diff options
| author | fett0 <fernando.gmaidana@gmail.com> | 2024-06-12 17:30:56 -0300 | 
|---|---|---|
| committer | Mergify <37929162+mergify[bot]@users.noreply.github.com> | 2024-06-13 05:20:23 +0000 | 
| commit | dacd5ca4750d4a104abe5942a9d33f96bc1ec029 (patch) | |
| tree | 6c37af7d92ab4d6c691f65bae79aae732966a578 | |
| parent | b09dc4e30f81865877702b4194043273864c68ca (diff) | |
| download | vyos-documentation-dacd5ca4750d4a104abe5942a9d33f96bc1ec029.tar.gz vyos-documentation-dacd5ca4750d4a104abe5942a9d33f96bc1ec029.zip | |
T5307: Add doc for traffic match groups
(cherry picked from commit 4f71374b273cb0b0f2f181563134324f1d7e57fc)
| -rw-r--r-- | docs/configuration/trafficpolicy/index.rst | 50 | 
1 files changed, 50 insertions, 0 deletions
| diff --git a/docs/configuration/trafficpolicy/index.rst b/docs/configuration/trafficpolicy/index.rst index d435267d..3fb9a9bc 100644 --- a/docs/configuration/trafficpolicy/index.rst +++ b/docs/configuration/trafficpolicy/index.rst @@ -212,6 +212,56 @@ You can also write a description for a filter:  .. note:: IPv6 TCP filters will only match IPv6 packets with no header     extension, see https://en.wikipedia.org/wiki/IPv6_packet#Extension_headers +Traffic Match Group  +------------------- +In some case where we need to have an organization of our matching selection,  +in order to be more flexible and organize with our filter definition. We can  +apply traffic match groups, allowing us to create distinct filter groups within  +our policy and define various parameters for each group: + +.. code-block:: none + +  set qos traffic-match-group <group_name> match <match_name>  +  Possible completions: +     description          Description +   > ip                   Match IP protocol header +   > ipv6                 Match IPv6 protocol header +     mark                 Match on mark applied by firewall +     vif                  Virtual Local Area Network (VLAN) ID for this match + +inherit matches from another group + +.. code-block:: none + +  set qos traffic-match-group <group_name> match-group <match_group_name>  + +A match group can contain multiple criteria and inherit them in the same policy. + +For example: + +.. code-block:: none + +  set qos traffic-match-group Mission-Critical match AF31 ip dscp 'AF31' +  set qos traffic-match-group Mission-Critical match AF32 ip dscp 'AF42' +  set qos traffic-match-group Mission-Critical match CS3 ip dscp 'CS3' +  set qos traffic-match-group Streaming-Video match AF11 ip dscp 'AF11' +  set qos traffic-match-group Streaming-Video match AF41 ip dscp 'AF41' +  set qos traffic-match-group Streaming-Video match AF43 ip dscp 'AF43' +  set qos policy shaper VyOS-HTB class 10 bandwidth '30%' +  set qos policy shaper VyOS-HTB class 10 description 'Multimedia' +  set qos policy shaper VyOS-HTB class 10 match CS4 ip dscp 'CS4' +  set qos policy shaper VyOS-HTB class 10 match-group 'Streaming-Video' +  set qos policy shaper VyOS-HTB class 10 priority '1' +  set qos policy shaper VyOS-HTB class 10 queue-type 'fair-queue' +  set qos policy shaper VyOS-HTB class 20 description 'MC' +  set qos policy shaper VyOS-HTB class 20 match-group 'Mission-Critical' +  set qos policy shaper VyOS-HTB class 20 priority '2' +  set qos policy shaper VyOS-HTB class 20 queue-type 'fair-queue' +  set qos policy shaper VyOS-HTB default bandwidth '20%' +  set qos policy shaper VyOS-HTB default queue-type 'fq-codel' + +In this example, we can observe that different DSCP criteria are defined based  +on our QoS configuration within the same policy group.  Default  ------- | 
