Page History

Allows automatic prioritization management of data flows on the device.

The devices use the "Weighted Fair Queuing" policy (even if a queue with higher priority is not empty packets from other queues will be processed in a distinct sequence relative to a higher priority queue. For example, 4 packets from queue with priority 1, 2 packet from the queue with priority 2, 8 packets from queue priority 1,1 packet from the queue with priority 3).

• "rtp" – enables/disables automatic prioritization of real time packetslabeled with DiffServ.
• "tcpackdot1p" – enables/disables automatic prioritization of TCP ACK (acknowledgments) packets."icmp packets labeled with IEEE 802.1p priority.
• "tos" – enables/disables automatic prioritization of ICMP (Internet Control Message Protocol) packets packets labeled with TOS.
• "strict" – applies the "Strict Priority" policy to all queues (packets from a queue with lower priority are not processed before a queue with higher priority is not empty). By default "Weighted Fair Queuing" policy is used (even if a queue with higher priority is not empty packets from other queues will be processed in a distinct sequence relative to a higher priority queue. For example, 4 packets from queue with priority 1, 2 packet from the queue with priority 2, 8 packets from queue priority 1,1 packet from the queue with priority 3)dscp" – enables/disables automatic prioritization of packets labeled with DiffServ.
• "tcpack" – enables/disables automatic prioritization of TCP ACK (acknowledgments) packets.
• "icmp" – enables/disables automatic prioritization of ICMP (Internet Control Message Protocol) packets.
• "tunnel" – enables/disables automatic packet prioritization for a tunnel traffic.
• "pppoe" – enables/disables automatic packet prioritization for a PPPoE tunnel traffic.
• "mpls" – enables/disables automatic prioritization of packets labeled with MPLS.
• [no]selfqos – enables/disables applying priorities to traffic destined for the device itself.
  
• [no]auto – enables/disables automatic prioritization of all packets.
  
• [no]ipfw – enables/disables traffic processing by IP Firewall and automatic prioritization.
  

A compliance scheme of MINT and IEEE 802.1p/TOS/DSCP priorities is shown below:

For example, the unit is configured to automatically prioritize packets labeled with IEEE 802.1p priority. The node receives packets labeled with IEEE 802.1p priority "5" and assign them "VOICE" priority. In accordance with the priorities scheme, these packets will be processed before packets with other priorities. 

Defines a logical channel "N" with properties specified by one or more options.

• "chN" – channel number from 1 to 200.
• "max=N[%]|0" – sets maximum data rate for the channel in Kbps. Value range: from 10 to 100000. It is also possible to set it in percent of the parent class’ total bandwidth. The "0" value cancels any speed limitation for the channel.
• "ceil=N[%]|0" – determines how much of the total bandwidth of the parent class can be used by the channel when the class’ bandwidth is not used entirely. Measured either in kilobits per second or percent of the parents class’ total bandwidth. The "0" value disables the parameter.
• "ceilprio=N|0" – sets priority for the channel that is used when interface bandwidth can be used by several channels. Value range: from 1 to 10. The "0" value disables the parameter.
• "latency=N|0" – determines the maximum time for packets to stay in the channel. If a packet is waiting in a queue of the channel more than this time then it is discarded. Measured in milliseconds. The "0" value disables the parameter. The required parameters can be assigned at the output from the MINT network, if necessary.
• "[add]pri=[N]" – increase the priority level of the packet to the specified value only if the new priority is higher than initial.

• "setpri=[N]" – sets priority level of the specified channel no matter what priority it had before.

• "[no]strict" – applies the "Strict Priority" policy to all queues (packets from a queue with lower priority are not processed before a queue with higher priority is not empty). By default "Weighted Fair Queuing" policy is used (even if a queue with higher priority is not empty packets from other queues will be processed in a distinct sequence relative to a higher priority queue. For example, 4 packets from queue with priority 1,1 packet from the queue with priority 2, 8 packets from queue priority 1,1 packet from the queue with priority 3).

• "pps=N|0" – sets the limit for the packets per second for the specified channel. The "0" value disables the parameter.
• "to=ADDR" – redirects the whole stream to the specified IP-address irrespectively of the present routing conditions. The specified address shall be directly attainable through one of the router interfaces (without additional routing). This may be useful when the router serves as a network access unit, and two or more different clients want to access different providers through one unit.
• "vlan=[N|-1]" – sets VLAN ID (value range: 0-4095). The "-1" value removes the argument.
• "dot1p=[N|-1]" – prioritization of packets labeled IEEE 802.1p (valid values are from 0 to 7). The "-1" value removes the argument.
• "dscp=[N|-1]" – prioritization ofDSCP (valid values are from 0 to 63). The "-1" value removes the argument.
• "classN" – assigns service class "N" to the channel. This additional parameter relates to the above defined data rate limitation, making it flexible: when the total bandwidth of this service class is not fully used, the extra bandwidth may be granted to such channel, thus exceeding its predefined data rate limit, up to full load of the class. When, there are several such channels competing for extra bandwidth, it is equally divided between them.

• "info="STRING" – allows user to set up a string description for the QoS channel.
• "clear" – removes current configuration of channel.

Each channel can be assigned a priority (0…16). Once assigned, a priority will be automatically recognized by every node inside MINT network.

Packets that have no priority are labeled as "REGULAR Best Effort=15" and processed accordingly.

Packets classification can also be performed using "pcap" rules.

Displays statistics of the specific channel (only for channels with specified rate limitation):

• "full" – allows viewing enhanced statistics.
• "clear" – resets statistics.

qm ch1 max=128 cur=127 packets=12345 (1234) bytes=1234567 (12345)

Allows to add an ingress/egress packet to / from the device that satisfies the channel "N" rule.

• "add" - processing of ingress packets to the device.
• "out" – processing of egresspackets from the device.
• "num" – the sequence number in the list of rules (optional parameter).
• "IFNAME" – an interface name through which packets enter\leave the device (optional parameter).

The rules syntax fully corresponds to the syntax of the "ipfw" command (see "ipfw command (IP Firewall)" section).

• "setpri=[N]" – sets priority level of the packet no matter what priority it had before.
• "addpri=[N]" – increase the priority level of the packet to the specified value only if the new priority is higher than initial.
• "pass" – allows to "skip" the rule, perform related activities and continue browsing other rules in the list.
• "log" – includes filter action records in the system log (optional parameter).
• "vlan=" – allows to analyze VLAN ID (values range 0-4095):
  • "N" – the filter will pass tagged packets with the specified tag "N".
  • "any" – the filter will pass all tagged packets with any VLAN ID.
  • "$ACL" – the filter will pass tagged packets with the VLAN tags, listed as "$ACL" (description of the ACL lists see in section «Access Control Lists («acl» command)).
• "dot1p=N" – allows to analyze 802.1p priority (values range 0-7).
• "swg=N" – allows to analyze a switching group number.
• "ether={X|any}" – allows to analyze a packet type. If option "any" is enabled, the filter will pass packets of all types.
• "dscp=N" – allows to analyze the DSCP tag (values range 0-63).
• "tos=N" – allows to analyze the TOS tag.
• "prf" – enables filtration of PRF interface generated traffic.
• "-f "pcap filter expression" – allows to use PCAP-filters.

Specify a direction of transmission from and / or to:

• "from" – source IP-address.
• "to" – destination IP-address.
• "not" – negative prefix, can be used after "from" and "to" keywords, it will be applied to the specified IP-address only, not for ports.
• "ADDR" – source or destination IP-address. The syntax depends on the "proto" field. If "proto" specified as "all" or "icmp", than "ADDR" defines an address information. If "proto" specified as "udp" or "tcp", than "ADDR" defines an address information and an optional list of ports. An address information is specified as IP-address and optional subnet mask. A subnet mask can be specified as prefix or as a numeric value (nnn.nnn.nnn.nnn). 

Possible options:

nn.nn.nn.nn
nn.nn.nn.nn:xxx.xxx.xxx.xxx
nn.nn.nn.nn/NN

The "0/0" record includes all possible IP-addresses.

It is possible to group all the necessary addresses into the appropriate access list and set the name of this list as an IP-address ($ACLRULE). There are several predefined dynamic lists:

• "$LOCAL" – a list that includes all the local addresses belonging to this router. It can be used to make easier filters records that restrict / allow access to the device.

• "$ROUTE" – a list that contains the current system routing table, except for the "default route". Matching the address from this list means that there is an exact route for this address and the default route will not be used.

• "$ACL" – a list of IP-addresses or networks, to which this rule will be applied.
• "mac x:x:x:x:x:x" – for interfaces which have physical ethernet MAC-address, the numeric MAC-address value with the "mac" keyword as a prefix can be used. However, for incoming filters, you can specify only the source MAC-address, and for outgoing ones only the destination MAC-address. The "$BS" keyword can be used, in this case the real MAC-address of the base station sector will be used.