In the classifier-based configuration model, the service policy you create for one or more traffic classes is always relative to a software feature, such as QoS, port and VLAN mirroring, or PBR. The software feature must support class and policy configuration. Each feature supports different actions for managing selected packets.
|
|
NOTE: Policy Based Routing (PBR) is available on the 3800 Series switch and the 5400/8200 series switch which all have v2 or higher modules. Any v1 modules will prevent PBR from functioning. PBR is not available on the 3500, 3500yl, 6200yl, nor 6600 Series switches. |
|
|
For example, QoS policies support QoS-specific actions, such as rate limiting, 802.1p-priority, IP-precedence, and DSCP-codepoint assignment. Port and VLAN mirroring policies support mirror-destination assignment for matching packets. PBR policies support specifying the IP next-hop and IP default next-hop, tunnel ID, or null for matching packets.
-
To create a service policy that performs feature-specific actions on selected packets, enter the
policy
command from the global configuration context.feature-name
Syntax:
Defines the name of a service policy and enters the policy configuration context, where
policy-name
is a text string (64 characters maximum).A traffic policy consists of one or more actions that are configured for each class of traffic. The configured actions are executed on packets that match a
match
statement in a class. No policy action is performed on packets that match anignore
statement. You can configure multiple classes in a policy. -
To configure the actions that you want to execute on packets that match the
match
criteria in a specified class, enter one or moreclass action
commands from the policy configuration context.Syntax:
Defines the actions to be applied on a pre-configured IPv4 or IPv6 traffic class when a packet matches the
match
criteria in the class.You can enter multiple class-action statements for the same class. The actions supported for a class command differ according to the feature-specific policy (for example, QoS or mirroring) configured with the
command in Step 1.policy
NOTE: You can configure multiple class-action statements to include different classes in a policy. The execution of actions is performed in the order in which the class-actions are numerically listed.
The
action
keyword configures the action specified by theaction-name
parameter. The action is executed on any packet that matches thematch
criteria in the class. The action is not executed on packets that matchignore
criteria. You can configure more than one action for a class. The completeno
form of theclass action
command or theno
command removes an action from the policy configuration.seq-number
Be sure to enter a class and its associated actions in the precise order in which you want packets to be checked and handled by
class action
commands. -
(Optional) To configure adefault class, enter the
default-class
command and specify one or more actions to be executed on packets that are not matched and not ignored.Syntax:
Configures a default class to be used to execute one or more actions on packets that are not matched nor ignored in any of the class configurations in a policy. The
default-class action
command supports only the feature-specific commands supported in theclass action
command.The default class manages packets that do not match the
match
orignore
criteria in all classes in a policy, and otherwise would have no actions performed on them.The default class differs from other classes because it contains no match/ignore statements and uses implicit
match ipv4 any any
andmatch ipv6 any any
statements to manage all unmatched packets. If you do not configure a default class, unmatched and ignored packets are transmitted without an action performed on them. -
Enter the
exit
command to exit the policy configuration context.
To display a policy configuration, enter the
show policy
command wherepolicy-name
feature-name
feature-name
is a software feature (such asqos
,mirror
, orpbr
) that supports classifier-based configuration.To edit a policy configuration, re-enter the policy context (
policy
command) and modify class-action statements.To resequence the order in which class-action statements are listed, enter the
resequence
command.
A policy configuration
In the following QoS policy configuration, matching HTTP packets are rate limited to 10000 kbps. All unmatched packets are managed by the default class, which assigns a slightly higher 802.1p priority (4) and a new DSCP codepoint (5).
HP Switch(config)#: class ipv4 http HP Switch(config-class)#: match tcp any any eq 80 HP Switch(config-class)#: match tcp any any eq 8080 HP Switch(config-class)#: exit HP Switch(config)#: policy qos RateLimitPrioritizeSuspectTraffic HP Switch(policy-qos)#: class ipv4 http action rate-limit kbps 10000 HP Switch(policy-qos)#: default-class action priority 4 action dscp 5 HP Switch(policy-qos)#: exit
A policy configuration requires a feature-specific policy
command to identify the software feature used to manage one or more traffic classes: