HP-UX IPQoS A.01.00 Administrator’s Guide HP-UX 11i v1 and HP-UX 11i v2 (September 2004 or later) Manufacturing Part Number: 5991-0736 October 2005 Printed in the US © Copyright 2005 Hewlett-Packard Development Company, L.P.
Legal Notices The information in this document is subject to change without notice. Hewlett-Packard makes no warranty of any kind with regard to this manual, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. Hewlett-Packard shall not be held liable for errors contained herein or direct, indirect, special, incidental or consequential damages in connection with the furnishing, performance, or use of this material.
Contents 1. Introduction Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Benefits of HP-UX IPQoS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DiffServ Mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents 4. HP-UX IPQoS Configuration Files Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Configuration File Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Syntax Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Creating an HP-UX IPQoS Configuration File . . . . . . . . . . . . . . . . . . . . . . . .
Contents Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Example 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Example 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contents Example 2: Trusted Applications and DSCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 Example 3: Packets Can Match Multiple Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 Example 4: Limit ftp Bandwidth. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 C. ipqosadmin Quick Reference ipqosadmin Usage Syntax Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Tables Table 1. Publishing History Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12 Table 2. HP-UX 11i Releases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14 Table 3. HP-UX IPQoS - Relevant RFCs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15 Table 3-1. HP-UX IPQoS Operating States . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50 Table 4-1. Supported Transport Protocol Numbers . .
Tables 8
Figures Figure 1-1. Traffic Classification and Conditioning Flow in HP-UX IPQoS. . . . . . . .22 Figure 1-2. Architectural Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Figures 10
About This Document This document describes how to install, configure, administer, and troubleshoot HP-UX IPQoS. The document printing date and part number indicate the document’s current edition. The printing date will change when a new edition is printed. Minor changes may be made at reprint without changing the printing date. The document part number will change when extensive changes are made. Document updates may be issued between editions to correct errors or document product changes.
Publishing History Table 1 Publishing History Details Document Manufacturing Part Number 5991-0736 Title HP-UX IPQoS A.01.00 Administrator’s Guide Operating Systems Supported HP-UX 11i v1 HP-UX 11i v2 (September 2004 or later) Publication Date October 2005 What Is in This Document HP-UX IPQoS A.01.00 Administrator’s Guide is divided into several chapters, and each contains information about installing, configuring, managing, or troubleshooting HP-UX IPQoS.
Glossary Glossary Use the glossary to obtain definitions for commonly used terms related to HP-UX IPQoS. Typographic Conventions This document uses the following conventions. audit (5) An HP-UX manpage. In this example, audit is the name and 5 is the section in the HP-UX Reference. On the web and on the Instant Information CD, it may be a hot link to the manpage itself. From the HP-UX command line, you can enter “man audit” or “man 5 audit” to view the manpage. Book Title The title of a book.
HP-UX Release Name and Release Identifier Each HP-UX 11i release has an associated release name and release identifier. The uname (1) command with the -r option returns the release identifier. This table shows the releases available for HP-UX 11i. Table 2 Release Identifier HP-UX 11i Releases Supported Processor Architecture Release Name B.11.23 HP-UX 11i v2 Intel Itanium and PA-RISC B.11.22 HP-UX 11i v1.6 Intel Itanium B.11.
Related RFCs The following table lists RFCs associated with HP-UX IPQoS. The Internet Engineering Task Force (IETF) RFCs listed below are available at: http://www.ietf.org/rfc.
HP Welcomes Your Comments HP encourages your feedback about this document and is committed to providing documentation that meets your needs. Send comments to: netinfo_feedback@cup.hp.com Include the document title, manufacturing part number, and any comment, error found, or suggestion for improvement you have concerning this document. Also, please include what we did right so we can incorporate it into other documents.
1 Introduction This chapter introduces and describes HP-UX IPQoS functionality. It provides a brief overview of the DiffServ model HP-UX IPQoS uses to accomplish Quality of Service (QoS).
Introduction • “Overview” on page 19 • “HP-UX IPQoS Features” on page 25 • “HP-UX IPQoS Architecture” on page 27 • “Planning for HP-UX IPQoS Deployment” on page 29 18 Chapter 1
Introduction Overview Overview Given current technology trends, it is increasingly important to have a means available to deal with network traffic issues. HP-UX IPQoS helps businesses meet an increasing demand for the ability to control networking throughput, and to ensure network resources are optimally managed. To support specific business requirements, the Internet Engineering Task Force (IETF) acknowledged the need for a method of providing differentiated classes of service for Internet traffic.
Introduction Overview • Over the last several years there have been unprecedented increases in network traffic. In part, this is due to the explosive increases in Internet usage. It is also partly a result of the tremendous increase in multimedia and wireless applications (applications extremely susceptible to limits in bandwidth and network capacity). • Traditional uses of the network now compete with mission critical applications.
Introduction Overview Traffic Classification Traffic classification filters packets in a traffic stream into distinct classes (groups) based on the content of parts of the packet header. In the classification process, IP packets are matched against selectors of each filter to determine if the packet belongs in that filter class. Traffic classifiers separate and steer traffic classes to traffic conditioners for further processing. Two types of classifiers are defined in the DiffServ model.
Introduction Overview routers, and VLAN priority markings for VLAN-aware switches. You must assign DS and VLAN priority marking values in accordance with your forwarding scheme. In HP-UX IPQoS, both DS fields and VLAN tags can be marked. Policing Policing (dropping) may drop some packets to bring a traffic stream into compliance with a traffic profile specified via policies. Policing is a subset of shaping.
Introduction Overview — The classifier selects a packet in a traffic stream based the content of a part of the packet header. In HP-UX IPQoS, classification is based on filter attributes specified in the active HP-UX IPQoS configuration. — The meter checks compliance to a defined traffic profile and passes results to shaper/policer to trigger appropriate actions for in- and out-of-profile packets. In HP-UX IPQoS, metering is based on policy attributes specified in the active HP-UX IPQoS configuration.
Introduction Overview Router and Host Behaviors with DSCP Marking An IP QoS-capable system, such as an HP-UX IPQoS host, marks the field with a DSCP value. A DS-aware router then applies the appropriate forwarding behavior associated with the DSCP value to the packet. The DSCP is used for prioritizing transmission bandwidth. For example, when a router becomes congested, it uses the DSCP values of queued packets to decide which ones to drop, if necessary.
Introduction HP-UX IPQoS Features HP-UX IPQoS Features HP-UX IPQoS A.01.00 provides the following features: • Conforms to the IETF DiffServ model HP-UX IPQoS brings an HP-UX host into conformance to the IETF DiffServ model. HP-UX IPQoS cooperates with QoS policies and policy management as configured in edge and core routers, and which can also be configured in the switching infrastructure. — Provides differentiated classes of service on outbound traffic by performing traffic conditioning actions.
Introduction HP-UX IPQoS Features HP-UX IPQoS provides provisioned QoS only. Signaled QoS is not supported. • Supports both IPv4 and IPv6 HP-UX IPQoS can filter on IPv4 and IPv6 addresses. (For IPv6 addresses to be meaningful, you must to be running on an IPv6-enabled system.) • Provides a simple configuration file format HP-UX IPQoS configuration files are in text format and use a simple syntax. They can be created and maintained using any common HP-UX text editor, such as vi.
Introduction HP-UX IPQoS Architecture HP-UX IPQoS Architecture Figure 1-2 displays a high-level overview of the HP-UX IPQoS architecture. Figure 1-2 Architectural Overview As shown in Figure 1-2, HP-UX IPQoS operates in both user space and kernel space. Also shown in Figure 1-2, HP-UX IPQoS inserts a module between the IP and the DLPI layers, into the STREAMS plumbed by ifconfig. To insert this module: • HP-UX 11i v1: HP-UX IPQoS uses the autopush mechanism.
Introduction HP-UX IPQoS Architecture • HP-UX 11i v2: HP-UX IPQoS uses the INTERFACE_MODULES list in the /etc/rc.config.d/netconf and /etc/rc.config.d/netconf-ipv6 files. HP-UX IPQoS supports as many network adapters as are configured on the system (up to 128).
Introduction Planning for HP-UX IPQoS Deployment Planning for HP-UX IPQoS Deployment Before you begin using HP-UX IPQoS, you must plan your implementation. The following sections discuss a high-level planning overview, general planning considerations including network-wide considerations, and HP-UX host specific planning considerations. Overview You need to begin by understanding the current traffic on your network.
Introduction Planning for HP-UX IPQoS Deployment As part of this analysis, you must understand the current factors preventing your organization from achieving its network performance goals. Then you can better understand how to use HP-UX IPQoS policies to achieve improvements in network performance. • Assess your network traffic. Analyze the baseline data on both your overall network as well as on your HP-UX hosts.
Introduction Planning for HP-UX IPQoS Deployment • Design and create HP-UX IPQoS configuration files (which include defined filters and policies) to achieve your identified goals and actions. HP-UX configuration files use filters to define categories of traffic from packet data fields and use policies to define behaviors to apply to the filters. Policies are assigned to configured adapters as part of the configuration file specifics.
Introduction Planning for HP-UX IPQoS Deployment 32 Chapter 1
2 Installing HP-UX IPQoS This chapter describes acquiring and installing HP-UX IPQoS.
Installing HP-UX IPQoS • “System Requirements” on page 35 • “Acquiring HP-UX IPQoS” on page 37 • “Installing HP-UX IPQoS” on page 38 • “Verifying the HP-UX IPQoS Installation” on page 40 • “Removing HP-UX IPQoS” on page 41 34 Chapter 2
Installing HP-UX IPQoS System Requirements System Requirements The following are system prerequisites for installing and running HP-UX IPQoS A.01.00.
Installing HP-UX IPQoS System Requirements HP-UX 11i v1 Patch Requirements The following patches are required on all HP-UX 11i v1 systems running HP-UX IPQoS A.01.00. The patches listed below are the minimum required patches. If available, use more recently released patches that supersede the patches listed below. You can download patches from the HP IT Resource Center patch database at: http://www.itrc.hp.com. • December 2004 Support Plus Patch Bundle (Quality Pack GOLDQPK11i)—B.11.11.0412.
Installing HP-UX IPQoS Acquiring HP-UX IPQoS Acquiring HP-UX IPQoS Follow these steps to download HP-UX IPQoS, free of charge, from HP Software Depot: Step 1. Go to HP Software Depot at http://www.hp.com/go/softwaredepot Step 2. Search for HP-UX IPQoS (keyword: IPQoS) and read the information on the HP-UX IPQoS product information page. Step 3. Click Receive for Free >> at the bottom of the page. Step 4. Select the appropriate HP-UX IPQoS release for your operating system version. Step 5.
Installing HP-UX IPQoS Installing HP-UX IPQoS Installing HP-UX IPQoS The following sections describe the HP-UX IPQoS installation steps. Initial Installation To install HP-UX IPQoS, follow these steps: Step 1. Review “System Requirements” on page 35 and ensure the system meets all the requirements. Step 2. Download HP-UX IPQoS, as described in “Acquiring HP-UX IPQoS” on page 37. Step 3. Load HP-UX IPQoS using swinstall. For example, if you saved the software to /tmp/IPQoS.
Installing HP-UX IPQoS Installing HP-UX IPQoS Step 3. Follow steps 2-4 of the preceding procedure (Installing HP-UX IPQoS). NOTE Chapter 2 HP-UX IPQoS uses the standard HP-UX “newconfig” method of preserving the original files by not overwriting them, but rather by creating files under “newconfig” directories for new information. Thus, the HP-UX IPQoS /opt/ipqos/db/ipqosdb.db (the active configuration database) and the /etc/rc.config.d/ipqos files remain unchanged.
Installing HP-UX IPQoS Verifying the HP-UX IPQoS Installation Verifying the HP-UX IPQoS Installation Use the following steps to verify that HP-UX IPQoS installed successfully: Step 1. View the following log files for error messages: • /var/adm/sw/swinstall.log • /var/adm/sw/swagent.log Step 2. Run swlist -l product HPUXIPQOS to verify that the product is present on the system.
Installing HP-UX IPQoS Removing HP-UX IPQoS Removing HP-UX IPQoS Follow these steps to remove (un-install) HP-UX IPQoS: Step 1. Edit /etc/rc.config.d/ipqos. Set IPQOS=0. Step 2. Reboot the system. NOTE For procedural information on how to avoid a reboot when stopping HP-UX IPQoS, see “Stopping HP-UX IPQoS - Without a Reboot” on page 53. Step 3. Use the swremove tool and specify the HP-UX IPQoS product name. Run the following command: #swremove HPUXIPQOS Step 4.
Installing HP-UX IPQoS Removing HP-UX IPQoS 42 Chapter 2
3 Getting Started with HP-UX IPQoS This chapter provides deployment information to help you get started using HP-UX IPQoS.
Getting Started with HP-UX IPQoS • “HP-UX IPQoS Deployment Components” on page 46 • “System Operation” on page 50 44 Chapter 3
Getting Started with HP-UX IPQoS HP-UX IPQoS Deployment Overview HP-UX IPQoS Deployment Overview The following procedure provides a high-level summary of the deployment process for HP-UX IPQoS. Step 1. Acquire and install HP-UX IPQoS. See Chapter 2, “Installing HP-UX IPQoS,” on page 33 for more information. Step 2. Create an HP-UX IPQoS configuration file. Configuration files are where specific IPQoS behaviors are defined for an HP-UX system.
Getting Started with HP-UX IPQoS HP-UX IPQoS Deployment Components HP-UX IPQoS Deployment Components The key administrative components used with HP-UX IPQoS are: • HP-UX IPQoS configuration files • HP-UX IPQoS ipqosadmin administration tool The following sections provide overview information about each of these components. HP-UX IPQoS Configuration Files HP-UX IPQoS filters and policies are defined in HP-UX IPQoS configuration files as follows: — Filters define traffic classes (filter blocks).
Getting Started with HP-UX IPQoS HP-UX IPQoS Deployment Components The Role of Policies Policies are used to decide what happens to selected classes of traffic. Policies work to translate business-level goals into specific operational behaviors. Tailor your policies to address specific traffic management issues.
Getting Started with HP-UX IPQoS HP-UX IPQoS Deployment Components } # ##### Simple Configuration File Example The following is an example of a valid configuration file that prioritizes outbound traffic with a destination address in the 20.*.*.* network. In this example, outbound traffic on lan0 will adhere to policy dst20net_p, for traffic matching filter dst20net_f. ######## # File for prioritizing traffic to specific destinations # #### # filter selects traffic going to destination addresses in the 20.
Getting Started with HP-UX IPQoS HP-UX IPQoS Deployment Components ipqosadmin Administration Utility HP-UX IPQoS has one command-line administration utility, ipqosadmin, to use for all administrative tasks related to HP-UX IPQoS.
Getting Started with HP-UX IPQoS System Operation System Operation This section provides information about relevant HP-UX IPQoS operating states including the state after initial boot and the state after reboots. It also describes how to start and stop HP-UX IPQoS without needing to reboot the system. HP-UX IPQoS Operating States HP-UX IPQoS operates in one of three possible states. Table 3-1 lists these states.
Getting Started with HP-UX IPQoS System Operation State After Reboot The HP-UX IPQoS state is preserved (unchanged) after planned and unplanned reboots. If previously present, the active configuration is also reloaded and thus is preserved. Start and Stop Scripts The start and stop scripts for HP-UX IPQoS are located in /sbin/init.d/ipqos_dne and /sbin/init.d/ipqos. These two scripts are run each time the system boots. The /sbin/init.
Getting Started with HP-UX IPQoS System Operation Scenarios where you may want to do this include the following: You do not want to reboot the system and: — you are installing the software for the first time — you have stopped HP-UX IPQoS (using the procedure that avoids a reboot) and you wish to restart HP-UX IPQOS either with the current software or with an updated version of the software that you have just installed.
Getting Started with HP-UX IPQoS System Operation If this is the first time you are starting HP-UX IPQoS after an initial install the expected state is ENABLED BUT NOT FILTERING. If this starting of HP-UX IPQoS follows a previous stopping of HP-UX IPQoS without a reboot, the state is restored to whatever it was when HP-UX IPQoS was stopped (that is either ENABLED but NOT FILTERING or ENABLED and FILTERING).
Getting Started with HP-UX IPQoS System Operation Step 3. Run the following command: #/sbin/init.d/ipqos_dne stop NOTE In HP-UX 11i v1 and HP-UX 11i v2, if you have not completed the #/sbin/init.d/ipqos stop step, you will receive a device busy message when you run this command. That step must precede issuing this command. In HP-UX 11i v1, certain applications may have opened the DLPI device and not closed it, in which case you get a device busy message when you run this command.
4 HP-UX IPQoS Configuration Files This chapter explains how to create HP-UX IPQoS configuration files.
HP-UX IPQoS Configuration Files • “Configuration File Syntax” on page 58 • “Creating an HP-UX IPQoS Configuration File” on page 61 • “Filter Blocks” on page 64 • “Policy Blocks” on page 71 • “Adapter Blocks” on page 76 56 Chapter 4
HP-UX IPQoS Configuration Files Introduction Introduction You activate HP-UX IPQoS on your HP-UX system by creating and loading a configuration file. You can create configuration files using a text editor, such as vi. As part of creating configuration files, you define one or more filters and policies, and assign these to configured adapters. NOTE HP-UX IPQoS configuration files can be located in any directory; and there are no restrictions on configuration file names.
HP-UX IPQoS Configuration Files Configuration File Syntax Configuration File Syntax This section provides a simple example of a valid HP-UX IPQoS configuration file and several general rules that apply to HP-UX IPQoS configuration files. For more specific syntax information, See “Filter Blocks” on page 64, “Policy Blocks” on page 71, and “Adapter Blocks” on page 76. A sample configuration file follows.
HP-UX IPQoS Configuration Files Configuration File Syntax — Policy blocks define how traffic classes will be handled (metered, marked or both). Keywords identify specific attributes of a policy, including which filters are being used by a policy. — Adapter blocks assign policies to specific configured adapters (NICs) on the system. Adapter names must correspond to PPA names that can be listed by the lanscan command at the time HP-UX IPQoS is started.
HP-UX IPQoS Configuration Files Configuration File Syntax • Numeric attributes must be valid numbers for their presumed radix, and must be within the allowable range for the specific attribute. • Host names must resolve to IP addresses. • Blocks cannot be nested. The appearance of the keyword (adapter, policy, filter) that begins a block also implicitly terminates the previous block.
HP-UX IPQoS Configuration Files Creating an HP-UX IPQoS Configuration File Creating an HP-UX IPQoS Configuration File The following procedure provides a simple example of how to create an HP-UX IPQoS configuration file. In this example, outbound traffic on lan0 and lan1 must adhere to the policy limit_ftp_policy for all traffic that matches the filter limit_ftp_filter.
HP-UX IPQoS Configuration Files Creating an HP-UX IPQoS Configuration File This example defines one policy, limit_ftp_policy. This policy allows outbound traffic that matches filter limit_ftp_filter a maximum of 25% of the available network bandwidth of any adapter using this policy. Step 4. In the file, create adapter blocks for all the adapters you need to assign policies to.
HP-UX IPQoS Configuration Files Creating an HP-UX IPQoS Configuration File max 25% } #### ## define an adapter block for lan0 #### adapter lan0 { uses limit_ftp_policy } #### ## define an adapter block for lan1 #### adapter lan1 { uses limit_ftp_policy } # ####end of file Step 6. Use ipqosadmin to verify the configuration file is valid. Run the following command: #ipqosadmin -verify -f ftp_mgmt.
HP-UX IPQoS Configuration Files Filter Blocks Filter Blocks A filter defines a traffic class. A traffic class is the set of all possible packets that match the filter. The filter keyword marks the start of a filter block definition. The string immediately following the filter keyword is the name of the block.
HP-UX IPQoS Configuration Files Filter Blocks • Attributes ending in lo[w] or hi[gh] must have a numerical value specified, a name is not allowed. • If you specify srcaddrlo and not srcaddrhi, or vice-versa, it is equivalent to specifying both as having the same value. The same is true for dstaddrlo and dstaddrhi, srcportlo and srcporthi, dstportlo and dstporthi. Essentially, this is the same as specifying srcaddr, dstaddr, srcport or dstport.
HP-UX IPQoS Configuration Files Filter Blocks srcportlo[w] number Low end of the source port number range. srcporthi[gh] number High end of the source port number range. dstportlo[w] number Low end of the destination port number range. dstporthi[gh] number High end of the destination port number range. srcport number or servicename Source port. This is equivalent to specifying the same value for srcportlo and srcporthi.
HP-UX IPQoS Configuration Files Filter Blocks Syntax Rules The following rules apply to address and port attributes: • Specify addresses and ports as singles or ranges. • Specify IP addresses using the dot-notation for IPv4 and colon-notation for IPv6. The address family of the first specified IP address determines the address family recognized by the filter. If you specify an IPv4 address the filter matches IPv4 packets. The same applies for IPv6.
HP-UX IPQoS Configuration Files Filter Blocks To use this shortcut, the transport protocol specified must be by name, not by number. For example, specifying dstport http/6 is not allowed.
HP-UX IPQoS Configuration Files Filter Blocks Table 4-2 Supported Network Protocol Numbers Network Protocol Numbers Protocol 0x800 IP over Ethernet 0x86DD IPv6 over Ethernet dscplo[w] n Low end of DSCP field range. Valid range is 0 to 63 inclusive. dscphi[gh] n High end of DSCP field range. Valid range is 0 to 63 inclusive. Specifying both dscplo and dscphi creates a filter that only matches traffic with DSCP fields within that range.
HP-UX IPQoS Configuration Files Filter Blocks pri[ority] p Priority. Valid range is 1 to 2147483647, inclusive. Use the priority filter attribute to assign relative importance to filters. The lower the number the higher the priority. Hence, the highest priority is 1. The priority attribute is only relevant in cases where a packet matches a traffic class in more than one filter. In such cases, the policy applied to the packet is determined by the policy using the filter with the highest priority.
HP-UX IPQoS Configuration Files Policy Blocks Policy Blocks Policies define how HP-UX IPQoS handles outbound matching traffic classes (outbound packets that match specified filters). The policy keyword marks the start of a policy block definition. The string immediately following the policy keyword is the name of the block. The pseudo-syntax of a policy block is as follows: policy policyname { policy_attributes } The traffic the policy acts on is determined by which filters are used by the policy.
HP-UX IPQoS Configuration Files Policy Blocks res[ervation] b1[suffix] Reserves the specified amount of bandwidth, b1[suffix], for outbound traffic matching any filter used by the policy. Whenever there is less traffic in this class than the reservation specified, unused bandwidth is available for other traffic. The b1 parameter specifies the numeric value of the reservation bandwidth. The [suffix] parameter can be either a percent sign (%) or one of the letters k, K, m, or M.
HP-UX IPQoS Configuration Files Policy Blocks For example, assume lan1 speed is 100Mbps and lan5000 and lan5001 are based on lan1. The aggregate of the reservations of all policies for lan5000, lan5001 and lan1 cannot exceed the speed of lan1 (100Mbps) minus 80Kbps. NOTE Circumstances beyond the control of the HP-UX IPQoS software can affect the transmission rate. For example, a hub or switch might be completely saturated by traffic from other hosts.
HP-UX IPQoS Configuration Files Policy Blocks IMPORTANT Traffic regulation is approximate, not exact. Acceptable tolerance is plus or minus 10% of specified res and max rates. IMPORTANT Both res bandwidth and max bandwidth specifications apply only to first-hop transmission rates and do not imply any sort of end-to-end bandwidth guarantee. dscp d Specifies the DSCP value to be set in all matching packets.
HP-UX IPQoS Configuration Files Policy Blocks Packets not sent on a VLAN, but that are regulated by a policy that specifies a VLAN priority, are given a VLAN header. This header contains a VLAN ID of zero (0) and the specified VLAN priority. You cannot specify this attribute if the relevant adapter is not a VLAN. NOTE For HP-UX IPQoS to be able to set the VLAN priority, you must ensure that the VLAN_PRI_OVERRIDE parameter for that VLAN is set to IP_HEADER in /etc/rc.config.d/vlanconf.
HP-UX IPQoS Configuration Files Adapter Blocks Adapter Blocks The adapter block lists the policies applied to outbound traffic, on specified adapters. The adapter keyword marks the start of an adapter block definition. You do not create names for specified adapters. Adapter names must correspond to PPA names that can be listed by the lanscan command at the time HP-UX IPQoS is started. The syntax of an adapter block is as follows: adapter adaptername { uses policyname [policyname...
HP-UX IPQoS Configuration Files Adapter Blocks #### adapter lan0 { uses policy1, policy2, policy3 } adapter lan1 { uses policy3, policy4, policy5 uses policy6, policy7 } #### If the HP-UX host has adapters lan0, lan1, and lan2 configured, then lan2 operates outside of HP-UX IPQoS control.
HP-UX IPQoS Configuration Files Adapter Blocks 78 Chapter 4
5 Administering HP-UX IPQoS This chapter primarily explains how to use the ipqosadmin administration utility.
Administering HP-UX IPQoS • “Administering HP-UX IPQoS Operating States” on page 83 • “Displaying State Information” on page 86 • “Verifying a Configuration File” on page 87 • “Loading a Configuration File” on page 89 • “Unloading a Configuration” on page 91 • “Showing Configuration Information” on page 92 • “Showing Statistics” on page 94 • “Setting and Showing Log Level” on page 96 For quick reference summary information on ipqosadmin, see Appendix C, “ipqosadmin Quick Reference,” on page
Administering HP-UX IPQoS ipqosadmin Overview ipqosadmin Overview HP-UX IPQoS has one command-line administration utility, ipqosadmin. It provides options for all the administrative tasks you need to perform on HP-UX IPQoS. ipqosadmin Options and Administrative Actions The options and associated actions ipqosadmin performs are as follows: Options: Actions: -state Shows the current state of HP-UX IPQoS. (This is the default if no option is specified.) -verify Verifies a configuration file.
Administering HP-UX IPQoS ipqosadmin Overview You can also control what HP-UX IPQoS configuration is in place at any time through scripts such as sh, ksh, csh, or perl. The ipqosadmin utility, as a command-line interface, rather than a graphical user interface, helps facilitate this. Be aware of message related options when using ipqosadmin in scripts. The scripts can be submitted to the cron utility.
Administering HP-UX IPQoS Administering HP-UX IPQoS Operating States Administering HP-UX IPQoS Operating States HP-UX IPQoS has three operating states: • DISABLED • ENABLED but NOT FILTERING • ENABLED and FILTERING During normal operations HP-UX IPQoS is typically in one of the two ENABLED states. In rare cases, you may want HP-UX IPQoS to be put in the DISABLED state or to be changed to an ENABLED state from the DISABLED state.
Administering HP-UX IPQoS Administering HP-UX IPQoS Operating States — change state from ENABLED but NOT FILTERING to ENABLED and FILTERING — or keep state in ENABLED and FILTERING (while replacing the active configuration with the newly loaded file) (If -load fails, state is not changed.
Administering HP-UX IPQoS Administering HP-UX IPQoS Operating States If the command is successful it reloads and re-initializes the HP-UX IPQoS Filtering module, restores the state and configuration information saved at the time HP-UX IPQoS was disabled (when /sbin/init.d/ipqos stop was run), and sets the log level to the value set in the IPQOS_LOG_LEVEL parameter in the /etc/rc.config.d/ipqos file. If the command fails, examine the displayed error messages to determine possible next steps.
Administering HP-UX IPQoS Displaying State Information Displaying State Information To determine the state of HP-UX IPQoS, use the -state option of ipqosadmin.
Administering HP-UX IPQoS Verifying a Configuration File Verifying a Configuration File To verify a configuration file, use the -verify option of ipqosadmin. This option verifies the specified configuration file for syntactical correctness. It does not load the configuration and it has no impact on the state of HP-UX IPQoS. If a configuration is active, it continues to be active even after the -verify of another configuration is run.
Administering HP-UX IPQoS Verifying a Configuration File Example The following example verifies a file; because -verbose is specified, informative messages are displayed. #ipqosadmin -verify -f /user1/qosconf_A/qos_1.cfg -verbose INFO: Optimizing configuration: INFO: Optimization complete. INFO: Checking adapter lan0 for overlapping filters... ipqosadmin -verify: Operation succeeded.
Administering HP-UX IPQoS Loading a Configuration File Loading a Configuration File To load a configuration file, use the -load option of ipqosadmin. The -load option first verifies, then if successful, loads and activates the specified configuration. If successful, -load results in the HP-UX IPQoS state being ENABLED and FILTERING. If successful, the exit status returned to the shell (“$?”) from running ipqosadmin -load is 0, otherwise it returns 1.
Administering HP-UX IPQoS Loading a Configuration File [-a[bort]] Warnings are fatal (treated as errors). The verification and load process fails if any warning messages are generated. Default: -abort [-c[ontinue]] Warnings are sent to stdout, but the presence of warnings alone does not cause the verification and load process to fail. Default: Not specified. NOTE The -abort option and the -continue option are mutually exclusive. Example The following example loads a file.
Administering HP-UX IPQoS Unloading a Configuration Unloading a Configuration To unload a configuration, use the -unload option of ipqosadmin. If you try to display the configuration you unloaded, it is not visible. If the state was ENABLED and FILTERING, it changes to ENABLED but NOT FILTERING. If the state was ENABLED but NOT FILTERING, it remains so. Use the -unload option when you do not want to operate with any HP-UX IPQoS configuration.
Administering HP-UX IPQoS Showing Configuration Information Showing Configuration Information To show configuration information, use the -sc|-showconfig option of ipqosadmin. Active configuration information is displayed if HP-UX IPQoS is in the ENABLED and FILTERING state. In the other states (ENABLED but NOT FILTERING or DISABLED), there is no configuration information to display. If successful, the exit status returned to the shell (“$?”) from running ipqosadmin -showconfig is 0, otherwise it returns 1.
Administering HP-UX IPQoS Showing Configuration Information Policy: p0 Reservation: 60% Max: 95% Filter: f0 Destination address range: 20.0.0.0 - 20.255.255.255 Priority: 16 Policy: p1 Reservation: 15% Max: 95% Filter: f1 Destination address range: 30.0.0.0 - 255.255.255 Priority: 17 # NOTE The Name: value shown at the beginning of the ipqosadmin -showconfig output is always current. Example 2 The following example displays output from ipqosadmin -showconfig when the state is ENABLED but NOT FILTERING.
Administering HP-UX IPQoS Showing Statistics Showing Statistics To show or reset current statistics on the active configuration, use the -ss|-showstats option of ipqosadmin. Statistics are displayed if HP-UX IPQoS is in the ENABLED and FILTERING state. In the other states (ENABLED but NOT FILTERING or DISABLED), there are no statistics to display. If successful, the exit status returned to the shell (“$?”) from running ipqosadmin -showstats is 0, otherwise it returns 1.
Administering HP-UX IPQoS Showing Statistics Example 1 The following example displays output from ipqosadmin -showstats when the state is ENABLED and FILTERING. #ipqosadmin -showstats HP-UX IPQoS is ENABLED and FILTERING.
Administering HP-UX IPQoS Setting and Showing Log Level Setting and Showing Log Level To set and show the current log level of HP-UX IPQoS kernel messages, use the -log[level] option of ipqosadmin. By default, HP-UX kernel messages are sent to /var/adm/syslog/syslog.log. By default and at reboot, the log level is set to error. Changes to the log level are not maintained across reboots.
Administering HP-UX IPQoS Setting and Showing Log Level #ipqosadmin -loglevel warn ipqosadmin -loglevel: Log level = Warning # Chapter 5 97
Administering HP-UX IPQoS Setting and Showing Log Level 98 Chapter 5
6 Troubleshooting HP-UX IPQoS This chapter provides procedures to troubleshoot HP-UX IPQoS.
Troubleshooting HP-UX IPQoS • “Troubleshooting Tools” on page 102 • “Troubleshooting Scenarios” on page 104 • “Sample Error and Warning Messages” on page 109 • “Reporting Problems to HP” on page 111 100 Chapter 6
Troubleshooting HP-UX IPQoS Overview Overview To troubleshoot HP-UX IPQoS use the ipqosadmin utility and general HP-UX networking utilities not specific to HP-UX IPQoS. The ipqosadmin utility provides configuration specifics and statistical information on the active HP-UX IPQoS configuration. Use this information to examine whether the configured policies are meeting your network traffic management goals and expectations.
Troubleshooting HP-UX IPQoS Troubleshooting Tools Troubleshooting Tools The following sections describe the tools you can use to troubleshoot HP-UX IPQoS. HP-UX IPQoS ipqosadmin Utility Use the ipqosadmin utility to obtain information about HP-UX IPQoS. Output from ipqosadmin is sent to stdout and errors are sent to stderr. Refer to ipqosadmin (1M) for more detailed information on ipqosadmin. Table 6-1 lists a few common tasks you can perform using ipqosadmin.
Troubleshooting HP-UX IPQoS Troubleshooting Tools To receive information messages sent when verifying or loading a configuration file, use the -verbose option. Run the following command: #ipqosadmin -verify|-load -f filename -verbose Examine error, warning and informative messages for any unexpected information. • Examine the active configuration and determine if it meets your expectations.
Troubleshooting HP-UX IPQoS Troubleshooting Scenarios Troubleshooting Scenarios This section contains information about a few possible troubleshooting scenarios, including symptoms and solutions. Installation Scenario: HP-UX IPQoS Installation Fails Problem HP-UX IPQoS installation fails. Symptoms Output from running: swinstall -x resinstall=true -s /tmp/IPQoS.depot HPUXIPQOS indicates a failure or problem. Solution 1. Verify that installation requirements have been met.
Troubleshooting HP-UX IPQoS Troubleshooting Scenarios Solution 1. Examine the error messages that appear upon failure. Several errors such as basic syntax errors are easily diagnosed from the messages. 2. Determine if the verification is failing due to the presence of warning messages. Use the -verbose option to display warning messages. Run the following command: #ipqosadmin -verify -f -verbose 3. Review the configuration file closely to ensure it is written as you intended.
Troubleshooting HP-UX IPQoS Troubleshooting Scenarios Solution Use ipqosadmin to change the state. For example, if you want the state to be ENABLED but NOT FILTERING and it currently is ENABLED and FILTERING, run the following command: #ipqosadmin -unload Conversely, if you want HP-UX IPQoS to be actively filtering and it is not, run the following command: #ipqosadmin -load -f filename NOTE If you specify the -verbose option a message is displayed indicating if the -unload or -load was successful.
Troubleshooting HP-UX IPQoS Troubleshooting Scenarios #ipqosadmin -load -f filename -verbose 3. Examine the statistics on the active HP-UX IPQoS configuration to determine if they indicate the cause of any problem. #ipqosadmin -showstats 4. If steps 1-3 are complete and traffic is still not performing as expected, unload the HP-UX IPQoS configuration using the following command: #ipqosadmin -unload 5. Verify that traffic, when not subject to HP-UX IPQoS control, still meets your expectations.
Troubleshooting HP-UX IPQoS Troubleshooting Scenarios 3. You can then use reinstate.cfg as a base to create other configuration files from. Internal Error from Corrupt or Missing HP-UX IPQoS Database File Problem HP-UX IPQoS database file is corrupted or missing. Symptoms An HP-UX IPQoS Internal Error message appears while using HP-UX IPQoS. Solution The active configuration is kept in a database file located in /opt/ipqos/db/ipqosdb.db.
Troubleshooting HP-UX IPQoS Sample Error and Warning Messages Sample Error and Warning Messages This section describes a few of the possible error, warning, and informational messages you can receive and the corrective action you can take to resolve the problem. The following table describes a sample of the error messages you can encounter when trying to verify or load a configuration file. Table 6-2 Sample Error Messages Message Resolution ERROR: '%s' is not of the proper IP address family.
Troubleshooting HP-UX IPQoS Sample Error and Warning Messages Table 6-3 Sample Warning and Informational Messages Message Resolution INFO: Filter '%s' requires expansion due to use of domain names in attributes requiring IP addresses. Be aware that specifying domain names can lead to the creation of multiple filters. INFO: Filter '%s' requires expansion due to use of service names in attributes requiring IP addresses.
Troubleshooting HP-UX IPQoS Reporting Problems to HP Reporting Problems to HP When reporting problems to HP, include the following information: • A complete description of the problem and any error messages. Include information about: — the local system (IP addresses) — IP addresses of relevant remote systems — log files such as /var/adm/syslog/syslog.log — routing table information (netstat -rn output) if appropriate Include a description of what works, as well as what does not work.
Troubleshooting HP-UX IPQoS Reporting Problems to HP 112 Chapter 6
A HP-UX IPQoS Configuration File Attributes: Quick Reference This appendix provides a summary of all available HP-UX IPQoS configuration file attributes.
HP-UX IPQoS Configuration File Attributes: Quick Reference Summary of Configuration File Attributes Summary of Configuration File Attributes The following tables list and briefly describe the syntax of all attributes available for each block type (filter, policy, adapter) of the HP-UX IPQoS configuration file.
HP-UX IPQoS Configuration File Attributes: Quick Reference Summary of Configuration File Attributes Table A-1 Filter Attributes (Continued) Attribute Definition port number or servicename Port used as source and destination port. Implicitly creates two filters that otherwise have the same attributes. xport n IP protocol field contains the value n (see /etc/protocols) protocol n Interchangeable with xport n net[proto] n Network protocol number of n (see /usr/include/netinit/if_ether.
HP-UX IPQoS Configuration File Attributes: Quick Reference Summary of Configuration File Attributes Table A-2 Policy Attributes Attribute Definition policy policyname Name of the policy block being defined uses filtername [[filtername]...] The filters the policy uses res[ervation] b1[suffix] The reserved bandwidth for traffic matching any filter attached to the policy. The [suffix] can be %, k, K, m, or M. No white space is allowed between b1 and the [suffix].
B HP-UX IPQoS Configuration File Examples This appendix provides four HP-UX IPQoS configuration file examples, each with unique IPQoS goals.
HP-UX IPQoS Configuration File Examples no restrictions on file names. You can choose to use a common suffix, such as .qosconf to easily identify them. File naming convention choices can be determined by personal preference based on individual and organizational needs. A sample configuration file is also provided in /opt/ipqos/examples/example.cfg.
HP-UX IPQoS Configuration File Examples Example 1: Premium Services Class Web Server Example 1: Premium Services Class Web Server This example shows a configuration file that provides differentiated service for three traffic classes: • http (port 80) • videosrv (assumes this exists in /etc/services on the local host) • all (other) IPv4 traffic #### # Sample file of a three-policy HP-UX IPQoS configuration. # One policy is for HTTP (port 80) traffic.
HP-UX IPQoS Configuration File Examples Example 1: Premium Services Class Web Server policy videoservice_p1 { uses videoselect res 45% max 100% dscp 10 } policy other_v4_p { uses other_v4 res 1M } adapter lan0 { uses premwebservice_p1, videoservice_p1, other_v4_p } # # This file can be replicated on all premium services servers. #### In this example, the res and max attributes are specified as percentages rather than absolutes, to facilitate replicating this configuration file on several servers.
HP-UX IPQoS Configuration File Examples Example 2: Trusted Applications and DSCP Example 2: Trusted Applications and DSCP This example shows how to avoid overwriting the DSCP field of traffic from an originating application that sets a DSCP value. Use this type of configuration for trusted applications that include their own DSCP setting.
HP-UX IPQoS Configuration File Examples Example 3: Packets Can Match Multiple Filters Example 3: Packets Can Match Multiple Filters This example illustrates packets matching more than one filter. #### # Sample file for packets matching more than one filter # filter generic_http { port http priority 90 } filter specific_http { port http dstaddrlo 15.0.0.0 dstaddrhi 15.255.255.
HP-UX IPQoS Configuration File Examples Example 4: Limit ftp Bandwidth Example 4: Limit ftp Bandwidth In this example, a policy is set up to limit ftp bandwidth to 150kb/s. Since ftp operates on consecutive ports 20 and 21, the policy can use a port number range.
HP-UX IPQoS Configuration File Examples Example 4: Limit ftp Bandwidth 124 Appendix B
C ipqosadmin Quick Reference This appendix provides an ipqosadmin usage syntax summary as well as a quick reference summary of ipqosadmin actions and corresponding syntax.
ipqosadmin Quick Reference ipqosadmin Usage Syntax Summary ipqosadmin Usage Syntax Summary A summary of the ipqosadmin usage syntax is as follows: Usage: ipqosadmin ipqosadmin ipqosadmin ipqosadmin ipqosadmin ipqosadmin ipqosadmin ipqosadmin -verbose -abort -continue -silent -text -conf -reset -help -v[erify] -f[ile] [-verbose] -l[oad] -f[ile] [-verbose] [-a[bort]|-c[ontinue]] -u[nload] [-s[ilent]] [-st[ate] [-s[ilent]]] -sc|-showconfig [-t[ext]|-c[onf]] -ss|-showstats [
ipqosadmin Quick Reference ipqosadmin Syntax Quick Reference ipqosadmin Syntax Quick Reference Table C-1 provides a quick reference summary of ipqosadmin actions and corresponding syntax. Table C-1 ipqosadmin Syntax Quick Reference Verify an HP-UX IPQoS Configuration File -v[erify] -f[ile] filename [-verbose] Required parameter: -file filename Default for optional parameters: None Actions: Verifies the HP-UX IPQoS configuration file specified. By default, information messages are suppressed.
ipqosadmin Quick Reference ipqosadmin Syntax Quick Reference Table C-1 ipqosadmin Syntax Quick Reference (Continued) Show State Information [-st[ate] [-s[ilent]]] Required parameter: None. Default for optional parameters: None. Actions: By default, displays current state of HP-UX IPQoS to stdout. Message is suppressed if -silent is specified.
ipqosadmin Quick Reference ipqosadmin Syntax Quick Reference Table C-1 ipqosadmin Syntax Quick Reference (Continued) Show Statistics Information -ss|-showstats [...|-r[eset]] Required parameter: None. Default for optional parameters: None. Actions: By default, displays statistics for all configured adapters, policies and filters. If entities are specified, displays statistics for specified entities only.
ipqosadmin Quick Reference ipqosadmin Syntax Quick Reference 130 Appendix C
Glossary adapter block In the context of an HP-UX IPQoS configuration file, defines a specific adapter controlled by HP-UX IPQoS, and the policies it uses. bandwidth The amount of data that can be sent over a network in a fixed amount of time. Typically expressed in bits per second (or in Kb/s or Mb/s). bandwidth limiting Lowering the rate at which data can be sent; preventing a traffic source from sending as fast as it otherwise can.
Glossary meter meter A device that measures the rate of a traffic stream selected by a classifier. The instantaneous state of this process can be used to affect the operation of a marker, shaper, or policer. per hop behavior (PHB) The externally observable forwarding treatment applied at a DS-compliant node to a collection of packets with the same DSCP.
Index A acquiring HP-UX IPQoS, 37 adapter attributes quick reference, 116 specific attribute information, 77 adapter blocks, 46, 59 administering HP-UX IPQoS, 45 API, 26 architectural overview, 27 assisted forwarding (AF), 23 B benefits of HP-UX IPQoS, 19 C configuration file example, 117, 120–122 configuration files editing, 57 role in HP-UX IPQoS deployment, 45–46 sharing on multiple machines, 31 syntax, 26, 59–60 D deploying HP-UX IPQoS, 45 Differentiated Services See DiffServ Differentiated Services Cod
Index N network protocol numbers, 69 O operating states of HP-UX IPQoS, 50, 83 DISABLED, 50, 83 ENABLED and FILTERING, 50, 83 ENABLED but NOT FILTERING, 50, 83 /opt/ipqos/examples/example.
Index VLAN, 19, 21, 23–25, 47, 71 135
