summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/ch10-qos.rst112
1 files changed, 36 insertions, 76 deletions
diff --git a/docs/ch10-qos.rst b/docs/ch10-qos.rst
index 36c136ab..e6346f41 100644
--- a/docs/ch10-qos.rst
+++ b/docs/ch10-qos.rst
@@ -14,13 +14,16 @@ nodes for the following shaping/queueing/policing disciplines:
* TBF
* DRR
+Configuration nodes
+-------------------
+
VyOS QoS configuration is done in two steps. The first one consists in setting
up your classes/queues and traffic filters to distribute traffic amongst them.
The second step is to apply such traffic policy to an interface ingress or
egress.
Creating a traffic policy
--------------------------
+^^^^^^^^^^^^^^^^^^^^^^^^^
Such configuration takes place under the `traffic-policy` tree.
@@ -40,7 +43,7 @@ Available subtrees :
set traffic-policy shaper-hfsc NAME
Apply traffic policy to an interface
-------------------------------------
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Once a traffic-policy is created, you can apply it to an interface :
@@ -124,7 +127,7 @@ Available commands:
:code:`set traffic-policy limiter <policy-name> description <description>`
Traffic classes
-^^^^^^^^^^^^^^^
+***************
* Define a traffic class for a limiter policy, range for class ID is 1...4095:
@@ -162,7 +165,7 @@ Traffic classes
* gb (gigabytes)
Default class
-^^^^^^^^^^^^^
+#############
* Define a default class for a limiter policy that applies to traffic not
matching any other classes for this policy:
@@ -200,7 +203,7 @@ Default class
:code:`set traffic-policy limiter <policy name> default priority <priority>`
Matching rules
-^^^^^^^^^^^^^^
+**************
* Define a traffic class matching rule:
@@ -411,7 +414,8 @@ Traffic classes
:code:`set traffic-policy priority-queue <policy name> class <class ID>
queue-type <type>`
-**Default class**
+Default class
+#############
* Define a default priority queue:
@@ -431,7 +435,7 @@ Traffic classes
:code:`set traffic-policy priority-queue <policy name> default queue-type <type>`
Matching rules
-^^^^^^^^^^^^^^
+**************
* Define a class matching rule:
@@ -851,7 +855,7 @@ Matching rules
<match name> ipv6 protocol <proto>`
Traffic shaper
---------------
+^^^^^^^^^^^^^^
The shaper policy uses the Hierarchical Token Bucket algorithm to allocate
different amounts of bandwidth to different traffic classes. In contrast to
@@ -884,7 +888,7 @@ Avialable commands:
* gbps (gigabytes per second)
Traffic classes
-^^^^^^^^^^^^^^^
+***************
* Define a traffic class for a shaper policy, range for class ID is 2...4095:
@@ -995,7 +999,7 @@ Traffic classes
+---------+------------+--------+------------------------------+
Matching rules
-^^^^^^^^^^^^^^
+**************
* Define a class matching rule:
@@ -1092,7 +1096,12 @@ Matching rules
<match name> ipv6 protocol <proto>`
shaper-hfsc (HFSC_ + sfq)
--------------------------
+^^^^^^^^^^^^^^^^^^^^^^^^^
+
+TBD
+
+Ingress shaping
+---------------
The case of ingress shaping. Only a **limiter** policy can be applied directly
for ingress traffic on an interface. It is possible though to use what is
@@ -1167,13 +1176,13 @@ ether
edit traffic-policy shaper SHAPER class 30 match MATCH ether
destination
-***********
+###########
protocol
-********
+########
source
-******
+######
interface
*********
@@ -1189,7 +1198,7 @@ ip
edit traffic-policy shaper SHAPER class 30 match MATCH ip
destination
-***********
+###########
.. code-block:: sh
@@ -1197,14 +1206,14 @@ destination
set destination port U32-PORT
dscp
-****
+####
.. code-block:: sh
set dscp DSCPVALUE
max-length
-**********
+##########
.. code-block:: sh
@@ -1213,13 +1222,14 @@ max-length
Will match ipv4 packets with a total length lesser than set value.
protocol
-********
+########
+
.. code-block:: sh
set protocol <IP PROTOCOL>
source
-******
+######
.. code-block:: sh
@@ -1227,7 +1237,7 @@ source
set source port U32-PORT
tcp
-***
+###
**NOTE:** you must set ip protocol to TCP to use the TCP filters.
**NOTE#2**: This filter will only match packets with an IPv4 header length of
@@ -1253,7 +1263,7 @@ ipv6
edit traffic-policy shaper SHAPER class 30 match MATCH ipv6
destination
-***********
+###########
.. code-block:: sh
@@ -1261,14 +1271,14 @@ destination
set destination port U32-PORT
dscp
-****
+####
.. code-block:: sh
set dscp DSCPVALUE
max-length
-**********
+##########
.. code-block:: sh
@@ -1277,14 +1287,14 @@ max-length
Will match ipv6 packets with a payload length lesser than set value.
protocol
-********
+########
.. code-block:: sh
set protocol IPPROTOCOL
source
-******
+######
.. code-block:: sh
@@ -1292,7 +1302,7 @@ source
set source port U32-PORT
tcp
-***
+###
**NOTE**: you must set ipv6 protocol to TCP to use the TCP filters.
**NOTE#2**: This filter will only match IPv6 packets with no header extension
@@ -1324,61 +1334,11 @@ vif
set traffic-policy shaper SHAPER class 30 match MATCH vif **vlan-tag**
-
-
-Examples:
----------
-
-One common use of traffic policy is to limit bandwidth for an interface. In
-the example below we limit bandwidth for our LAN connection to 200 Mbit
-download and out WAN connection to 50 Mbit upload:
-
-.. code-block:: sh
-
- set traffic-policy shaper WAN-OUT bandwidth '50Mbit'
- set traffic-policy shaper WAN-OUT default bandwidth '50%'
- set traffic-policy shaper WAN-OUT default ceiling '100%'
- set traffic-policy shaper WAN-OUT default queue-type 'fair-queue'
-
- set traffic-policy shaper LAN-OUT bandwidth '200Mbit'
- set traffic-policy shaper LAN-OUT default bandwidth '50%'
- set traffic-policy shaper LAN-OUT default ceiling '100%'
- set traffic-policy shaper LAN-OUT default queue-type 'fair-queue'
-
-Resulting in the following configuration:
-
-.. code-block:: sh
-
- traffic-policy {
- shaper WAN-OUT {
- bandwidth 50Mbit
- default {
- bandwidth 50%
- ceiling 100%
- queue-type fair-queue
- }
- }
- shaper LAN-OUT {
- bandwidth 200Mbit
- default {
- bandwidth 50%
- ceiling 100%
- queue-type fair-queue
- }
- }
- }
-
-Once defined, a traffic policy can be applied to each interface using the
-interface-level `traffic-policy` directive:
-
.. code-block:: sh
set interfaces ethernet eth0 traffic-policy out 'WAN-OUT'
set interfaces ethernet eth1 traffic-policy out 'LAN-OUT'
-Note that a traffic policy can also be defined to match specific traffic flows
-using class statements.
-
.. _tc: http://en.wikipedia.org/wiki/Tc_(Linux)
.. _RFC791: https://tools.ietf.org/html/rfc791
.. _TBF: https://en.wikipedia.org/wiki/Token_bucket