoint create

exit

meter 12 multipoint create

exit

fc "af" create

exit

fc "be" create

exit

fc "ef" create

exit

fc "h1" create

exit

fc "h2" create

exit

fc "l2" create

exit

fc "nc" create

exit

lsp-exp 1 fc l2

lsp-exp 2 fc af

lsp-exp 3 fc af

lsp-exp 4 fc h2

lsp-exp 5 fc ef

lsp-exp 6 fc h1

lsp-exp 7 fc nc

exit

egress

fc af

exit

fc be

exit

fc ef

exit

fc h1

exit

fc h2

exit

fc l1

exit

fc l2

exit

fc nc

exit

The number of classification entries (TC) used is calculated, as follows:

(2 * 1)nc + (2 * 1)h1 + (2 * 1)ef + (2 * 1)h2 + (2 * 0)l1 + (2 * 2)af + (2 * 1)l2 + (2 * 1)be = 16

The number of meters (TP) used is 2 (meters 1 and 9). Note that meters 2 and 12 are not accounted for because they are not associated with any FC.

6.2.6.1.6. Example 6

network 6 network-policy-type ip-interface create

description “network-policy-6”

ingress

default-action fc be

meter 1 create

exit

meter 2 create

exit

meter 3 create

exit

meter 9 multipoint create

exit

meter 12 multipoint create

exit

fc "af" create

meter 2

multicast-meter 12

exit

fc "be" create

exit

fc "ef" create

exit

fc "h1" create

meter 3

exit

fc "h2" create

exit

fc "l2" create

exit

fc "nc" create

meter 3

exit

lsp-exp 1 fc l2

lsp-exp 2 fc af

lsp-exp 3 fc af

lsp-exp 4 fc h2

lsp-exp 5 fc ef

lsp-exp 6 fc h1

lsp-exp 7 fc nc

exit

egress

fc af

exit

fc be

exit

fc ef

exit

fc h1

exit

fc h2

exit

fc l1

exit

fc l2

exit

fc nc

exit

The number of classification entries (TC) used is calculated, as follows:

(2 * 1)nc + (2 * 1)h1 + (2 * 1)ef + (2 * 1)h2 + (2 * 0)l1 + (2 * 2)af + (2 * 1)l2 + (2 * 1)be = 16

The number of meters (TP) used is 5 (meters 1, 2, 3, 9, and 12).

6.2.6.1.7. Example 7

network 2 network-policy-type ip-interface create

description "Default network QoS policy."

scope template

ingress

default-action fc be

meter 1 create

mode trtcm

adaptation-rule cir closest pir closest

rate cir 0 pir max

mbs default

cbs default

exit

meter 9 multipoint create

mode trtcm

adaptation-rule cir closest pir closest

rate cir 0 pir max

mbs default

cbs default

exit

lsp-exp 0 fc be

lsp-exp 1 fc l2

lsp-exp 2 fc af

lsp-exp 3 fc af

lsp-exp 4 fc h2

lsp-exp 5 fc ef

lsp-exp 6 fc h1

lsp-exp 7 fc nc

exit

egress

no remarking

fc af

lsp-exp-in-profile 3

lsp-exp-out-profile 2

exit

fc be

lsp-exp-in-profile 0

lsp-exp-out-profile 0

exit

fc ef

lsp-exp-in-profile 5

lsp-exp-out-profile 5

exit

fc h1

lsp-exp-in-profile 6

lsp-exp-out-profile 6

exit

fc h2

lsp-exp-in-profile 4

lsp-exp-out-profile 4

exit

fc l1

lsp-exp-in-profile 3

lsp-exp-out-profile 2

exit

fc l2

lsp-exp-in-profile 1

lsp-exp-out-profile 1

exit

fc nc

lsp-exp-in-profile 7

lsp-exp-out-profile 7

exit

The number of classification entries (TC) used is 2.

The number of meters (TP) used is 2.

6.2.6.1.8. Example 8

network 8 network-policy-type ip-interface create

description “network-policy-8”

ingress

default-action fc nc

meter 1 create

exit

meter 2 create

exit

meter 3 create

exit

meter 4 create

exit

meter 5 create

exit

meter 7 multipoint create

exit

meter 8 multipoint create

exit

meter 9 multipoint create

exit

meter 12 multipoint create

exit

fc "af" create

meter 2

multicast-meter 12

exit

fc "ef" create

meter 4

multicast-meter 8

exit

fc "h2" create

exit

fc "l2" create

meter 3

multicast-meter 7

exit

fc "nc" create

meter 4

multicast-meter 8

exit

lsp-exp 1 fc l2

lsp-exp 3 fc af

lsp-exp 5 fc ef

lsp-exp 7 fc nc

exit

egress

fc af

exit

fc be

exit

fc ef

exit

fc h1

exit

fc h2

exit

fc l1

exit

fc l2

exit

fc nc

exit

The number of classification entries (TC) used is calculated, as follows:

(2 * 2)nc + (2 * 0)h1 + (2 * 1)ef + (2 * 0)h2 + (2 * 0)l1 + (2 * 1)af + (2 * 1)l2 + (0 * 0)be = 10

The numbers of meters (TP) used is 6 (meters 2, 3, 4, 7, 8, and 12).

6.3. Network QoS Policy in Access-uplink Mode

The network QoS policy consists of an ingress and egress component. For 7210 SAS-M and 7210 SAS-T devices operating in access-uplink mode, network policy is available for use. The ingress component of the policy defines how Dot1p bits are mapped to internal forwarding class and profile state (DSCP is not available for use). The forwarding class and profile state define the Per Hop Behavior (PHB) or the QoS treatment through the system.

The mapping on each access uplink port defaults to the mappings defined in the default network QoS policy until an explicit policy is defined for the access uplink ports. It also defines the rate-limiting parameters for the traffic mapped to each forwarding classes. Traffic mapped to each forwarding class can be rate limited using separate meters for each unicast and multipoint traffic.

The egress component of the network QoS policy provides an option to define either Dot1p bits and IP DSCP marking values or both associated with each forwarding class. By default, network QoS policy remarking is always disabled. If the egressing packet originated on an ingress SAP, the egress QoS policy also defines the Dot1p bit marking based on the forwarding class and the profile state. The default map of FC-Dot1p marking is as shown in default network QoS policy of type 'port', where in the policy-id is equal to 1. All non-default network QoS policies inherits the FC-Dot1p map.

Network policy-id 1 exists as the default policy and is applied to access uplink ports.The network policy-id 1 cannot be modified or deleted. It defines the default Dot1p-to-FC mapping and default meters for unicast and multipoint meters for the ingress. For the egress, it defines eight forwarding classes and the packet marking criteria.

New (non-default) network policy parameters can be modified. The no form of this command reverts the object to the default values.

Changes made to a policy are applied immediately to all ports where the policy is applied. For this reason, when a policy requires several changes, it is recommended that you copy the policy to a work area policy-id. The work-in-progress copy can be modified until all the changes are made and then the original policy-id can be overwritten with the config qos copy command.

For information about the tasks and commands necessary to access the command line interface and to configure and maintain your devices, refer to CLI Usage chapter in the 7210 SAS-M, T, R6, R12, Mxp, Sx, S Basic System Configuration Guide.

6.3.1. Basic Configurations

A basic network QoS policy must conform to the following:

Each network QoS policy must have a unique policy ID.
Specify the default-action.
Have a QoS policy scope of template or exclusive.

6.3.2. Configuring Network Policy for Access-uplink Mode

To create an network QoS policy when operating in access-uplink mode, define the following:

A network policy ID value. The system does not dynamically assign a value.
Include a description. The description provides a brief overview of policy features.
You can modify egress Dot1p and/or IP DSCP marking map. Otherwise, the default values are applied.
1. Remarking — When enabled, this command remarks ALL packets that egress on the specified network port. The remarking is based on the forwarding class to Dot1p bit and/or IP DSCP value mapping.
2. Forwarding class criteria — The forwarding class name represents an egress queue. Specify forwarding class criteria to define the marking criteria of packets flowing through it.
3. DSCP and Dot1p — The DSCP and Dot1p value to use for all packets requiring marking that egress on this forwarding class queue that are in or out of profile.
Ingress criteria — Specifies Dot1p to forwarding class mapping for all packets.
1. Default action — Defines the default action to be taken for packets that have an undefined DSCP or Dot1p bits set. The default-action specifies the forwarding class to which such packets are assigned.
2. DSCP and Dot1p — Creates a mapping between the DSCP and Dot1p bits of the access uplink port ingress traffic and the forwarding class. Ingress traffic that matches the specified DSCP and Dot1p bits will be assigned to the corresponding forwarding class.

The following commands associated a network QoS policy with the access-uplink port.

CLI Syntax:

config>port

ethernet

access

uplink

qos network-policy-id

Use the following syntax to create a network QoS policy for 7210 SAS-M and 7210 SAS-T in access uplink mode.

A:MTU>config>qos>network# info detail

----------------------------------------------

description "Default network-port QoS policy."

scope template

ingress

default-action fc be profile out

meter 1 create

mode trtcm1

adaptation-rule cir closest pir closest

rate cir 0 pir max

mbs default kbits

cbs default kbits

exit

meter 9 multipoint create

mode trtcm1

adaptation-rule cir closest pir closest

rate cir 0 pir max

mbs default kbits

cbs default kbits

exit

dot1p 0 fc be profile out

dot1p 1 fc l2 profile in

dot1p 2 fc af profile out

dot1p 3 fc af profile in

dot1p 4 fc h2 profile in

dot1p 5 fc ef profile in

dot1p 6 fc h1 profile in

dot1p 7 fc nc profile in

exit

egress

no remarking

fc af

dscp-in-profile af11

dscp-out-profile af12

no dot1p

dot1p-in-profile 3

dot1p-out-profile 2

no de-mark

exit

fc be

dscp-in-profile be

dscp-out-profile be

no dot1p

dot1p-in-profile 0

dot1p-out-profile 0

no de-mark

exit

fc ef

dscp-in-profile ef

dscp-out-profile ef

no dot1p

dot1p-in-profile 5

A:MTU>config>qos>network#

6.3.3. Default Network Policy Values Available in Access-uplink Mode

This following output sample is of a default network policy on 7210 SAS-M in access-uplink mode.

>config>qos>network# info detail

----------------------------------------------

description "Default network-port QoS policy."

scope template

ingress

default-action fc be profile out

meter 1 create

mode trtcm1

adaptation-rule cir closest pir closest

rate cir 0 pir max

mbs default kbits

cbs default kbits

exit

meter 9 multipoint create

mode trtcm1

adaptation-rule cir closest pir closest

rate cir 0 pir max

mbs default kbits

cbs default kbits

exit

dot1p 0 fc be profile out

dot1p 1 fc l2 profile in

dot1p 2 fc af profile out

dot1p 3 fc af profile in

dot1p 4 fc h2 profile in

dot1p 5 fc ef profile in

dot1p 6 fc h1 profile in

dot1p 7 fc nc profile in

exit

egress

no remarking

fc af

dscp-in-profile af11

dscp-out-profile af12

no dot1p

dot1p-in-profile 3

dot1p-out-profile 2

no de-mark

exit

fc be

dscp-in-profile be

dscp-out-profile be

no dot1p

dot1p-in-profile 0

dot1p-out-profile 0

no de-mark

exit

fc ef

dscp-in-profile ef

dscp-out-profile ef

no dot1p

dot1p-in-profile 5

A:MTU>config>qos>network#

This following output sample is of a default network port policy on 7210 SAS-T in access-uplink mode.

*7210SAST>config>qos>network# info detail

----------------------------------------------

description "Default network-port QoS policy."

scope template

ingress

default-action fc be profile out

meter 1 create

mode trtcm1

adaptation-rule cir closest pir closest

rate cir 0 pir max

mbs default kbits

cbs default kbits

exit

meter 9 multipoint create

mode trtcm1

adaptation-rule cir closest pir closest

rate cir 0 pir max

mbs default kbits

cbs default kbits

exit

dot1p 0 fc be profile out

dot1p 1 fc l2 profile in

dot1p 2 fc af profile out

dot1p 3 fc af profile in

dot1p 4 fc h2 profile in

dot1p 5 fc ef profile in

dot1p 6 fc h1 profile in

dot1p 7 fc nc profile in

exit

egress

no remarking

fc af

dscp-in-profile af11

dscp-out-profile af12

no dot1p

dot1p-in-profile 3

dot1p-out-profile 2

no de-mark

exit

fc be

dscp-in-profile be

dscp-out-profile be

no dot1p

dot1p-in-profile 0

dot1p-out-profile 0

no de-mark

exit

fc ef

dscp-in-profile ef

dscp-out-profile ef

no dot1p

dot1p-in-profile 5

dot1p-out-profile 5

no de-mark

exit

fc h1

dscp-in-profile nc1

dscp-out-profile nc1

no dot1p

dot1p-in-profile 6

dot1p-out-profile 6

no de-mark

exit

fc h2

dscp-in-profile af41

dscp-out-profile af41

no dot1p

dot1p-in-profile 4

dot1p-out-profile 4

no de-mark

exit

fc l1

dscp-in-profile af21

dscp-out-profile af22

no dot1p

dot1p-in-profile 3

dot1p-out-profile 2

no de-mark

exit

fc l2

dscp-in-profile cs1

dscp-out-profile cs1

no dot1p

dot1p-in-profile 1

dot1p-out-profile 1

no de-mark

exit

fc nc

dscp-in-profile nc2

dscp-out-profile nc2

no dot1p

dot1p-in-profile 7

dot1p-out-profile 7

no de-mark

exit

----------------------------------------------

6.4. DSCP Marking Self-Generated (CPU) Traffic

DSCP marking for CPU generated traffic is not configurable by the user, except on the 7210 SAS-Mxp (see QoS for Self-Generated (CPU) Traffic on Network Interfaces for the 7210 SAS-Mxp). The default values are listed in Table 42.

Note:

Protocols such as BGP, RSVP, TLDP, OSPF, and IS-IS are not supported on 7210 SAS platforms operating in access-uplink mode.

Table 42: DSCP and Dot1p Marking

Protocol	IPv4	DSCP Marking	Dot1P Marking	Default FC	DSCP Values (Decimal)	Dot1P Values
OSPF	Yes	Yes	Yes	NC	48	7
ISIS	Yes	No	Yes	NC	-	7
TLDP	Yes	Yes	Yes	NC	48	7
RSVP	Yes	Yes	Yes	NC	48	7
SNMP	Yes	Yes	Yes	H2	34	4
NTP	Yes	Yes	Yes	NC	48	7
TELNET	Yes	Yes	Yes	H2	34	4
FTP	Yes	Yes	Yes	H2	34	4
TFTP	Yes	Yes	Yes	H2	34	4
SYSLOG	Yes	Yes	Yes	H2	34	4
TACACS	Yes	Yes	Yes	H2	34	4
RADIUS	Yes	Yes	Yes	H2	34	4
SSH	Yes	Yes	Yes	H2	34	4
ICMP Req	Yes	Yes	Yes	NC	0	7
ICMP Res	Yes	Yes	Yes	NC	0	7
ICMP Unreach	Yes	Yes	Yes	NC	0	7
SCP	Yes	Yes	Yes	H2	34	4
PIM (SSM)	Yes	Yes	Yes	NC
STP	NA	NA	Yes	NC	-	7
CFM	NA	NA	Yes	NC	-	7
ARP	NA	NA	Yes	NC	-	7
Trace route	Yes	Yes	Yes	NC	0	7
TACPLUS	Yes	Yes	Yes	H2	34	4
IGMP	Yes	Yes	Yes	NC	48	7
DNS	Yes	Yes	Yes	H2	34	4
BGP	Yes	Yes	Yes	NC	48	7
PTP	Yes	Yes	Yes	H2	48	7

Note:

For PTP messages, based on the type of the message (event versus non-event), the DSCP value used is either 0x30 (h1) or 0x38 (nc), and the dot1p value is always 7.
DSCP and dot1P values in the table are applicable when remarking is disabled at the port level.

6.4.1. QoS for Self-Generated (CPU) Traffic on Network Interfaces for the 7210 SAS-Mxp

Differentiated services code point (DSCP), forwarding class (FC), and IEEE 802.1p values can be specified for use by protocol packets generated by the node. This enables prioritization or deprioritization of supported protocols (as required).

DSCP marking for internally generated control and management traffic should be used for a specified application. This can be configured per routing instance. For example, OSPF packets can carry a different DSCP marking for the base instance than for a VPRN service. ARP and IS-IS are not IP protocols, so only 802.1p values can be configured.

The DSCP value can be set per application. When an application is configured to use a specified DSCP value and an FC, the 802.1p and MPLS EXP bits are marked in accordance with the network (default 802.1p value of 7) or access (default 802.1p value of 0) egress policy as it applies to the logical interface the packet will be egressing.

Configuring self-generated QoS is supported in the base router and VPRN service contexts.

The default values for self-generated traffic on network interfaces are:

Routing protocols (for example, OSPF and BGP)
1. Forwarding class: Network Control (NC)
2. DSCP value: NC1 (not applicable for ARP and IS-IS)
3. 802.1p value: according to the egress QoS policy (7 by default)
Management protocols (for example, SSH and SNMP)
1. Forwarding class: Network Control (NC)
2. DSCP value: AF41
3. 802.1p value: according to the egress QoS policy (7 by default)

Note:

ICMP echo requests (type 8) and ICMPv6 echo requests (type 128) initiated from the router use the DSCP value that is specified in the sgt-qos command. The FC value is NC by default, or the value that is specified in the ping command parameter fc fc-name.
Configurable values for BFD are not supported.
On access SAP egress and access port egress, when remarking is not enabled, the dot1p value for all IP packets generated by the node is set to zero. To enable dot1p marking, remarking must be enabled.

6.4.2. Default DSCP Mapping Table

Table 43 lists the DSCP mapping between DSCP name and DSCP values (decimal, hexadecimal, and binary) and label.

Table 43: Default DSCP Mapping Table

DSCP Name	DSCP Value Decimal	DSCP Value Hexadecimal	DSCP Value Binary	Label
Default	0	0x00	0b000000	be
nc1	48	0x30	0b110000	h1
nc2	56	0x38	0b111000	nc
ef	46	0x2e	0b101110	ef
af11	10	0x0a	0b001010	assured
af12	12	0x0c	0b001100	assured
af13	14	0x0e	0b001110	assured
af21	18	0x12	0b010010	l1
af22	20	0x14	0b010100	l1
af23	22	0x16	0b010110	l1
af31	26	0x1a	0b011010	l1
af32	28	0x1c	0b011100	l1
af33	30	0x1d	0b011110	l1
af41	34	0x22	0b100010	h2
af42	36	0x24	0b100100	h2
af43	38	0x26	0b100110	h2
default 1	0

Note:

The default forwarding class mapping is used for all DSCP names/values for which there is no explicit forwarding class mapping.

6.5. Service Management Tasks

6.5.1. Deleting QoS Policies

A network policy is associated by default with IP interfaces and network ports for devices operating in network mode. A network policy is associated by default with access uplink ports for devices in access uplink mode.

You can replace the default policy with a non-default policy, but you cannot remove default policies from the configuration. When you remove a non-default policy, the policy association reverts to the appropriate default network policy.

6.5.2. Remove a Policy from the QoS Configuration

Use the following syntax to delete a network policy.

CLI Syntax:

config>qos# no network network-policy-id

6.5.3. Copying and Overwriting Network Policies

You can copy an existing network policy to a new policy ID value or overwrite an existing policy ID. The overwrite option must be specified or an error occurs if the destination policy ID exists.

CLI Syntax:

config>qos# copy network source-policy-id dest-policy-id [overwrite]

The following is a sample of the copied policies output.

A:ALA-12>config>qos# info detail

---------------------------------------------

...

network 1 create

description "Default network QoS policy."

scope template

ingress

default-action fc be profile out

...

network 600 create

description "Default network QoS policy."

scope template

ingress

default-action fc be profile out

...

network 700 create

description "Default network QoS policy."

scope template

ingress

default-action fc be profile out

...

---------------------------------------------

A:ALA-12>config>qos#

6.5.4. Editing QoS Policies

You can change existing policies, except the default policies, and entries in the CLI. The changes are applied immediately to all network ports or IP interfaces or access uplink ports where the policy is applied. To prevent configuration errors use the copy command to make a duplicate of the original policy to a work area, make the edits, and then overwrite the original policy. The number of meters (TP) used are: 5 (Meters 1, 2, 3, 9, 12).